Solved

HELP!! Surf Sidekick 3 is screwing up my 200 server machine and I can't remove it! What should i do?

Posted on 2006-06-09
10
329 Views
Last Modified: 2010-04-11
hey guys my boss's kids were looking at porn on the server computer which they have repeatedly been told not to use.  anyway they got some spyware on there called surf sidekick 3 and i can't get it off.  I even tried deleting the registry keys but they keep coming back.  Windows defender can't remove it either.  Now It is displaying error messages when it boots up.  It says one or more drivers or services failed to start check event log.  When i check the even log it says the lpd service failed to start and it also says something about the network adapter not working.  The internet has stopped working even though it is showing an open connection with the router and the device manager says the network adapter is working properly.  What should i do?
0
Comment
Question by:danielwebb
  • 4
  • 3
10 Comments
 
LVL 2

Expert Comment

by:EECDML
ID: 16871235
If you can still use task manager, close every process that looks a bit sus', or that you know is not suppose to be running.  

If they keep loading when you close them, take note of the name of the process EXE file, locate it on the computer, then restart in safe mode and delete the file(s).

Find the process's location by checking the run keys in the registry, the startup folder in the start menu, or the file WIN.INI in the Windows folder.

Most of this scumware will not load in safe mode, allowing one to remove all traces of it from the computer.
0
 

Author Comment

by:danielwebb
ID: 16871720
how do i start windows 2000 in sagfe mode?
0
 
LVL 2

Expert Comment

by:EECDML
ID: 16871777
I have booted most Windows to safe mode at one time or another, but not 2000...does F8 before the splash screen work?
0
 

Author Comment

by:danielwebb
ID: 16871977
ok i booted in safe mode and it is still not letting me delete the file.
0
New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

 

Author Comment

by:danielwebb
ID: 16872007
it says there has been a sharing violation and that the source or destination file may be in use
0
 
LVL 2

Expert Comment

by:EECDML
ID: 16872026
Which file is it?
0
 
LVL 2

Accepted Solution

by:
EECDML earned 63 total points
ID: 16872965
Some spyware/viruses will take-over actual Windows files.

I have personally seen spyware take-over the Windows Automatic Update service on a computer.  When it happened...stopping, disabling, deleting files...all failed to remove it, even in safe mode, the spyware was still popping-up all over the place.  The more I attempted to remove it, the more the Windows installation became corrupt.  If a piece of spyware is still being ran in safe mode and cannot be closed or deleted; your best bet is to clear the drive (or partition) and reinstall Windows.

In your case, with a server, even if you do get the spyware removed, it could have left traces behind and could've caused damage in areas you don't know of, it would be the best option for Windows to be put on as a new installation, this will ensure no future problems arise from the spyware having been on the system.
0
 
LVL 47

Assisted Solution

by:rpggamergirl
rpggamergirl earned 62 total points
ID: 16873214
If the Uninstaller via Add/Remove programs does not work then do this:

1. Download Brute Force Uninstaller to your desktop.
http://www.merijn.org/files/bfu.zip
Right click the file on your Desktop, and choose Extract All.
Click Next.
In the box to choose where to extract the files to:
Click Browse.
Click on the + sign next to My Computer
Click on Local Disk (C:) or whatever your primary drive is.
Click Make New Folder
Type in BFU
Click Next, and uncheck the Show Extracted Files box and then click Finish.


2. Download sidekickFix.bat (rightclick on that link and choose save as)
http://downloads.subratam.org/Lon/sidekickFix.bat
Place sidekickFix.bat in your C:\BFU - folder. (Important!)
Close all browsers and explorer folders.
Double-click on sidekickFix.bat
Click Yes and follow the prompts, when prompted to restart the PC please do so.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now