Just wanted to say a big thank you to NukEvil and others for clear, precise, simple no-nonsense instructions on how to get rid of windowsclick trojan. Process worked a treat! Thanks! :)
Printable View
Just wanted to say a big thank you to NukEvil and others for clear, precise, simple no-nonsense instructions on how to get rid of windowsclick trojan. Process worked a treat! Thanks! :)
Hi all, I do helpdesk on State Applications, and work as a liason and am not a techie person. My State pays State emps and contractors to do that kind of stuff.
This is my home PC that is having the problem with Windowsclick, a very old 40 gig Gateway that used to run like a charm.
I have this malware and I stayed up really really late last night trying to get rid of it, :fpissed: safe mode did not work, 4 different malwares including spybot and malbytes (sp??). I finally gave up. Did find some viruses and trojans that got past my AVGfree. :drink:
Someone posted about downloading to another Computer and e-mailing the anti-malware.
:confused: If I download the malware from my laptop, is it OK to download it to my external HD? Reconnect the external HD to the infected machine and run it from there? :confused:
Thanks for any help, my wall paper is getting lighter and lighter...
Seems that Google has indexed this thread..
Anyways, remelian, I assume you've read this thread? If so, did you try the Recovery Console method, or renaming the anti-malware program?
Windowsclick is rather easy to remove after you've found an easy way to remove it.
I tried renaming 2 of the anti malwares. That did not allow them to work either.
This is running XP 2002, so finding any disc is going to be a challenge, buried somewhere in this room...I bought this right before Gateway gave up their brick and Mortar stores. It has served me well, Fire dog guys were suprised how fast it booted when I added memory last year...So I would like to keep it running and NOT depend on my Viao with Vista :argue: I really hate Vista. My Viao stuff and my EEEP stuff will not work.
yes I found you all through Google.
I am getting ready to download to my Viao, one of the techies at work warned me that since my external HD has been hooked up to my Gateway, it could be infected too. I have a 40 gig external HD for my EEEP (it has like 12 gig, so if I want my music camping it has to be on an external HD) so I can download the set up through my Viao into my mini external HD, I hope.
Disable System Restore, dump AVG and install Avira AntiVir instead.
Install Ccleaner (www.ccleaner.com) and manually delete as many
contents of temp folders as you can on that PC.
Update everything: SpyBot, MalwareBytes, AntiVir.
Then run 'em again.
If you are going to connect the external drive, make sure when you go to copy stuff that you do not open it by clicking the drive's icon, instead open my computer and click the Folder button above the addresse bar ;)
and on folders bar open the drive that way.
and when accessing the copied files on the infected machine do the same..
Avira sees it (well I can see the file as it cascades through) but does not trap it.
I think I have now the Cleanest registry in the State of DE...(private computer)...
Avira keeps trapping the same 2 things, one is a root kit.
t34b4g5, I did not know there was another way to get to the flash or external HD. There are no icons for the H drive (external) and G drive (flash) on my desk top. So I guess that is a good thing.
My work computer let me download the setups for malbytes and and something with the icon of a lion(???) onto my flash drive and let me change the names and the extension, but when I changed the extension, it did not recognize it. My brain is foggy with lack of sleep and all this technical stuff.
I did find my restore disc last night at the bottom of the software drawer, so if all fails, I will back all my music, and do a full disc restore. the rest is pretty well backed up or easy enough to re-down load, with the exception of my DVD Santa and ca couple of other paid with only one key things...most of what I have is free ware. I ahve not ahd to do that in years and years and never on this really reliable Gateway...teaches me NOT to be where I really should not be...
I ran Combofix and within seconds it ID'd a bunch of UACd files.
I completed the run, did what it said to do.
I rebooted.
Then went back into the internet. Nope windowsclick is still redirrecting.
I ran Avira, it picked up a root kit. I got rid of that (quarantined)
Then I re-ran Combofix, hard drive was clean.
I downloaded the root kit tool from Avira, that came up clean.
Went back into the internet, and got redirected again...methinks that it might be something in my external HD...I guess I need to wipe it clean since I cannot figure out how to get Combo fix to look at it.
I left for work running a full scan with Avira, I have my external HD and my flash drive being scanned in the full scan.
I defraged the C drive last night and where I had 24.7% free space on my C drive, I now have 37.8% free space, so I had a lot of junk that was removed. Malwarebytes removed one of my paid for antiviruses as a "rogue".
I have had this gateway since 2001, found files I installed back to there. It has seen Verizon internet and now Comcast, as well as a local ISP before I made the plung to Verizon. So this computer is like an old friend. Like an old friend, I hate when someone is sick...
I am going to dump all the files on the External HD and reload from the C Drive. I had EVERYTHING backed up including the hidden files. I also have a brand new 500 gig External, I may just try backing up into that and seeing what happens after a full scan.
Hmmm, are you able to run an online scan tool?
www.pandasecurity.com/activescan
Post the log here ...