1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Am I infected? HJ log

Discussion in 'Virus & Other Malware Removal' started by xanakis, Apr 2, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. xanakis

    xanakis Thread Starter

    Joined:
    Apr 2, 2010
    Messages:
    5
    Hi

    I started getting messages apparently from Windows telling me I was infected ith various viruses and email worms and trojans and it prompted me to download something. Kaspersky finds nothing though and my computer seems to be running normally.

    I didn't download what it was telling me to download. I got Hijack This, printed off a log and came straight here.

    Thanks in advance for any help

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:09:00, on 02/04/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17023)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\Program Files\Kontiki\KHost.exe
    C:\Program Files\Virgin Media\HUB\VirginMediaHUB.exe
    C:\Program Files\GIGABYTE\GEST\GEST.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\WINDOWS\STK02N\STK02NM.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Kontiki\KService.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Virgin Media\HUB\ServicepointService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\GIGABYTE\GEST\GSvr.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [GEST] C:\Program Files\GIGABYTE\GEST\RUN.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
    O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all
    O4 - HKLM\..\Run: [VirginMediaHUB.exe] "C:\Program Files\Virgin Media\HUB\VirginMediaHUB.exe" /AUTORUN
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: STK02N 2.4 PNP Monitor.lnk = ?
    O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1225850958062
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe
    O23 - Service: Google Update Service (gupdate1c9b3e19dec9b74) (gupdate1c9b3e19dec9b74) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: ServicepointService - Radialpoint Inc. - C:\Program Files\Virgin Media\HUB\ServicepointService.exe
    --
    End of file - 7037 bytes
     
  2. xanakis

    xanakis Thread Starter

    Joined:
    Apr 2, 2010
    Messages:
    5
    Bump.
     
  3. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
  4. xanakis

    xanakis Thread Starter

    Joined:
    Apr 2, 2010
    Messages:
    5
    OK. Both logs here as requested:


    DDS (Ver_10-03-17.01) - NTFSx86
    Run by John at 12:40:00.81 on 06/04/2010
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1441 [GMT 1:00]
    AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    ============== Running Processes ===============
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\GIGABYTE\GEST\GEST.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\Program Files\Kontiki\KHost.exe
    C:\Program Files\Virgin Media\HUB\VirginMediaHUB.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\WINDOWS\STK02N\STK02NM.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Kontiki\KService.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Virgin Media\HUB\ServicepointService.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\GIGABYTE\GEST\GSvr.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\John\Desktop\dds.com
    ============== Pseudo HJT Report ===============
    uStart Page = hxxp://www.google.co.uk/
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2009\ievkbd.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\MSMSGS.EXE" /background
    uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
    uRun: [kdx] c:\program files\kontiki\KHost.exe -all
    mRun: [GEST] c:\program files\gigabyte\gest\RUN.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2009\avp.exe"
    mRun: [kdx] "c:\program files\kontiki\KHost.exe" -all
    mRun: [VirginMediaHUB.exe] "c:\program files\virgin media\hub\VirginMediaHUB.exe" /AUTORUN
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\stk02n~1.lnk - c:\windows\stk02n\STK02NM.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky anti-virus 2009\SCIEPlgn.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225850958062
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    Notify: klogon - c:\windows\system32\klogon.dll
    AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    ============= SERVICES / DRIVERS ===============
    R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-4-16 112144]
    R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
    R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2008-11-6 213520]
    R2 AVP;Kaspersky Anti-Virus;c:\program files\kaspersky lab\kaspersky anti-virus 2009\avp.exe [2008-4-25 201992]
    R2 ServicepointService;ServicepointService;c:\program files\virgin media\hub\ServicepointService.exe [2010-3-23 668912]
    R3 GEST Service;GEST Service for program management.;c:\program files\gigabyte\gest\GSvr.exe [2008-11-1 47624]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-3-25 24592]
    S2 gupdate1c9b3e19dec9b74;Google Update Service (gupdate1c9b3e19dec9b74);c:\program files\google\update\GoogleUpdate.exe [2009-4-2 133104]
    =============== Created Last 30 ================
    2010-04-02 13:08:50 0 d-----w- c:\program files\Trend Micro
    2010-03-30 23:50:03 0 d-----w- c:\program files\iPod
    2010-03-30 23:49:56 0 d-----w- c:\program files\iTunes
    2010-03-30 23:49:56 0 d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    2010-03-30 23:46:07 0 d-----w- c:\program files\Bonjour
    2010-03-24 21:40:04 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
    2010-03-24 06:19:09 0 d-----w- c:\windows\system32\XPSViewer
    2010-03-24 06:18:37 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2010-03-24 06:18:37 117760 ------w- c:\windows\system32\prntvpt.dll
    2010-03-24 06:18:36 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2010-03-24 06:18:36 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2010-03-24 06:18:36 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2010-03-24 06:18:36 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2010-03-24 06:18:36 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2010-03-24 06:18:36 0 d-----w- C:\caa7a8a369b1ee46211ee7
    2010-03-23 22:52:42 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
    2010-03-23 22:52:20 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
    2010-03-23 22:52:20 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
    2010-03-23 13:28:39 0 d-----w- c:\docume~1\john\applic~1\Virgin Media
    2010-03-23 13:28:35 0 d-----w- c:\docume~1\alluse~1\applic~1\Radialpoint
    2010-03-23 13:28:33 0 d-----w- c:\program files\Virgin Media
    2010-03-23 13:28:33 0 d-----w- c:\docume~1\alluse~1\applic~1\Virgin Media
    2010-03-17 20:53:42 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2010-03-17 20:53:42 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2010-03-13 13:57:24 40960 ----a-w- c:\windows\system32\STK02NP.ax
    2010-03-13 13:57:24 33728 ----a-w- c:\windows\system32\drivers\STK02NW1.sys
    2010-03-13 13:57:24 101520 ----a-w- c:\windows\system32\drivers\STK02NW2.sys
    2010-03-13 13:57:23 0 d-----w- c:\windows\STK02N
    2010-03-11 23:53:33 287 ----a-w- c:\windows\game.ini
    2010-03-11 23:49:07 0 d-----w- c:\program files\Activision
    2010-03-11 23:45:06 0 d-sh--w- c:\windows\ftpcache
    ==================== Find3M ====================
    2010-04-06 11:25:06 16608 ----a-w- c:\windows\gdrv.sys
    2010-04-06 03:03:25 557088 --sha-w- c:\windows\system32\drivers\fidbox2.dat
    2010-04-06 03:03:25 2984 --sha-w- c:\windows\system32\drivers\fidbox2.idx
    2010-04-06 03:03:25 2146848 --sha-w- c:\windows\system32\drivers\fidbox.dat
    2010-04-06 03:03:25 17852 --sha-w- c:\windows\system32\drivers\fidbox.idx
    2010-03-23 14:27:31 95259 ----a-w- c:\windows\system32\drivers\klick.dat
    2010-03-23 14:27:31 108059 ----a-w- c:\windows\system32\drivers\klin.dat
    2010-03-11 12:38:54 832512 ----a-w- c:\windows\system32\wininet.dll
    2010-03-11 12:38:52 78336 ----a-w- c:\windows\system32\ieencode.dll
    2010-03-11 12:38:51 17408 ------w- c:\windows\system32\corpol.dll
    2010-02-12 10:46:14 91424 ----a-w- c:\windows\system32\dnssd.dll
    2010-02-12 10:46:14 107808 ----a-w- c:\windows\system32\dns-sd.exe
    2008-11-14 01:52:31 6654466 ----a-w- c:\program files\LightHeaded-r255.zip
    ============= FINISH: 12:40:31.45 ===============




    DDS (Ver_10-03-17.01)
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 01/11/2008 18:54:09
    System Uptime: 04/06/2010 12:24:06 (-1416 hours ago)
    Motherboard: Gigabyte Technology Co., Ltd. | | EP31-DS3L
    Processor: Intel Pentium III Xeon processor | Socket 775 | 2666/266mhz
    ==== Disk Partitions =========================
    A: is Removable
    C: is FIXED (NTFS) - 233 GiB total, 166.734 GiB free.
    D: is CDROM (UDF)
    ==== Disabled Device Manager Items =============
    ==== System Restore Points ===================
    RP231: 11/03/2010 23:45:38 - Installed Call of Duty(R) 2
    RP232: 13/03/2010 13:57:23 - Installed STK02N 2.4
    RP233: 18/03/2010 23:30:35 - System Checkpoint
    RP234: 23/03/2010 14:39:09 - Installed Java(TM) 6 Update 17
    RP235: 24/03/2010 03:00:15 - Software Distribution Service 3.0
    RP236: 24/03/2010 06:15:42 - Software Distribution Service 3.0
    RP237: 25/03/2010 02:18:51 - Software Distribution Service 3.0
    RP238: 25/03/2010 23:06:33 - Software Distribution Service 3.0
    RP239: 27/03/2010 03:58:14 - System Checkpoint
    RP240: 28/03/2010 05:23:58 - System Checkpoint
    RP241: 31/03/2010 03:14:44 - System Checkpoint
    RP242: 31/03/2010 12:05:14 - Software Distribution Service 3.0
    RP243: 02/04/2010 15:47:13 - System Checkpoint
    ==== Installed Programs ======================
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.3
    Adobe Shockwave Player
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Bonjour
    Call of Duty(R) 2
    CCleaner (remove only)
    Critical Update for Windows Media Player 11 (KB959772)
    Curse Client
    Dynamic Energy Saver 1.0 B8.0128.1
    Google Earth
    Google Update Helper
    Google Updater
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB979306)
    iTunes
    Java(TM) 6 Update 17
    Kaspersky Anti-Virus 2009
    LimeWire 4.18.8
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    MobileMe Control Panel
    NVIDIA Drivers
    QuickTime
    REALTEK GbE & FE Ethernet PCI-E NIC Driver
    Realtek High Definition Audio Driver
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 8 (KB917734)
    Security Update for Windows Media Player 9 (KB911565)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165-v2)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978706)
    Sky Player
    Spotify
    STK02N 2.4
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 7 (KB980182)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Virgin Media HUB 3.5.12
    VLC media player 0.9.9
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    World of Warcraft
    ==== End Of File ===========================
     
  5. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    Nothing obvious


    Please download Malwarebytes' Anti-Malware to your desktop
    from HERE or HERE

    Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following:

    Update Malwarebytes' Anti-Malware. Launch Malwarebytes' Anti-Malware. Then click Finish.

    If an update is found, it will download and install the latest version. Press Update to make sure the latest database is loaded.
    Once the program has loaded, select Perform quick scan, then click Scan.
    When the scan is complete, click OK, then Show Results to view the results.
    Be sure that everything is checked, and click Remove Selected.
    When completed, a log will open in Notepad.
    Please include this log in your next reply.

    It might ask you to reboot to finish cleaning. Please do so. ( Press YES on the alert)
    If you receive an (Error Loading xxxxxxxxxx .dll) error on reboot please reboot a second time . It is normal for this error to occur once and does not need to be reported unless it continues on every boot
     
  6. xanakis

    xanakis Thread Starter

    Joined:
    Apr 2, 2010
    Messages:
    5
    It found no malicious items. Maybe Kaspersky dealt with whatever it was? Here's the Malwarebytes log:


    Malwarebytes' Anti-Malware 1.45
    www.malwarebytes.org
    Database version: 3961
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.13
    06/04/2010 21:14:30
    mbam-log-2010-04-06 (21-14-30).txt
    Scan type: Quick scan
    Objects scanned: 112161
    Time elapsed: 9 minute(s), 24 second(s)
    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0
    Memory Processes Infected:
    (No malicious items detected)
    Memory Modules Infected:
    (No malicious items detected)
    Registry Keys Infected:
    (No malicious items detected)
    Registry Values Infected:
    (No malicious items detected)
    Registry Data Items Infected:
    (No malicious items detected)
    Folders Infected:
    (No malicious items detected)
    Files Infected:
    (No malicious items detected)
     
  7. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    It must be OK and kaspersky dealt with it
     
  8. xanakis

    xanakis Thread Starter

    Joined:
    Apr 2, 2010
    Messages:
    5
    Ok thanks for taking the time to look anyway
     
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/914244

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice