Page 3 of 3 FirstFirst 123
Results 21 to 27 of 27

Thread: windowsclick.com redirect (UACd.sys.trojan) removal

  1. #21
    Junior Member
    Join Date
    Mar 2009
    Location
    New Castle, Delaware
    Posts
    5
    Thanks all.

    yes I could run online scans. I have now been virus free for about 2 days. I dumped almost all my backup files on my external except for a few that I cannot easily replace since they were not stored anywhere but my H drive, and ran independent scans on each of those areas. Evidently something was hiding in my H drive, re"infecting" my Gateway.

    All of the scans (when H drive was disconnected) came up clean, as in all zeros...BUT when I hooked back up my H drive, the windowsclick came back even thought the C drive came up clean. The H drive would fireup even when not engaged (the light would brighten and I could hear it "thinking").

    Thanks again!!!!

  2. #22
    Junior Member
    Join Date
    Jul 2009
    Posts
    1
    Just registered specifically to say thanks for the info. I used billybobbubba's method and went with combofix first. Worked like a charm. I'd say try that first, then the manual method as you have nothing to lose.

  3. #23
    Junior Member
    Join Date
    Jul 2009
    Posts
    1
    registered to say thanks to NukEvil - I tried the other methods, but the file did not show up in my hidden drivers list and whenever I tried to run combo fix, my computer would just shut down - even after renaming the exe. NukEvils method did the trick - I was able to run Malwarebytes after disabling the uac file and Avira found all the infected dll files and removed them. THANKS NukEvil.

  4. #24
    Junior Member
    Join Date
    Aug 2009
    Location
    USA
    Posts
    1

    windowsclick.com redirect (UACd.sys.trojan) removal

    A quick scan with Malwarebytes and a full scan with an updated Norton both come up clean. Google works (ie, no more redirecting).

    Now the fun part…

    1. Was I infected with something that steals passwords or enables another use to control my computer such as a backdoor trojan?
    2. Is my computer now clean? Can I use it for online banking? Or is it permanently compromised (until I reformat)?
    3. Is it prudent to reformat?
    4. In the process of cleaning, I tried a system restore at one point, though it was blocked from working. I’ve read that the trojan can be backed-up by system restore. Should I turn off system restore, thereby deleting all saved versions to ensure the Trojan isn’t saved, and then turn it back on again?
    5. The original operating system is on my E: drive, I believe portioned away from the rest. Could that have been infected?

  5. #25
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Well its very hard to say ...

    You will never be truly clean until you format...

    Just make sure you have some soft of firewall / AV running.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #26
    Junior Member
    Join Date
    Sep 2009
    Posts
    1
    Had a Vista system with this same "condition", full of UAC<xxxxxxxxx>dll files which AVG picked up and killed off, but it wouldn't touch or couldn't find the main driver (as per design of the trojan and the nature of a rootkit).

    As suggested I tried ComboFix.exe but it wouldn't run. Nor would MalwareBytes AntiMalware, AdAware, HijackThis or anything else useful in killing it off. Internet Explorer ran though.

    It wasn't until I renamed ComboFix.exe to something more random than just Combo-Fix.exe that it could actually do anything.

    1 reboot later and all looked well. Got MBAM to do a full scan overnight and that found nothing. CPU use dropped from min. 55% to min. 0%.

    All sorted! (6 hours trying, though!)

  7. #27
    Junior Member
    Join Date
    Oct 2009
    Posts
    1
    I had to register to make this post. Thank you so much to Big T on the first page. Avenger + MalwareBytes seems to have solved the issue. I feel so much better because I thought I had messed up a work computer. We're not supposed to use that computer for crap, and I made a stupid, unthoughtful, and lazy mistake when I was using it.

    Anyways, thanks so much for your post and if anyone else has the same problem (can't get antispyware to load, UPC crap, etc) this thing definitely works. Thanks so much guys!

Similar Threads

  1. A Detailed Malware Removal Guide
    By CyberB0b in forum The Security Tutorials Forum
    Replies: 20
    Last Post: August 15th, 2008, 11:07 AM
  2. GP Folder Redirect problem
    By cheyenne1212 in forum Microsoft Security Discussions
    Replies: 9
    Last Post: July 24th, 2007, 03:30 PM
  3. Malware Removal
    By alakhiyar in forum The Security Tutorials Forum
    Replies: 1
    Last Post: December 17th, 2006, 11:31 AM
  4. Spyware and Virii removal, the tools and the works
    By Kamikaze Badger in forum The Security Tutorials Forum
    Replies: 5
    Last Post: August 18th, 2004, 10:01 PM
  5. MY trojan removal guide
    By khakisrule in forum The Security Tutorials Forum
    Replies: 7
    Last Post: July 10th, 2002, 02:34 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •