Home > General > Pop-Ups/SurfSideKick


Post the contents of the ActiveScan report In your next post, please include new hijackthis log ewido log panda log Edited June 23, 2006 by agrarianmonk Share this post Link to c. Several functions may not work. Do NOT copy and paste the entire mwav log, only the text from the lower pane!

Step 1. If you use Firefox: Click Firefox at the top and choose: Select All Click the Empty Selected button. And it is highly recommended to keep a powerful anti-virus like Spyhunter on the computer to remove and block viruses. Instructions can be found here. ** These files are hidden to stop you accidentally removing something important. http://www.bleepingcomputer.com/forums/t/63452/popups-surfsidekick-and-assorted-delights/

I want to get it cleaned up before that. Download "FindnFix.exe" from here. 3. I now get the blue screen of death internittantly as RUNDLL fails to load both w0338209.dd and w031b1fc.dll. Please see Hijack this log Share Options Subscribe to RSS Feed Mark Topic as New Mark Topic as Read Float this Topic to the Top Bookmark Subscribe Printer Friendly Page All

  1. KillBox the following files: c:\windows\system32\psic1.dll c:\windows\system32\UnIrimon.exe c:\windows\system32\winupdt.bin C:\Documents and Settings\Lisa\Local Settings\Temporary Internet Files\Ssk.log C:\Documents and Settings\Lisa\Application Data\Lycos C:\Documents and Settings\Lisa\Local Settings\Temp\!update.exe Reboot.
  2. Ex: read only files, s/h files, last modified date.
  3. Lisadk, Jul 5, 2006 #21 Cheeseball81 Moderator Joined: Mar 3, 2004 Messages: 84,310 Run ActiveScan online virus scan: http://www.pandasoftware.com/products/activescan.htm Once you are on the Panda site click the Scan your PC
  4. Victim: "PC on bootup is very slow.
  5. Does the message indicate the problem is with the "Autoexec.nt" file and not another file? 0 Kudos Posted by SusanLeah ‎04-14-2005 12:05 PM Contributor View All Member Since: ‎03-21-2004 Posts: 48
  6. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates,
  7. will i have to reinstall xp?
  8. Please click Next and exit.
  9. For more detailed instructions please see this link: How do I boot into "Safe" mode?
  10. This key has 0 subkeys.

If you don't have sufficient expertise in dealing with the manual removal,InstallSpyhuntercan be your better choice. Should you wish to benefit from the real-time protection, you will need to upgrade the program. That and not running an anti-virus program or a firewall! Keep receiving News.net pop-up ads?

Run HijackThis and post another log. 0 Kudos Posted by SusanLeah ‎04-11-2005 12:52 AM Contributor View All Member Since: ‎03-21-2004 Posts: 48 Message 3 of 12 (272 Views) Re: pop ups Digital Media Edition Installer Microsoft Plus! Copyright Dennis Publishing 2010, All rights reserved Browse Register · Sign In Español Sign In Welcome to Comcast Help & Support Forums Find solutions, share knowledge, and get answers from http://www.wiki-security.com/wiki/Parasite/SurfSideKick/ And it is made to be distributed through a pay-per-install bundle.It often comes as bundled to certain freeware.

NOTE: If you would like to keep your saved passwords, please click No at the prompt. What should be done to remove this thing from your computer? Please see Hijack this log Options Mark as New Bookmark Subscribe Subscribe to RSS Feed Highlight Print Report Susan, You can also try this to fix the Autoexec.nt error: http://www.visualtour.com/downloads/xp_fix.exe 0 Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".

Select the Safe Mode option and press Enter. http://www.spywareinfoforum.com/topic/75791-amaena-surf-sidekick-and-other-popups/ Step 4.RegCure Pro will open automatically on your screen. Instead of Windows loading as normal, a menu should appear Select the first option, to run Windows in Safe Mode. *************************************** IMPORTANT: Do not open any other windows or programs while The readers of this article should not mistake, confuse or associate this article to be an advertisement or a promotion of SurfSideKick in any way.

It's my family's computer so someone else may have installed these.   Here is Hijack this log:   Logfile of HijackThis v1.99.1 Scan saved at 12:36:19 AM, on 6/24/2006 Platform: Windows I have SpySweeper, along with Norton Antivirus and the Windows Security. Find.bat is running from: C:\Program Files\FindIt\Find It NT-2K-XP\Find It NT-2K-XP ------- System Files in System32 Directory ------- Volume in drive C is HP_PAVILION Volume Serial Number is BC9E-7CA7 Directory of C:\WINDOWS\System32 Here is the whole logfile of HijackThis - TimLogfile of HijackThis v1.99.1Scan saved at 1:14:18 AM, on 1/7/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exeC:\Program Files\ewido\security suite\ewidoctrl.exeC:\WINDOWS\wanmpsvc.exeC:\WINDOWS\swcpzix.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\dla\tfswctrl.exeC:\Program

Yes you can remove the SurfSideKicks line: ---> R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll (file missing) 1. It is advisable to hide them again after fixing your computer. ** 4) You will need to know how to boot into Safe Mode. Once I have the entire log, I will begin working on your log, as soon as another staff member reviews it I'll post a reply. -Ryan 0 #3 timmyj Posted 07 Remove adclick.g.doubleclick.net Pop-up Completely From the Browser I get adclick.g.doubleclick.net.

In the final window, click on Finish You should now see the contents of the bfu folder - BFU.exe. Please find the instruction as follow. However, as the real-time protection may interfere with the fixing of your PC, this function will have been disabled as long as you followed the installation instructions correctly.

SurfSideKick is an adware application that shows commercial advertisements and pop-ups, changes web browser's default error page, modifies search settings and opens marketing and advertising web sites.

Please see Hijack this log Options Mark as New Bookmark Subscribe Subscribe to RSS Feed Highlight Print Report Here is the FixIt log. Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More... Irritated With WebCake?(Manual Removal Instructions) What is WebCake? C:\WINDOWS\rarpxxsu.dll -> Adware.BookedSpace : Cleaned with backup (quarantined).

Detect and remove the following SurfSideKick files: Processes ssk.exesskupdater.exebk.exeSurfSidekick.exesskb5[1].exe DLLs sskcore.dllsskbho.dllrepairs303169590.dllSskknwrd.dllSskuknwrd.dll Other Files SurfSideKick 3SurfSideKick 2 Registry Keys HKEY_CURRENT_USERSoftwareSurfSideKick[XVS]HKEY_LOCAL_MACHINESOFTWARESurfSideKick[XVS]000AB0005-FF12-42C2-8DF5-39E12E5F9C9102EE5B04-F144-47BB-83FB-A60BD91B74A9CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunSurfSideKickHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunSurfSideKickHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSurfSidekickHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSurfSidekick_is1Software\Microsoft\Internet Explorer\URLSearchHooks\02EE5B04-F144-47BB-83FB-A60BD91B74A9Software\Microsoft\Internet Explorer\UrlSearchHooks\_CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076Software\Microsoft\Internet Explorer\UrlSearchHooks\CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076SurfSideKick3Microsoft\Windows\CurrentVersion\App Management\ARPCache\Surf SideKickSurfSideKick2 External links If you believe your computer C:\WINDOWS\system32\Fоnts\__delete_on_reboot__e_x_p_l_o_r_e_r_._e_x_e_ -> Adware.ClickSpring : Cleaned with backup (quarantined). Games2006-07-19 00:08 -------- d-------- C:\Documents and Settings\Administrator\Application Data\Motive2006-07-11 18:20 -------- d-------- C:\Program Files\FunWebProducts2006-07-11 14:08 -------- d-------- C:\Documents and Settings\Administrator\Application Data\AdobeUM2006-06-15 17:55 778240 --a------ C:\WINDOWS\system32\divx_xx0c.dll2006-06-15 17:55 778240 --a------ C:\WINDOWS\system32\divx_xx07.dll2006-06-15 17:55 761856 --a------ Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe O4 - Global Startup: Compaq unknown/hidden files... »»»»» (*4*) »»»»»......... Download sidekickFix.bat (rightclick on that link and choose save as) Place sidekickFix.bat in your C:\BFU - folder. (Important!) Close all browsers and explorer folders. d:Delete all the related registry entries Press Windows+R to launchRun…-> type Regedit into Open box and click OK to open Registry Editor-> find out all registry entries above and delete them

size, etc. I ran SpyBot Search & Destroy to no avail. Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Right click the file on your Desktop, and choose Extract All.

Cheeseball81, Jul 6, 2006 #27 Lisadk Thread Starter Joined: Nov 8, 2005 Messages: 167 Here is the log: WARNING: not all files found by this scanner are bad. The time now is 10:16.

-- Default Style ---- Alt Blue Theme ---- Alt Grey Theme Contact Us - Web User - Archive - Privacy Statement - Top Click on Run Scan Now. Consult with a knowledgable person before proceeding.

i'd (of course) rather not reinstall incase my girlfriend's software stuff gets cut off, or the darn thing wipes the drive or something horrible like that. Everyone else please begin a New Topic. 0 Back to Virus, Spyware, Malware Removal · Next Unread Topic → Similar Topics 0 user(s) are reading this topic 0 members, 0 guests, Post a new HJT log, the Ewido log AND a description of how your PC is running. __________________ Team Numpty - Poking a finger in the eye of malware since a When it finishes, put an X in the boxes, only next to these following itemsO2 - BHO: (no name) - {279A1B41-6CAC-4ABF-B39C-72C8E489F685} - (no file)O2 - BHO: (no name) - {6001CDF7-6F45-471b-A203-0225615E35A7} -

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0JGZ4REB\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup (quarantined). Close ewido Then, please go to Start > My Computer and navigate to the C:\BFU folder. Thanks so much for your help! 0 Kudos Posted by SusanLeah ‎04-12-2005 04:21 PM Contributor View All Member Since: ‎03-21-2004 Posts: 48 Message 9 of 12 (272 Views) Re: pop ups