ad.firstadsoultion.com/hijack log

Status
Not open for further replies.
OK, this next fix should do it

Download look2me

http://www.atribune.org/content/view/28/

run the program; A log will open when your pc has been restarted, post it.

after you post a log and I check it, use the program below

Rightclick on this link and choose save target as, save sidekickFix.bat to that BFU folder.
====
http://downloads.subratam.org/Lon/sidekickFix.bat
====
Close all browsers, explorer folder's then Run sidekickFix.bat
Choose yes and fallow the prompts, when prompted to restart the PC do so.

Also make sure Adwatch is not on in Adaware, if it is on, stop it

This should be the end of this :)
 
ok i downloaded the sidekick.bat but where do i find BFU and what is it? otherwise the .bat program isn't doing anything without te bfu deal.
 
Warez Monster said:
OK, this next fix should do it

Download look2me

http://www.atribune.org/content/view/28/

run the program; A log will open when your pc has been restarted, post it.

after you post a log and I check it, use the program below.
Click to expand...

dfactor
ok i downloaded the sidekick.bat but where do i find BFU and what is it? otherwise the .bat program isn't doing anything without te bfu deal.
Click to expand...

You were supposed to download look2me first and post your log.
 
ok here is the look2me log

Look2Me-Destroyer V1.0.12

Scanning for infected files.....
Scan started at 7/27/2006 9:22:01 AM


Attempting to delete infected files...

Making registry repairs.


Restoring Windows certificates.

Replaced hosts file with default windows hosts file


Restoring SeDebugPrivilege for Administrators - Succeeded
 
If they exist, Look for and uninstall the following entries if found in the Add/Remove Programs window.

Surf Sidekick
Surf Sidekick 2
Surf Sidekick 3

It may prompt about whether or not you are sure you want to remove this program. Reply Yes to this prompt. It will then uninstall the program.

If there is no Add/Remove Programs entry for this programs, click on Start, then Run and type the followin in the Open: field:

C:\Program Files\SurfSideKick 3\Ssk.exe /u

and press the OK button. A code will be displayed that it will ask you to enter. Enter this code and reboot. Once back to your desktop continue with the rest of the fix.


Navigate to the c:\hijackthis directory and double-click on HijackThis


When the program starts, double-click on the HijackThis icon and then click on the Scan button.


Put a checkmark next to the following entries if they exist:

R3 - URLSearchHook: (no name) - {000AB005-FF12-42C2-8DF5-39E12E5F9C91} - (no file)
R3 - URLSearchHook: (no name) - {000AB005-FF12-42C2-8DF5-39E12E5F9C91} - C:\Program Files\SurfSideKick\SskBho.dll
O4 - HKLM\..\Run: [SurfSideKick] C:\Program Files\SurfSideKick\Ssk.exe
O4 - HKCU\..\Run: [SurfSideKick] C:\Program Files\SurfSideKick\Ssk.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O20 - AppInit_DLLs: repairs.dll
O20 - AppInit_DLLs: repairs302972943.dll


Then click the Fix button


Exit HijackThis.


Reboot your computer


Delete the following directories if they exist:

C:\PROGRAM FILES\SurfSideKick
C:\Program Files\SurfSideKick 3\
C:\Program Files\Common Files\VCClient\


Search for the following files and if found delete them:

Sskknwrd.dll
Ssk.log
SskUpdater.exe
Ssk.exe

After you perform that do the following below

Please download Brute Force Uninstaller to your desktop.

http://www.majorgeeks.com/Brute_Forc...BFU_d4714.html

Right-click the BFU folder on your desktop, and choose Extract All
Click "Next"
In the box to choose where to extract the files to,
Click "Browse"
Click on the + sign next to "My Computer"
Click on "Local Disk ( C: )" or whatever your primary drive is
Click "Make New Folder"
Type in BFU
Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
http://downloads.subratam.org/Lon/sidekickFix.bat and choose "Save As" (in IE it's "Save Target As") in order to download SideKickFix

Save it in the same folder you made earlier (C:\BFU).

Close ALL open windows & explorer folder's, then double-click on sidekickFix.bat. Click YES and follow the prompts, when prompted to restart the PC please do so.

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

And also run Cleanup!
Ewido
Adware

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Quote:
Temporary Files
Temporary Internet Files
Recycle Bin


And Click OK.

Reboot to Normal Mode.

Post a fresh HijackThis log.
 
ok when i opened the internet i got hit with 5 more popups but that surf **** is gone!!

here is the new log.


Logfile of HijackThis v1.97.7
Scan saved at 11:03:07 AM, on 7/27/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lexmark 7100 Series\ezprint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\hijackthis\hijackthis.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7100 Series\ezprint.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adapter Utility.lnk = C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38490.7843171296
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
G
Computer slow and work in background
Replies
0
Views
3K
grecycle99
G
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
M
computer suddenly slowed down.
Replies
0
Views
3K
mike3dp
M
N
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding"
Replies
0
Views
4K
nev
N
Back
Top Bottom