Home > Unable To > Unable To Get Rid Of Surfsidekick2

Unable To Get Rid Of Surfsidekick2

What kind of trouble can I get myself into? Select the Safe Mode option and press Enter.To return to normal mode just restart your computer as you normally would.Please remove these entries from Add/Remove Programs in the Control Panel(if present):SurfSideKickPlease The more you run, the more likely you are to find everything.Be sure and put a check in the box by "Auto Clean" before you do the scan. Great job! news

The Registry Editor window opens. Logfile of HijackThis v1.98.2 Scan saved at 10:22:39 PM, on 11/14/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe for a while that is. Downloaded and Install Spybot S&D, accepting the Default Settings 2.

We need to see the entire log, as it is. Under the Hidden files and folders heading select "Show hidden files and folders". I think my biggest problem right now is the inability to run most scans/programs because of the error thing.

Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - Username or email: I've forgotten my password Forum Password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Community Forum Local time:02:15 AM Posted 02 July 2006 - 01:52 AM Have you tried the self help forum? Once I deleted the 04 - HKLM\..RUN: [SURFSIDEKICK 2] C:\PROGRAM FILES\SURFSIDEKICK 2\SsK.exe it auto-rejuvenatedHere is a fresh log:Logfile of HijackThis v1.99.0Scan saved at 10:42:04 AM, on 2/7/2005Platform: Windows 2000 SP4 (WinNT

Register now! Exterminate It! Pool 2 - http://download.game...ts/y/pote_x.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1095879142906O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cabO16 - DPF: {886DDE35-E955-11D0-A707-000000521958} - - Service: Symantec Event Manager (ccEvtMgr) - Symantec Please re-enable javascript to access full functionality.

You can install the RemoveOnReboot utility from here.FilesView all SurfSideKick filesView mapping details[%SYSTEM%]\bk.exe[%APPDATA%]\sskknwrd.dll[%COMMON_APPDATA%]\nfo\mon0104.dbd[%COMMON_APPDATA%]\wsxs\delfinAD.ebd[%APPDATA%]\Sskcwrd.dll[%APPDATA%]\sskdmns.dll[%COMMON_APPDATA%]\DelFin\PromulGate\delfinAD.ebd[%APPDATA%]\sskuknwrd.dll[%COMMON_APPDATA%]\nsv\wmv0104.dbd[%SYSTEM%]\repairs303169587.dll[%PROFILE_TEMP%]\i23.tmp[%PROFILE_TEMP%]\i389.tmp[%WINDOWS%]\ss1205.exe[%PROFILE_TEMP%]\i15.tmp[%PROFILE_TEMP%]\SskUpdater3.exe[%PROFILE_TEMP%]\da590.tmp[%PROFILE_TEMP%]\u100.tmp[%PROFILE_TEMP%]\u101.tmp[%PROFILE_TEMP%]\u105.tmp[%PROFILE_TEMP%]\u106.tmp[%PROFILE_TEMP%]\u108.tmp[%PROFILE_TEMP%]\u10B.tmp[%PROFILE_TEMP%]\u10C.tmp[%PROFILE_TEMP%]\u10D.tmp[%PROFILE_TEMP%]\u112.tmp[%PROFILE_TEMP%]\u113.tmp[%PROFILE_TEMP%]\u114.tmp[%PROFILE_TEMP%]\u117.tmp[%PROFILE_TEMP%]\u118.tmp[%PROFILE_TEMP%]\u11A.tmp[%PROFILE_TEMP%]\u11E.tmp[%PROFILE_TEMP%]\u11F.tmp[%PROFILE_TEMP%]\u120.tmp[%PROFILE_TEMP%]\u124.tmp[%PROFILE_TEMP%]\u125.tmp[%PROFILE_TEMP%]\u126.tmp[%PROFILE_TEMP%]\u12A.tmp[%PROFILE_TEMP%]\u12B.tmp[%PROFILE_TEMP%]\u12C.tmp[%PROFILE_TEMP%]\u12F.tmp[%PROFILE_TEMP%]\u131.tmp[%PROFILE_TEMP%]\u132.tmp[%PROFILE_TEMP%]\u136.tmp[%PROFILE_TEMP%]\u137.tmp[%PROFILE_TEMP%]\u138.tmp[%PROFILE_TEMP%]\u13C.tmp[%PROFILE_TEMP%]\u13D.tmp[%PROFILE_TEMP%]\u13E.tmp[%PROFILE_TEMP%]\u142.tmp[%PROFILE_TEMP%]\u144.tmp[%PROFILE_TEMP%]\u145.tmp[%PROFILE_TEMP%]\u149.tmp[%PROFILE_TEMP%]\u14A.tmp[%PROFILE_TEMP%]\u14B.tmp[%PROFILE_TEMP%]\u14F.tmp[%PROFILE_TEMP%]\u150.tmp[%PROFILE_TEMP%]\u151.tmp[%PROFILE_TEMP%]\u154.tmp[%PROFILE_TEMP%]\u155.tmp[%PROFILE_TEMP%]\u156.tmp[%PROFILE_TEMP%]\u15A.tmp[%PROFILE_TEMP%]\u15B.tmp[%PROFILE_TEMP%]\u15C.tmp[%PROFILE_TEMP%]\u160.tmp[%PROFILE_TEMP%]\u161.tmp[%PROFILE_TEMP%]\u162.tmp[%PROFILE_TEMP%]\u166.tmp[%PROFILE_TEMP%]\u167.tmp[%PROFILE_TEMP%]\u168.tmp[%PROFILE_TEMP%]\u16C.tmp[%PROFILE_TEMP%]\u16D.tmp[%PROFILE_TEMP%]\u16E.tmp[%PROFILE_TEMP%]\u173.tmp[%PROFILE_TEMP%]\u174.tmp[%PROFILE_TEMP%]\u175.tmp[%PROFILE_TEMP%]\u179.tmp[%PROFILE_TEMP%]\u17A.tmp[%PROFILE_TEMP%]\u17B.tmp[%PROFILE_TEMP%]\u17F.tmp[%PROFILE_TEMP%]\u180.tmp[%PROFILE_TEMP%]\u181.tmp[%PROFILE_TEMP%]\u184.tmp[%PROFILE_TEMP%]\u185.tmp[%PROFILE_TEMP%]\u186.tmp[%PROFILE_TEMP%]\u18A.tmp[%PROFILE_TEMP%]\u18B.tmp[%PROFILE_TEMP%]\u18C.tmp[%PROFILE_TEMP%]\u190.tmp[%PROFILE_TEMP%]\u191.tmp[%PROFILE_TEMP%]\u192.tmp[%PROFILE_TEMP%]\u195.tmp[%PROFILE_TEMP%]\u196.tmp[%PROFILE_TEMP%]\u197.tmp[%PROFILE_TEMP%]\u19A.tmp[%PROFILE_TEMP%]\u19B.tmp[%PROFILE_TEMP%]\u19C.tmp[%PROFILE_TEMP%]\u1A1.tmp[%PROFILE_TEMP%]\u1A2.tmp[%PROFILE_TEMP%]\u1A3.tmp[%PROFILE_TEMP%]\u1A8.tmpFoldersView mapping details[%PROGRAM_FILES%]\surfsidekick 3[%PROGRAM_FILES%]\surfsidekick[%PROGRAM_FILES%]\surfsidekick 2Scan your File System for SurfSideKickHow to Remove SurfSideKick from the Windows Registry^The Windows registry Click OK.Boot into Safe Mode:Restart your computer and immediately begin tapping the F8 key on your keyboard. Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll O9 - Extra 'Tools' menuitem: Yahoo! Files highlighted in BLACK will need to be removed from your hard drive.

These conventions are explained here.Select the file or folder and press SHIFT+Delete on the keyboard.Click Yes in the confirm deletion dialog box.IMPORTANT: If a file is locked (in use by some For example, if the path of a registry key is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName1 sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA and FolderB folders.Select the key name indicated at the end of the path (KeyName1 Anybody can ask, anybody can answer. More and more people are realizing that Internet Explorer is a terribly insecure browser.

Could someone please review? navigate to this website Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra 'Tools' menuitem: Yahoo! Run HJT - DO NOT ATTEMPT TO FIX ANYTHING Post a new scan here in this thread. HOW TO SHOW FILES ..Please post a new log when finished...

Once Ad-Watch is disabled then fix these entries in HijackThis: O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe" O4 - HKLM\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe Then restart, post a new The pop up saying "An error has occured and blah blah program must shut down". It's free. More about the author My Website ATF Cleaner for removing temporary files HijackThis download Donations to this site Back to top Related Topics Back to Virus, Spyware & Malware Removal · Next Unread Topic

Click "Click here to select Drives + folders" and select your installed hard drives. Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. This applies only to the original topic starter.Everyone else please begin a New Topic.

I'm looking over you log file and will get back to you soon.

Sometimes adware is attached to free software to enable the developers to cover the overhead involved in created the software. Several functions may not work. Something like that. Then....

It was the only commercially available product that not only detected the problems, but eliminated them. This will stop most of the drive-by malware installations that have been very common recently. Then run full systems scans as described below.Install and how to use the NEW Ad-aware SEhttp://www.bleepingc...showtutorial=48Reboot after using Ad-Aware SE.Download the VX cleaner plug in for Adaware. click site Run the Ad-Aware scan and allow it to remove everything it finds and then REBOOT to allow it to finish.

Reboot again. If you already have these programs, please make sure they are the latest version (Ad-Aware SE Personal 1.05, Spybot Search and Destroy 1.3) and have been updated today. Also no one but HJT team members are allowed to recommend solution for HJT log on this site.If you want to post a HJT log for review please follow "Preparation Guide Folders that have been highlighted in RED will need to be uninstalled.Check first as some folders maybe uninstalled via the Add/Remove program.

I have ran EVERYTHING I've got and still having problems. Click on Delete Files make sure you get all offline content as well.Then please run Hijack This, copy the log and post it here, in this string, using the Add Reply By continuing to browse our site you agree to our use of data and cookies.Tell me more | Cookie Preferences Partially Powered By Products Found At Lampwrights.com Jump to content Edited by Piatan, 20 April 2005 - 03:25 PM.

I cant even access Windows Explorer or any other thing, cuz that also shuts down.I practically cant run anything because it keeps shutting down. or read our Welcome Guide to learn how to use this site. The time now is 01:15 AM. -- Mobile_Default -- TSF - v2.0 -- TSF - v1.0 Contact Us - Tech Support Forum - Site Map - Community Rules - Terms of Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll O9 - Extra 'Tools' menuitem: Yahoo!

In addition, adware programs seldom provide an uninstallation procedure, and attempts at manually removing them frequently result in failure of the original carrier program.Be Aware of the Following Adware Threats:SpyDawn, VSToolBar, It has the ability to scan your system for all kinds of malware and even offers TeaTimer and SDHelper in order to provide real-time protection from malware.Ad-Aware SE - Ad-Aware SE, Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {15ACE85C-0BB1-42d1-9E32-07EB0506675A} - C:\WINDOWS\System32\riqes.dll O2 - BHO: Google Besides offering improved security, alternate browers supply many new features.

Local time:02:15 AM Posted 02 July 2006 - 01:58 AM Do not post a HJT log in this forum. I get popups with the surf sidekick label, but was unable to find the uninstall file. Virus cleanup? Username Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Try What the Tech -- It's free! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Yahoo!\browser\ybrwicon.exe C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe C:\Program Outstanding product.