Hello Joe,
I just got back from work and finished what you told me to do so here is the report from the website... and the hijackthis log. Also I found some names in the add/remove and i'm not really sure what they are ... such as broadjump client foundation, DA920EN, Easy-WebPrint, Modem Helper, Quicklinks. I need your advice what to do with them.

Those are all legit , but im not 100% sure about the last one.


DA920EN
Dell AIO Printer A920

broadjump client foundation
program is a tool used to diagnose problems when attempting to install a new broadband connection to the internet.

Easy-WebPrint
Canon Easy-WebPrint toolbar software

Modem Helper
a 'Stand alone' modem test and repair tool integrated onto your system

Quicklinks
Seems to be a p2p related plugin of some sort , not sure though.
http://coranto.gweilo.org/go/download/addons/quicklinks





Download Smitrem to your desktop
http://noahdfear.geekstogo.com/click...click.php?id=1
Run the installer and then press Start to Extract the
files to the desktop, Do not run it yet.


Download Pocket Killbox:
http://www.atribune.org/downloads/KillBox.exe

Then boot in safemode again

Run SmitRem:

Open the SmitRem folder and double click the "RunThis.bat"
file to start the tool , Follow the prompts on
screen. Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of the drive that you ran the batch file on, eg; Local Disk C: or partition where your operating system is installed. Please attach this log to your next reply


And fix these lines with hjt in safemode:
(if still present)

And manually delete the files in bold.



Start Killbox and place a tick next to [x]delete on reboot.
And press the "all files" button. (just above the yellow triangle)
Copy this list into the windows clipboard:


C:\Documents and Settings\Felma\My Documents\Startup\Zeno.lnk
C:\WINDOWS\SYSTEM32\unPPC.exe
C:\WINDOWS\gimmygames.dat
C:\PROGRAM FILES\COMMON FILES\VCClient
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\NetMon
C:\PROGRAM FILES\COMMON FILES\Windows

Back in Killbox go > file > paste from clipboard,

Click the red highlighted X button and say yes to the prompt, then click OK.
Exit Killbox and restart your PC.


After that please post the Smitrem log plus a new hjt log.



You will need to reload your wallpaper as the SmitRem
tool will reset it, you can do this by right clicking
desktop and choosing properties, First check Theme and
set it to Windows XP then click the Desktop tab and
choose the one you want to use and press apply.

I hope I followed the instruction right. Here is the two logs you requested. :read2:

Looking pretty good , boot in safemode again and fix these with hjt:


And post a new log again to check please.

Hello...Here is the log... so am I almost clean?

Well , almost. But the last dont seem to go away.. There still there.

Normally the smitrem would remove the Vcclient/surfsidekick infection , but since Ewido removed most of it already , the smitrem doesn't see the remaines of it im afraid.

Please run this regfix by unzipping it and double clicking on it and allowing it to merge with the registry , and then try to fix those entry's with hjt again:

Okay I did what you told me to do.. and used hijackthis again to delete the other files... here is the log... Thank you so much for taking your time and helping me out. I'll try and donate later on once my pc is fully clean :grin: