March 19th, 2009 10:42 PM
Just wanted to say a big thank you to NukEvil and others for clear, precise, simple no-nonsense instructions on how to get rid of windowsclick trojan. Process worked a treat! Thanks!
March 25th, 2009 05:20 PM
March 25th, 2009 06:35 PM
Seems that Google has indexed this thread..
Anyways, remelian, I assume you've read this thread? If so, did you try the Recovery Console method, or renaming the anti-malware program?
Windowsclick is rather easy to remove after you've found an easy way to remove it.
March 25th, 2009 09:11 PM
I tried renaming 2 of the anti malwares. That did not allow them to work either.
This is running XP 2002, so finding any disc is going to be a challenge, buried somewhere in this room...I bought this right before Gateway gave up their brick and Mortar stores. It has served me well, Fire dog guys were suprised how fast it booted when I added memory last year...So I would like to keep it running and NOT depend on my Viao with Vista I really hate Vista. My Viao stuff and my EEEP stuff will not work.
yes I found you all through Google.
I am getting ready to download to my Viao, one of the techies at work warned me that since my external HD has been hooked up to my Gateway, it could be infected too. I have a 40 gig external HD for my EEEP (it has like 12 gig, so if I want my music camping it has to be on an external HD) so I can download the set up through my Viao into my mini external HD, I hope.
March 25th, 2009 11:47 PM
Disable System Restore, dump AVG and install Avira AntiVir instead.
Install Ccleaner (www.ccleaner.com) and manually delete as many
contents of temp folders as you can on that PC.
Update everything: SpyBot, MalwareBytes, AntiVir.
Then run 'em again.
“Everybody is ignorant, only on different subjects.” — Will Rogers
March 26th, 2009 03:19 AM
If you are going to connect the external drive, make sure when you go to copy stuff that you do not open it by clicking the drive's icon, instead open my computer and click the Folder button above the addresse bar
and on folders bar open the drive that way.
and when accessing the copied files on the infected machine do the same..
March 26th, 2009 08:00 PM
Avira sees it (well I can see the file as it cascades through) but does not trap it.
I think I have now the Cleanest registry in the State of DE...(private computer)...
Avira keeps trapping the same 2 things, one is a root kit.
t34b4g5, I did not know there was another way to get to the flash or external HD. There are no icons for the H drive (external) and G drive (flash) on my desk top. So I guess that is a good thing.
My work computer let me download the setups for malbytes and and something with the icon of a lion(???) onto my flash drive and let me change the names and the extension, but when I changed the extension, it did not recognize it. My brain is foggy with lack of sleep and all this technical stuff.
I did find my restore disc last night at the bottom of the software drawer, so if all fails, I will back all my music, and do a full disc restore. the rest is pretty well backed up or easy enough to re-down load, with the exception of my DVD Santa and ca couple of other paid with only one key things...most of what I have is free ware. I ahve not ahd to do that in years and years and never on this really reliable Gateway...teaches me NOT to be where I really should not be...
March 27th, 2009 12:52 PM
I ran Combofix and within seconds it ID'd a bunch of UACd files.
I completed the run, did what it said to do.
Then went back into the internet. Nope windowsclick is still redirrecting.
I ran Avira, it picked up a root kit. I got rid of that (quarantined)
Then I re-ran Combofix, hard drive was clean.
I downloaded the root kit tool from Avira, that came up clean.
Went back into the internet, and got redirected again...methinks that it might be something in my external HD...I guess I need to wipe it clean since I cannot figure out how to get Combo fix to look at it.
I left for work running a full scan with Avira, I have my external HD and my flash drive being scanned in the full scan.
I defraged the C drive last night and where I had 24.7% free space on my C drive, I now have 37.8% free space, so I had a lot of junk that was removed. Malwarebytes removed one of my paid for antiviruses as a "rogue".
I have had this gateway since 2001, found files I installed back to there. It has seen Verizon internet and now Comcast, as well as a local ISP before I made the plung to Verizon. So this computer is like an old friend. Like an old friend, I hate when someone is sick...
I am going to dump all the files on the External HD and reload from the C Drive. I had EVERYTHING backed up including the hidden files. I also have a brand new 500 gig External, I may just try backing up into that and seeing what happens after a full scan.
March 28th, 2009 12:36 AM
Remelian try following this guide and let me know if it helps.
I think that you have a variant..
Originally Posted by t34b4g5
March 30th, 2009 08:16 AM
Hmmm, are you able to run an online scan tool?
Post the log here ...
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
By CyberB0b in forum The Security Tutorials Forum
Last Post: August 15th, 2008, 11:07 AM
By cheyenne1212 in forum Microsoft Security Discussions
Last Post: July 24th, 2007, 03:30 PM
By alakhiyar in forum The Security Tutorials Forum
Last Post: December 17th, 2006, 10:31 AM
By Kamikaze Badger in forum The Security Tutorials Forum
Last Post: August 18th, 2004, 10:01 PM
By khakisrule in forum The Security Tutorials Forum
Last Post: July 10th, 2002, 02:34 PM