Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SurfSideKick

Started by thomas_nystrand , Feb 19 2007 09:59 AM

  • Please log in to reply

#1
thomas_nystrand
Posted 19 February 2007 - 09:59 AM

thomas_nystrand

    New Member

  • Member
  • Pip
  • 1 posts
I don't konw very much about computers so pease have patience,
I have now tried to remove surfsidekick with several applications for ages.
Mostly the different spyware scans can not even detect the malfunction, only zero spyware did so,
which I pereferebly don't want to buy.
The question is if there is any way of removing it without buying such a program and how if that is the case.
I would be most satisfied with any help by now since I am getting frustrated.
I tried to google the problem and found some suggested ways, but none worked.
When checking the \networkservice\lokala inställningar\temporary internet files\ deriectory, where it
supposebly should be it is empty.

This is my hijack logfile over running procsses(I can't find the surfsidekick here either):

Logfile of HijackThis v1.99.1
Scan saved at 16:47:39, on 19/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program\FBM Software\ZeroSpyware\ZeroSpyware.exe
C:\Program\Download\AVG Anti-Spyware 7.5\guard.exe
C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe
C:\Program\FBM Software\ZeroSpyware\FileDeleter.exe
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\FSGK32.EXE
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fssm32.exe
C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe
C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE
C:\Program\Telia\Telias sakerhetstjanster\Common\FSMB32.EXE
c:\Program\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe
C:\Program\Telia\Telias sakerhetstjanster\Common\FCH32.EXE
C:\Program\Spyware Doctor\sdhelp.exe
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsqh.exe
C:\Program\Telia\Telias sakerhetstjanster\Common\FAMEH32.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsrw.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsav32.exe
C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe
C:\WINDOWS\System32\alg.exe
C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program\Java\jre1.5.0_10\bin\jusched.exe
C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE
C:\Program\Telia\TELIAS~1\ANTI-S~1\fsaw.exe
C:\Program\Telia\Supportassistent\bin\tgcmd.exe
C:\Program\SPYWAREfighter\spftray.exe
C:\Program\Telia\Telias sakerhetstjanster\FSGUI\fsguidll.exe
C:\Program\SPYWAREfighter\spfprc.exe
C:\Program\Download\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program\intern~1\iexplore.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\Program\Creative\MediaSource\CTCMS.exe
C:\Program\Creative\MediaSource\Detector\CTDetect.exe
C:\program files\tcltutor\tutor.exe
C:\Program\Download\DC++\DCPlusPlus.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program\Download\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell...gen/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell...gen/default.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program\SPYWAR~3\tools\iesdsg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\Telia\Telias sakerhetstjanster\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\Telia\Telias sakerhetstjanster\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [tgcmd] "C:\Program\Telia\Supportassistent\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program\SPYWAREfighter\spftray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program\Download\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ZSScheduler] RunDll32.exe "C:\Program\FBM Software\ZeroSpyware\ZSScheduler.dll", runScheduler C:\Program\FBM Software\ZeroSpyware\
O4 - HKCU\..\Run: [stop dumb] C:\DOCUME~1\THOMAS~1\APPLIC~1\ARMYCO~1\move test file.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Telias säkerhetstjänster.lnk = C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\Program\fspex.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Blockera detta popup-fönster - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: Anpassa RF menu - file://C:\Program\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fyll i formulär - file://C:\Program\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RF verktygslist - file://C:\Program\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Spara formulär - file://C:\Program\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program\SPYWAR~3\tools\iesdpb.dll
O9 - Extra button: IE-sköld - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-sköld... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\Anti-Spyware\ieshield.dll
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1168004061000
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program\Download\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Telias säkerhetstjänster (BackWeb Plug-in - 7836882) - BackWeb Technologies Inc. - C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe
O23 - Service: ZeroSpyware FileDeleter (FileDeleter) - FBMSoftware - C:\Program\FBM Software\ZeroSpyware\FileDeleter.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\Telia\Telias sakerhetstjanster\backweb\7836882\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program\Intel\NCS\Sync\NetSvc.exe
O23 - Service: PurgPro XP Service (PurgProService) - Unknown owner - C:\Program\PurgeIE\PurgPro_Service.exe (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program\Spyware Doctor\sdhelp.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program\SPYWAREfighter\spfprc.exe

Thank you for any help.

// RML
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP