1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Broadband bringing spybot problems, please help

Discussion in 'Virus & Other Malware Removal' started by mike9inch, Jan 29, 2007.

Thread Status:
Not open for further replies.
  1. mike9inch

    mike9inch Thread Starter

    Joined:
    Jul 12, 2005
    Messages:
    189
    Dear techguys,

    For many years I have been on the web with the good old dial up (ho ho ho!), with zone alarm, spybot, AVG, adaware, spyware guard, spyware balster etc all in place and working fine.

    In December 2006 though I "finally" got switched to broadband and then my problems started!

    Whereas before everytime I ran spybot it came up with a clean result I now always am getting "red" showing with tracking cookies etc all over the place.

    I am using firefox and at times IE7, same as before - the only difference being the broadband.

    I have spybot set to teatimer mode etc so it is always on.

    Am I doing something stupid or wrong or do I just have to accept an explosion of tracking cookies comes with broadband upgrade?

    Many thanks for taking the time to read.

    Any advice appreciated.

    By the way, I have run stealth tests on the ports etc using shiledsup! and got a great true stealth result - so I thought I was 100% secure.

    Cheers

    Mike9inch
     
  2. 1002richards

    1002richards Retired Trusted Advisor

    Joined:
    Jan 29, 2006
    Messages:
    5,333
    Hi,
    Do you think posting a HijackThis log might help those reading your post to help you pin down the problem? Just a thought ... ?
    My move from dial-up to broadband did not throw up this sort of problem - but I might just have ducked at the right time?
    Richard
     
  3. mike9inch

    mike9inch Thread Starter

    Joined:
    Jul 12, 2005
    Messages:
    189
    Cheers!

    Here are my logs if they help

    The 016 missing descriptions is ok - I know about this.

    Logfile of HijackThis v1.99.1
    Scan saved at 16:53:50, on 29/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\UPHClean\uphclean.exe
    C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\WINDOWS\BCMSMMSG.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Virgin.net Broadband\Dragdiag.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
    C:\Program Files\MailWasher\MailWasher.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\unzipped\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.virgin.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Virgin.net Broadband\Dragdiag.exe" /icon
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O11 - Options group: [INTERNATIONAL] International*
    O15 - Trusted Zone: *.108pages.com
    O15 - Trusted Zone: *.ahds.ac.uk
    O15 - Trusted Zone: *.amazon.co.uk
    O15 - Trusted Zone: *.andyrace.co.uk
    O15 - Trusted Zone: *.avast.com
    O15 - Trusted Zone: *.barefootdoctorglobal.com
    O15 - Trusted Zone: *.barefootdoctorworld.co.uk
    O15 - Trusted Zone: *.bitdefender.com
    O15 - Trusted Zone: *.bt.com
    O15 - Trusted Zone: *.cahoot.com
    O15 - Trusted Zone: *.call18185.co.uk
    O15 - Trusted Zone: *.call18866.co.uk
    O15 - Trusted Zone: *.call1899.co.uk
    O15 - Trusted Zone: *.cameras.co.uk
    O15 - Trusted Zone: *.ccleaner.com
    O15 - Trusted Zone: *.choicesdirect.com
    O15 - Trusted Zone: *.ciao.co.uk
    O15 - Trusted Zone: *.curezone.com
    O15 - Trusted Zone: *.dealtime.co.uk
    O15 - Trusted Zone: *.dell.co.uk
    O15 - Trusted Zone: *.dell.com
    O15 - Trusted Zone: *.digitallook.com
    O15 - Trusted Zone: *.download.com
    O15 - Trusted Zone: *.easyvalue.co.uk
    O15 - Trusted Zone: *.ebay.co.uk
    O15 - Trusted Zone: *.ebay.com
    O15 - Trusted Zone: *.ebuyer.com
    O15 - Trusted Zone: *.eezytrade.co.uk
    O15 - Trusted Zone: *.euroffice.co.uk
    O15 - Trusted Zone: *.eurooffice.co.uk
    O15 - Trusted Zone: *.expedia.com
    O15 - Trusted Zone: *.fool.co.uk
    O15 - Trusted Zone: *.gardenwise.co.uk
    O15 - Trusted Zone: *.getoily.com
    O15 - Trusted Zone: *.goldentulip.com
    O15 - Trusted Zone: *.google.co.uk
    O15 - Trusted Zone: *.voa.gov.uk
    O15 - Trusted Zone: *.gov.uk
    O15 - Trusted Zone: *.instagroup.co.uk
    O15 - Trusted Zone: *.virusscan.jotti.org
    O15 - Trusted Zone: *.lightwatervalley.co.uk
    O15 - Trusted Zone: *.toolsnextday.ltd.uk
    O15 - Trusted Zone: *.lyco.co.uk
    O15 - Trusted Zone: *.macromedia.com
    O15 - Trusted Zone: *.mipcards.com
    O15 - Trusted Zone: *.next.co.uk
    O15 - Trusted Zone: *.nomatica.co.uk
    O15 - Trusted Zone: *.obeynature.com
    O15 - Trusted Zone: *.cla.org.uk
    O15 - Trusted Zone: *.lincswolds.org.uk
    O15 - Trusted Zone: *.pastscape.org.uk
    O15 - Trusted Zone: *.paypal.com
    O15 - Trusted Zone: *.photobox.co.uk
    O15 - Trusted Zone: *.photobucket.com
    O15 - Trusted Zone: *.pixmania.co.uk
    O15 - Trusted Zone: *.pricestorm.com
    O15 - Trusted Zone: *.print-rite.com
    O15 - Trusted Zone: *.qvcuk.com
    O15 - Trusted Zone: *.realsalt.com
    O15 - Trusted Zone: *.renewabledevices.com
    O15 - Trusted Zone: *.royalmail.com
    O15 - Trusted Zone: *.satellites.co.uk
    O15 - Trusted Zone: *.secure.squaregain.co.uk
    O15 - Trusted Zone: *.squaregain.co.uk
    O15 - Trusted Zone: *.tesco.com
    O15 - Trusted Zone: *.thisislincolnshire.co.uk
    O15 - Trusted Zone: *.tiscali.co.uk
    O15 - Trusted Zone: *.virginmobile.com
    O15 - Trusted Zone: *.windowsecurity.com
    O15 - Trusted Zone: *.windowssecurity.com
    O15 - Trusted Zone: *.yourwelcome.co.uk
    O15 - Trusted Zone: *.zonelabs.com
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
    O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} -
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1120743126764
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
    O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.euro.dell.com/global/apps/systemprofiler/PROFILER.CAB
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
    O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} -
    O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} -
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E7FBDC3B-7EB8-4796-B407-EE8137C2840B}: NameServer = 194.168.4.100 194.168.8.100
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/539335

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice