SPEED or SECURITY

[theraven]

thats the problem..
33kbps. . not za ..
the boost is probably cuz of the automatic updates ...
just try shuttin it off ...

 

[reddick]

I have disabled it...No gains yet...Still i have 2 shut off d firewall while surfing Than i have to scan whole my PC 4 viruses everytime after browsing

 

[theraven]

yaar ek kaam kar

post ur hijack this logfile here once .. so we have that out of the way

 

[reddick]

Wht is "hijack this logfile"? I'm newbie to computing...plz tell me in brief

 

[theraven]

ok sorry my bad ...
here download the hijackthis program from here
then run it and copy paste the log file it creates here

 

[reddick]

Here is the log file:

Logfile of HijackThis v1.99.1
Scan saved at 6:34:02 AM, on 01-Aug-05
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\NVATray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\PowerMenu\PowerMenu.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Rana\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = *netonejld.bsnl.co.in/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O1 - Hosts: 205.209.153.86 lloydstsb.co.uk
O1 - Hosts: 205.209.153.86 online.lloydstsb.co.uk
O1 - Hosts: 205.209.153.86 www.lloydstsb.co.uk
O1 - Hosts: 205.209.153.86 www.lloydstsb.com
O1 - Hosts: 205.209.153.86 personal.barclays.co.uk
O1 - Hosts: 205.209.153.86 barclays.co.uk
O1 - Hosts: 205.209.153.86 ibank.barclays.co.uk
O1 - Hosts: 205.209.153.86 www.barclays.co.uk
O1 - Hosts: 205.209.153.86 www.nwolb.com
O1 - Hosts: 205.209.153.86 nwolb.com
O1 - Hosts: 205.209.153.86 hsbc.co.uk
O1 - Hosts: 205.209.153.86 www.hsbc.co.uk
O1 - Hosts: 205.209.153.86 abbey.com
O1 - Hosts: 205.209.153.86 www.abbey.com
O1 - Hosts: 205.209.153.86 www.abbey.co.uk
O1 - Hosts: 205.209.153.86 abbey.co.uk
O1 - Hosts: 205.209.153.86 cahoot.com
O1 - Hosts: 205.209.153.86 www.cahoot.com
O1 - Hosts: 205.209.153.86 www.cahoot.co.uk
O1 - Hosts: 205.209.153.86 cahoot.co.uk
O1 - Hosts: 205.209.153.86 www.co-operativebank.co.uk
O1 - Hosts: 205.209.153.86 co-operativebank.co.uk
O1 - Hosts: 205.209.153.86 www.co-operativebank.com
O1 - Hosts: 205.209.153.86 co-operativebank.com
O1 - Hosts: 205.209.153.86 welcome2.co-operativebankonline.co.uk
O1 - Hosts: 205.209.153.86 welcome6.co-operativebankonline.co.uk
O1 - Hosts: 205.209.153.86 welcome8.co-operativebankonline.co.uk
O1 - Hosts: 205.209.153.86 welcome10.co-operativebankonline.co.uk
O1 - Hosts: 205.209.153.86 www.smile.co.uk
O1 - Hosts: 205.209.153.86 smile.co.uk
O1 - Hosts: 205.209.153.86 www.cajamar.es
O1 - Hosts: 205.209.153.86 cajamar.es
O1 - Hosts: 205.209.153.86 www.cajamar.com
O1 - Hosts: 205.209.153.86 www.unicaja.es
O1 - Hosts: 205.209.153.86 unicaja.es
O1 - Hosts: 205.209.153.86 www.unicaja.com
O1 - Hosts: 205.209.153.86 unicaja.com
O1 - Hosts: 205.209.153.86 www.caixagalicia.es
O1 - Hosts: 205.209.153.86 caixagalicia.es
O1 - Hosts: 205.209.153.86 www.caixagalicia.com
O1 - Hosts: 205.209.153.86 caixagalicia.com
O1 - Hosts: 205.209.153.86 activa.caixagalicia.es
O1 - Hosts: 205.209.153.86 www.caixapenedes.es
O1 - Hosts: 205.209.153.86 caixapenedes.es
O1 - Hosts: 205.209.153.86 www.caixapenedes.com
O1 - Hosts: 205.209.153.86 caixapenedes.com
O1 - Hosts: 205.209.153.86 bancae.caixapenedes.com
O1 - Hosts: 205.209.153.86 www.caixasabadell.es
O1 - Hosts: 205.209.153.86 caixasabadell.es
O1 - Hosts: 205.209.153.86 www.caixasabadell.net
O1 - Hosts: 205.209.153.86 caixasabadell.net
O1 - Hosts: 205.209.153.86 www.cajamadrid.es
O1 - Hosts: 205.209.153.86 cajamadrid.es
O1 - Hosts: 205.209.153.86 www.cajamadrid.com
O1 - Hosts: 205.209.153.86 cajamadrid.com
O1 - Hosts: 205.209.153.86 oi.cajamadrid.es
O1 - Hosts: 205.209.153.86 www.ccm.es
O1 - Hosts: 205.209.153.86 ccm.es
O1 - Hosts: 205.209.153.86 www.haspa.de
O1 - Hosts: 205.209.153.86 haspa.de
O1 - Hosts: 205.209.153.86 ssl2.haspa.de
O1 - Hosts: 205.209.153.86 www.dresdner-bank.de
O1 - Hosts: 205.209.153.86 dresdner-bank.de
O1 - Hosts: 205.209.153.86 www.dresdner-privat.de
O1 - Hosts: 205.209.153.86 postbank.de
O1 - Hosts: 205.209.153.86 www.postbank.de
O1 - Hosts: 205.209.153.86 banking.postbank.de
O1 - Hosts: 205.209.153.86 www.sparda-b.de
O1 - Hosts: 205.209.153.86 sparda-b.de
O1 - Hosts: 205.209.153.86 www.bankingonline.de
O1 - Hosts: 205.209.153.86 www.raiffeisenbank-erding.de
O1 - Hosts: 205.209.153.86 raiffeisenbank-erding.de
O1 - Hosts: 205.209.153.86 www.vr-networld-ebanking.de
O1 - Hosts: 205.209.153.86 vr-networld-ebanking.de
O1 - Hosts: 205.209.153.86 www.bnhof.de
O1 - Hosts: 205.209.153.86 bnhof.de
O1 - Hosts: 205.209.153.86 www.deutsche-bank.de
O1 - Hosts: 205.209.153.86 deutsche-bank.de
O1 - Hosts: 205.209.153.86 meine.deutsche-bank.de
O1 - Hosts: 205.209.153.86 www.citibank.de
O1 - Hosts: 205.209.153.86 citibank.de
O1 - Hosts: 205.209.153.86 cipehb13.cdg.citibank.de
O1 - Hosts: 205.209.153.86 www.dkb.de
O1 - Hosts: 205.209.153.86 dkb.de
O1 - Hosts: 205.209.153.86 www.sparkasse-regensburg.de
O1 - Hosts: 205.209.153.86 sparkasse-regensburg.de
O1 - Hosts: 205.209.153.86 www.berliner-bank.de
O1 - Hosts: 205.209.153.86 berliner-bank.de
O1 - Hosts: 205.209.153.86 www.berliner-sparkasse.de
O1 - Hosts: 205.209.153.86 berliner-sparkasse.de
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Win32 Classes -
O17 - HKLM\System\CCS\Services\Tcpip\..\{6125F156-0689-4F08-B97F-559E512CA7BB}: NameServer = 61.0.64.33 61.0.0.5
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe

Now tell me where is d problem n how to resolve it...cheers bro!!!

 

[expertno.1]

hey is it necessay to use firewall coz i dont use anyone ?

 

[reddick]

 

[reddick]

Yeah it so imp. 2 install it in ur PC...As internet is flodded with various types of viruses,worms n hackers...They can infect ur machine...It's better 2 install firewall n it's a must so that u remain safe n secure...u can gt it free in DIGIT CDs

 

[godsownman]

Thats a pretty interesting thread but I have one simple straight forward solution.

Sacrificing safety for speed will lead you to the dumps !

I hope you get the point.

 

[swatkat]

Hi,

Run HijackThis, and click "Do only a system scan". Then select these entries:-

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O1 - Hosts: 205.209.153.86 lloydstsb.co.uk
O1 - Hosts: 205.209.153.86 online.lloydstsb.co.uk
O1 - Hosts: 205.209.153.86 www.lloydstsb.co.uk
O1 - Hosts: 205.209.153.86 www.lloydstsb.com
O1 - Hosts: 205.209.153.86 personal.barclays.co.uk
O1 - Hosts: 205.209.153.86 barclays.co.uk
O1 - Hosts: 205.209.153.86 ibank.barclays.co.uk
O1 - Hosts: 205.209.153.86 www.barclays.co.uk
O1 - Hosts: 205.209.153.86 www.nwolb.com
O1 - Hosts: 205.209.153.86 nwolb.com
O1 - Hosts: 205.209.153.86 hsbc.co.uk
O1 - Hosts: 205.209.153.86 www.hsbc.co.uk
O1 - Hosts: 205.209.153.86 abbey.com
O1 - Hosts: 205.209.153.86 www.abbey.com
O1 - Hosts: 205.209.153.86 www.abbey.co.uk
O1 - Hosts: 205.209.153.86 abbey.co.uk
O1 - Hosts: 205.209.153.86 cahoot.com
O1 - Hosts: 205.209.153.86 www.cahoot.com
O1 - Hosts: 205.209.153.86 www.cahoot.co.uk
O1 - Hosts: 205.209.153.86 cahoot.co.uk
O1 - Hosts: 205.209.153.86 www.co-operativebank.co.uk
O1 - Hosts: 205.209.153.86 co-operativebank.co.uk
O1 - Hosts: 205.209.153.86 www.co-operativebank.com
O1 - Hosts: 205.209.153.86 co-operativebank.com
O1 - Hosts: 205.209.153.86 welcome2.co-operativebankonline.co.uk
O1 - Hosts: 205.209.153.86 welcome6.co-operativebankonline.co.uk
O1 - Hosts: 205.209.153.86 welcome8.co-operativebankonline.co.uk
O1 - Hosts: 205.209.153.86 welcome10.co-operativebankonline.co.uk
O1 - Hosts: 205.209.153.86 www.smile.co.uk
O1 - Hosts: 205.209.153.86 smile.co.uk
O1 - Hosts: 205.209.153.86 www.cajamar.es
O1 - Hosts: 205.209.153.86 cajamar.es
O1 - Hosts: 205.209.153.86 www.cajamar.com
O1 - Hosts: 205.209.153.86 www.unicaja.es
O1 - Hosts: 205.209.153.86 unicaja.es
O1 - Hosts: 205.209.153.86 www.unicaja.com
O1 - Hosts: 205.209.153.86 unicaja.com
O1 - Hosts: 205.209.153.86 www.caixagalicia.es
O1 - Hosts: 205.209.153.86 caixagalicia.es
O1 - Hosts: 205.209.153.86 www.caixagalicia.com
O1 - Hosts: 205.209.153.86 caixagalicia.com
O1 - Hosts: 205.209.153.86 activa.caixagalicia.es
O1 - Hosts: 205.209.153.86 www.caixapenedes.es
O1 - Hosts: 205.209.153.86 caixapenedes.es
O1 - Hosts: 205.209.153.86 www.caixapenedes.com
O1 - Hosts: 205.209.153.86 caixapenedes.com
O1 - Hosts: 205.209.153.86 bancae.caixapenedes.com
O1 - Hosts: 205.209.153.86 www.caixasabadell.es
O1 - Hosts: 205.209.153.86 caixasabadell.es
O1 - Hosts: 205.209.153.86 www.caixasabadell.net
O1 - Hosts: 205.209.153.86 caixasabadell.net
O1 - Hosts: 205.209.153.86 www.cajamadrid.es
O1 - Hosts: 205.209.153.86 cajamadrid.es
O1 - Hosts: 205.209.153.86 www.cajamadrid.com
O1 - Hosts: 205.209.153.86 cajamadrid.com
O1 - Hosts: 205.209.153.86 oi.cajamadrid.es
O1 - Hosts: 205.209.153.86 www.ccm.es
O1 - Hosts: 205.209.153.86 ccm.es
O1 - Hosts: 205.209.153.86 www.haspa.de
O1 - Hosts: 205.209.153.86 haspa.de
O1 - Hosts: 205.209.153.86 ssl2.haspa.de
O1 - Hosts: 205.209.153.86 www.dresdner-bank.de
O1 - Hosts: 205.209.153.86 dresdner-bank.de
O1 - Hosts: 205.209.153.86 www.dresdner-privat.de
O1 - Hosts: 205.209.153.86 postbank.de
O1 - Hosts: 205.209.153.86 www.postbank.de
O1 - Hosts: 205.209.153.86 banking.postbank.de
O1 - Hosts: 205.209.153.86 www.sparda-b.de
O1 - Hosts: 205.209.153.86 sparda-b.de
O1 - Hosts: 205.209.153.86 www.bankingonline.de
O1 - Hosts: 205.209.153.86 www.raiffeisenbank-erding.de
O1 - Hosts: 205.209.153.86 raiffeisenbank-erding.de
O1 - Hosts: 205.209.153.86 www.vr-networld-ebanking.de
O1 - Hosts: 205.209.153.86 vr-networld-ebanking.de
O1 - Hosts: 205.209.153.86 www.bnhof.de
O1 - Hosts: 205.209.153.86 bnhof.de
O1 - Hosts: 205.209.153.86 www.deutsche-bank.de
O1 - Hosts: 205.209.153.86 deutsche-bank.de
O1 - Hosts: 205.209.153.86 meine.deutsche-bank.de
O1 - Hosts: 205.209.153.86 www.citibank.de
O1 - Hosts: 205.209.153.86 citibank.de
O1 - Hosts: 205.209.153.86 cipehb13.cdg.citibank.de
O1 - Hosts: 205.209.153.86 www.dkb.de
O1 - Hosts: 205.209.153.86 dkb.de
O1 - Hosts: 205.209.153.86 www.sparkasse-regensburg.de
O1 - Hosts: 205.209.153.86 sparkasse-regensburg.de
O1 - Hosts: 205.209.153.86 www.berliner-bank.de
O1 - Hosts: 205.209.153.86 berliner-bank.de
O1 - Hosts: 205.209.153.86 www.berliner-sparkasse.de
O1 - Hosts: 205.209.153.86 berliner-sparkasse.de
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: Win32 Classes -

Close all other open programs, and click "Fix Checked" in HijackThis.

Reboot the PC, and run HijackThis again and post a fresh log.

 

[reddick]

But i have already described the log file above...Plz take a look on that :roll:

 

[escape7]

hey is it necessay to use firewall coz i dont use anyone ?

firewall keeps ur data secure & dosen't transfer it to the net...but u don't need a firewall unless u do online transactions or have some imp. data that's gonna start WW-III

 

[enoonmai]

@reddick: Read swatkat's post properly, please. He was trying to help you, and its no secret that he is very good at what he does. He is asking you to run HJT again, select those entries that he has highlighted and then asked you to remove them. Once you have done that, rescan with HJT to make sure they are all gone and then post the new log here. That's what he meant. He already took a look at your logfile and offered the changes you needed to do.

@escape7: A firewall may not have been that important before, but with most users switching from dial-up to either LAN/ADSL/Cable connections, its becoming increasingly important to secure your computer. Firewalls are not just for conducting secure online transactions, but for keeping your computer secure and running properly enoughf for you to work on. Most malicious code actively scan for hosts to infect and a good firewall can nip these attacks in the bud. No, I disagree. A firewall is a must in today's world. And by that, I mean, a properly-configured, updated firewall. No use if you have one and don't have it configured properly or set it to "Low Security."

 

[reddick]

@swatkat I check those entries as told by u n here is d new log file.Plz take a look on it:

Logfile of HijackThis v1.99.1
Scan saved at 6:38:42 AM, on 30-Aug-05
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\NVATray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Outlook Express\Msimn.exe
C:\DOCUME~1\Rana\LOCALS~1\Temp\Rar$EX01.156\HijackThis.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = *netonejld.bsnl.co.in/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Win32 Classes -
O17 - HKLM\System\CCS\Services\Tcpip\..\{6125F156-0689-4F08-B97F-559E512CA7BB}: NameServer = 61.0.64.33 61.0.0.5
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe

Hope this will works...Kindly tell me where is d problem n how 2 fix it...CHEERS BRO!!!

 

[theraven]

looks clear

maybe u need to fix this as well

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm

 

[swatkat]

Yes, fix that entry and then delete this file:-
C:\WINDOWS\SYSTEM\blank.htm

 

[reddick]

I fix that entry n here is d fresh log report :

Logfile of HijackThis v1.99.1
Scan saved at 6:41:46 AM, on 31-Aug-05
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\NVATray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Opera\Opera.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Rana\LOCALS~1\Temp\Rar$EX00.328\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = *netonejld.bsnl.co.in/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Win32 Classes -
O17 - HKLM\System\CCS\Services\Tcpip\..\{6125F156-0689-4F08-B97F-559E512CA7BB}: NameServer = 61.0.64.33 61.0.0.5
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe

Could u tell me wht to do now...THX 4 ur patience

 

[swatkat]

Log looks clean Do you experience any other problems?

 

[reddick]

Only this is d problem that my browsing speed decreases if i ON firewall...If it gets OFF my speed is like Jet...Plz tell me other ideas to increase my net speed by securing with Firewall :roll: