Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Spyware Alert Everywhere HELP

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Spyware Alert Everywhere HELP

Unread postby Spyware Alerts » March 21st, 2008, 12:35 am

My background turned red and says "your privacy is in danger", and I keep getting warnings and security alerts about spyware and hijacking attempts. I do not know who to trust to remove the problem. Can you help me please? I am an online student and I'm scared I am going to crash again.

Here is my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:12:40 AM, on 3/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\System32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\dlcqcoms.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\dla\tfswctrl.exe
F:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
F:\Program Files\Dell Photo AIO Printer 966\memcard.exe
F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
F:\Program Files\antiviirus.exe
F:\Program Files\Messenger\msmsgs.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\tmp0.exe
F:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
F:\Program Files\tmp1.exe
F:\Program Files\tmp2.exe
F:\Program Files\tmp3.exe
F:\PROGRA~1\MOZILL~1\FIREFOX.EXE
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wm ... Ojg5&lid=2
F2 - REG:system.ini: UserInit=F:\WINDOWS\system32\userinit.exe,F:\WINDOWS\system32\ntos.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - F:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: GNX Rolex - {7DEE5BA2-CB70-4BBB-BD94-208BBA8AA6C4} - F:\WINDOWS\drnpfdxlsk.dll
O3 - Toolbar: etlrlws - {EF04FFC1-16A5-4683-95AC-BE24D11152F3} - F:\WINDOWS\etlrlws.dll
O4 - HKLM\..\Run: [dla] F:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdReg] F:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [diagent] "F:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "F:\Program Files\Dell PC Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [dlcqmon.exe] "F:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "F:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "F:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLCQCATS] rundll32 F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [antiviirus] F:\Program Files\antiviirus.exe
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 5261205593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5261200280
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O21 - SSODL: AvpComponent - {3b14130c-3d58-47b4-a0d5-74626e52117b} - F:\WINDOWS\Installer\{3b14130c-3d58-47b4-a0d5-74626e52117b}\AvpComponent.dll
O21 - SSODL: altvxvm - {18A3DBD8-7C85-43CA-8723-D965420F149C} - F:\WINDOWS\altvxvm.dll
O21 - SSODL: bokpkov - {81E03841-433F-4ACA-AA47-9C316C56B3E6} - F:\WINDOWS\bokpkov.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: dlcq_device - - F:\WINDOWS\system32\dlcqcoms.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - F:\Program Files\Intel\NCS\Sync\NetSvc.exe
O24 - Desktop Component 0: Privacy Protection - file:///F:\WINDOWS\privacy_danger\index.htm

--
Spyware Alerts
Active Member
 
Posts: 4
Joined: March 21st, 2008, 12:24 am
Location: Prince Frederick, MD
Advertisement
Register to Remove

Re: Spyware Alert Everywhere HELP

Unread postby Simon V. » March 23rd, 2008, 12:52 pm

Hello, and welcome to the forum.

My name is Simon V., and I'll be glad to help you with your computer problems.

Step 1

Please download and install CCleaner.

Open CCleaner. On the Windows tab, leave the default options alone.

  • On the Applications tab, check (tick) all the boxes except Saved Form Information. This will remove all your saved passwords if you leave this box checked.
  • Click on the Run Cleaner button at the bottom right hand corner.
  • When the cleaner has completed, click Tools in the Left Pane.
  • Verify that Uninstall is highlighted in color, or click on it.
  • In the lower right, click Save to Text File.
  • Pull down the arrow at the top of the Save dialog and choose Desktop as the location.
  • You can leave the filename as install.txt.
  • Click Save, then exit Ccleaner.

Step 2

Print these instructions or copy them to Notepad and save it to your desktop, as you won't be able to access internet in Safe Mode.

Please download SDFix and save it to your desktop.

Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows directory, typically C:\SDFix)

Please reboot into Safe Mode. To do this, go to Start > Turn off Computer, and select Restart. Rapidly tap F8 just before Windows starts to load. In the menu that appears, select Safe Mode (Without Networking)

Log in to your usual account.

Once in Safe Mode, do the following:

Open the extracted SDFix folder and double-click RunThis.bat to start the script.

  • Type Y to begin the cleanup process.
  • It will remove any trojan services and registry entries that it finds, then prompt you to press any key to reboot; press any key and it will restart the PC.
  • When the PC restarts SDFix will run again and complete the removal process then display Finished. Press any key to end the script and load your desktop icons.
  • Once the desktop icons load, the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to clipboard ready for posting back on the forum).

Step 3

In your next reply, please post:

  • the CCleaner Uninstall List (install.txt)
  • the SDFix report (C:\SDFix\Report.txt)
  • a new HijackThis log
User avatar
Simon V.
MRU Emeritus
MRU Emeritus
 
Posts: 3388
Joined: November 11th, 2006, 3:35 pm
Location: Antwerp, Belgium

Re: Spyware Alert Everywhere HELP

Unread postby Spyware Alerts » March 23rd, 2008, 9:59 pm

Hey Simon V!
Thanks for getting back to me. New issue--now I cannot connect to the internet on that computer. Any ideas of why this could be and how I can fix that problem so I can tackle this problem?
Thank You, thank you, thank you..., :-)
Belinda
Spyware Alerts
Active Member
 
Posts: 4
Joined: March 21st, 2008, 12:24 am
Location: Prince Frederick, MD

Re: Spyware Alert Everywhere HELP

Unread postby Simon V. » March 23rd, 2008, 10:53 pm

Spyware Alerts wrote:Hey Simon V!
Thanks for getting back to me. New issue--now I cannot connect to the internet on that computer. Any ideas of why this could be and how I can fix that problem so I can tackle this problem?
Thank You, thank you, thank you..., :-)
Belinda

For now, I don't know what's causing that. Can you transfer the tools I asked you to download using a thumb drive/external hard drive?
User avatar
Simon V.
MRU Emeritus
MRU Emeritus
 
Posts: 3388
Joined: November 11th, 2006, 3:35 pm
Location: Antwerp, Belgium

Re: Spyware Alert Everywhere HELP

Unread postby Spyware Alerts » March 24th, 2008, 12:21 pm

No, I do not have a thumb drive. I don't know what the problem is. The other computer and the lap top has a connection, but for some reason my computer has lost connection. All the connections to the router and the computer have been checked. Maybe I did something wrong by downloading several free virus protection and spyware removal softwares. I deleted all of the them though except for AVG, and Avira. Could this have caused a problem?
I also have a problem with the task bar on my account. When I hit ctrl, alt, delete, it says that the admin has disabled it, or something like that.
Spyware Alerts
Active Member
 
Posts: 4
Joined: March 21st, 2008, 12:24 am
Location: Prince Frederick, MD

Re: Spyware Alert Everywhere HELP

Unread postby Simon V. » March 28th, 2008, 5:17 pm

Spyware Alerts wrote:No, I do not have a thumb drive. I don't know what the problem is. The other computer and the lap top has a connection, but for some reason my computer has lost connection. All the connections to the router and the computer have been checked. Maybe I did something wrong by downloading several free virus protection and spyware removal softwares. I deleted all of the them though except for AVG, and Avira. Could this have caused a problem?
I also have a problem with the task bar on my account. When I hit ctrl, alt, delete, it says that the admin has disabled it, or something like that.

I'm sorry for the delay, I didn't get a reply notification. Please uninstall either AVG or Avira; running two anti-virus programs simultaneously can cause these problems.
User avatar
Simon V.
MRU Emeritus
MRU Emeritus
 
Posts: 3388
Joined: November 11th, 2006, 3:35 pm
Location: Antwerp, Belgium

Re: Spyware Alert Everywhere HELP

Unread postby Spyware Alerts » March 28th, 2008, 7:26 pm

My husband ended up swiping the computer so I'm cool now. Thanks.
Spyware Alerts
Active Member
 
Posts: 4
Joined: March 21st, 2008, 12:24 am
Location: Prince Frederick, MD

Re: Spyware Alert Everywhere HELP

Unread postby Gary R » March 29th, 2008, 4:37 am

This topic is now closed.

If you are the originator of this topic, and you need it re-opened please send an email to 'admin at malwareremoval.com', including a link to this topic.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Donations For Malware Removal

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.

Gary R
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 45 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware