After playing around a bit more with Surf Sidekick 3, you may be able to get rid of it fairly easily even if you do not have an option for it in your add/remove programs control panel.
Simple click on start, then run, and type :
C:\Program Files\SurfSideKick 3\Ssk.exe /u
Then press the OK button. It should start the uninstall procedure. If it asks you to type in the code that is displayed, please do so and reboot. The program “should” be uninstalled now.
I thought I would take some time out of working on BC and start trying to figure out a fix for an annoying adware called Surf Sidekick 3. This bugger comes in two flavors; easy to remove and very very very annoying to remove. For the easy method you just have uninstall it via add/remove programs. For the hard method, there is no add/remove option and your stuck with the sucker.
The latest incarnation of this programs will install a dll in your %System% folder called repairs.dll or repairsrandom-number.dll which is started via the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Any dll listed in that key will load when a program that requires user32.dll is launched. The problem is that almost every Windows program requires user32.dll, so therefore, this repairs.dll file is loaded in almost all of your running processes. As you can imagine this file would now be very difficult to remove considering that it is loaded in almost every running process on your computer. This key also loads in safe mode, so simply booting into safe mode and clearing the key does not help either.
The repairs.dll is basically a protector program. It monitors itself and the other programs associated with this program listed in the registry and makes sure it stays there. If it detects that a registry key under its protection is removed, it adds it back. So the key to removing this infection, is to get rid of the file loaded in the AppInit_DLLs key.
Unfortunately, I have not been able to find a good tool that I can use to automate the killing of the repairs.dll module from each running process, and the method that can be used, can not be automated nor explained too well for the basic user.
So for now the ways to fix this adware are the following:
1. Uninstall via Add/Remove Programs if your lucky.
2. If Windows is loaded on a FAT partition, then you can simply reboot via a bootdisk and delete this file as well as the folder c:\program files\surf sidekick 3\.
3. If Windows is loaded on a NTFS partition, then you need to create a boot cd like BartPE and delete the dll and c:\program files\surf sidekick 3\
If I come up with an automated fix I will let everyone know.
Security news and information