Solved

HELP!! Surf Sidekick 3 is screwing up my 200 server machine and I can't remove it! What should i do?

Posted on 2006-06-09
10
328 Views
Last Modified: 2010-04-11
hey guys my boss's kids were looking at porn on the server computer which they have repeatedly been told not to use.  anyway they got some spyware on there called surf sidekick 3 and i can't get it off.  I even tried deleting the registry keys but they keep coming back.  Windows defender can't remove it either.  Now It is displaying error messages when it boots up.  It says one or more drivers or services failed to start check event log.  When i check the even log it says the lpd service failed to start and it also says something about the network adapter not working.  The internet has stopped working even though it is showing an open connection with the router and the device manager says the network adapter is working properly.  What should i do?
0
Comment
Question by:danielwebb
  • 4
  • 3
10 Comments
 
LVL 2

Expert Comment

by:EECDML
ID: 16871235
If you can still use task manager, close every process that looks a bit sus', or that you know is not suppose to be running.  

If they keep loading when you close them, take note of the name of the process EXE file, locate it on the computer, then restart in safe mode and delete the file(s).

Find the process's location by checking the run keys in the registry, the startup folder in the start menu, or the file WIN.INI in the Windows folder.

Most of this scumware will not load in safe mode, allowing one to remove all traces of it from the computer.
0
 

Author Comment

by:danielwebb
ID: 16871720
how do i start windows 2000 in sagfe mode?
0
 
LVL 2

Expert Comment

by:EECDML
ID: 16871777
I have booted most Windows to safe mode at one time or another, but not 2000...does F8 before the splash screen work?
0
 

Author Comment

by:danielwebb
ID: 16871977
ok i booted in safe mode and it is still not letting me delete the file.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:danielwebb
ID: 16872007
it says there has been a sharing violation and that the source or destination file may be in use
0
 
LVL 2

Expert Comment

by:EECDML
ID: 16872026
Which file is it?
0
 
LVL 2

Accepted Solution

by:
EECDML earned 63 total points
ID: 16872965
Some spyware/viruses will take-over actual Windows files.

I have personally seen spyware take-over the Windows Automatic Update service on a computer.  When it happened...stopping, disabling, deleting files...all failed to remove it, even in safe mode, the spyware was still popping-up all over the place.  The more I attempted to remove it, the more the Windows installation became corrupt.  If a piece of spyware is still being ran in safe mode and cannot be closed or deleted; your best bet is to clear the drive (or partition) and reinstall Windows.

In your case, with a server, even if you do get the spyware removed, it could have left traces behind and could've caused damage in areas you don't know of, it would be the best option for Windows to be put on as a new installation, this will ensure no future problems arise from the spyware having been on the system.
0
 
LVL 47

Assisted Solution

by:rpggamergirl
rpggamergirl earned 62 total points
ID: 16873214
If the Uninstaller via Add/Remove programs does not work then do this:

1. Download Brute Force Uninstaller to your desktop.
http://www.merijn.org/files/bfu.zip
Right click the file on your Desktop, and choose Extract All.
Click Next.
In the box to choose where to extract the files to:
Click Browse.
Click on the + sign next to My Computer
Click on Local Disk (C:) or whatever your primary drive is.
Click Make New Folder
Type in BFU
Click Next, and uncheck the Show Extracted Files box and then click Finish.


2. Download sidekickFix.bat (rightclick on that link and choose save as)
http://downloads.subratam.org/Lon/sidekickFix.bat
Place sidekickFix.bat in your C:\BFU - folder. (Important!)
Close all browsers and explorer folders.
Double-click on sidekickFix.bat
Click Yes and follow the prompts, when prompted to restart the PC please do so.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now