HijackThis - Vishal Gupta

[vaibhavtek]

Just as one cannot trust automated analysis, one cannot trust an expert NOT to make mistakes. While an experts judgement may be his own individually only, the following sites auto-analyse logs, based on tons of data collected, to make their recommendations ! Ultimately, you need to make your own call, considering all.

HijackThis.de
Prevx
Networktechs
Help2Go

One can also download HijackThis Reader and use it.

Thanks for the link bro..!!!

@vaibhav
Please don't ask problems to a particular member. Its a forum not a site. Everyone wants to help and asking one member for help is like insulting the others. I hope you can understand it.

Ok thanks for the suggestion.

 

[enticer86]

Pls advise what to do... heres a report:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:20:41 PM, on 3/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\System32\CbEvtSvc.exe
C:\Program Files\GizmoPlugin\GizmoPlugin.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - *picasaweb.google.com/s/v/24.19/uploader2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - *gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CameraServer - Unknown owner - C:\Program Files\Eyemail Technology Inc\CameraServer.exe (file missing)
O23 - Service: CbEvtSvc - Unknown owner - C:\WINDOWS\System32\CbEvtSvc.exe
O23 - Service: Gizmo VoIP Service (Gizmo Plugin) - SIPphone, Inc. - C:\Program Files\GizmoPlugin\GizmoPlugin.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 4102 bytes

 

[vaibhavtek]

I have looked in ur file and found only I problem just remove it.

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

 

[enticer86]

really? that means my pc is free of any kinda trouble?? :O
How to remove it?

 

[Vishal Gupta]

Your system is absolutely fine. No problems found. Although you can fix following unnecessary entries to speed up your system:

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

To fix the entries, Boot your Windows in Safe Mode by pressing “F8″ key at system startup and select “Safe Mode” option. Run HijackThis again. Then select the entries and click on “Fix checked” button.

 

[vaibhavtek]

really? that means my pc is free of any kinda trouble?? :O

How to remove it?

See my closed thread:-HijackThis - Post ur log file

Plz help me to agree shantanu to reopen this thread.
I am asking him a lot.
Plz PM him to reopen the thread.

VG I think u r realsing the neccesity of this thread HijackThis - Post ur log file.

Plz help me to reopen this thread.

At the last of it i will write that:-
Suggestion for this thread came from:-www.askvg.com[Vishal Gupta's Site]

Plz VG and enticer86 help me.

 

[anandk]

^^ Neither I said I'm an expert nor I said I can't make mistakes. Since he asked for my help, I tried my best to help him. I posted my personal experience. Its always better to check the file manually instead of automatic process.

I am glad I visited this thread again, else I wouldnt have seen this comment. Vishal, I wasnt referring to you, I just made a general statement. And I accept that you are a genius. Havent i already refered to you as one in atleast 2 other forums or on the telephonic chat of MVPs sometime back? So pls remove this or any other misunderstanding you may have. Take my word !

 

[Vishal Gupta]

^^ I have no hard feelings as well. I was quite surprised by your comments but thanks for making it clear.