CLCKM.COM or Click2Find removal

My sister managed to get a malware infection on my computer.  Now when I run any flash content with RealPlayer or Firefox, Internet Explorer 7 (which I don't use for anything unless I absolutely have to!) opens up to this link http://clckm.com/searchinfo?fp=%2F6aThAjcGiWQ2B1S%2BwFvKJtNupP6o2QUcZpyo46OY6d0VwjJ1OCfXWyCefua&pt=2&sp=2&vid=1201313561_3X01X1478346977&rpt=1&rm=1#

I have tried SpyBot, AdAware, avast!, an Kapersky online scan and walking through the registry all to no avail.  I'm not the brightest bulb in the box, but I've been doing IT support for 17 years and I can't manage to rid of this crap.  I see where someone else posted on EE trying to get help removing this and ended up loading a new image on the PC.  I hope someone here has better advice by now... anyway your help will be truly appreciated!

Thanks!
WTFDonAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

IndiGenusCommented:
It would help if we could see what was going on with your computer. I suggest that you download, run, and upload a HijackThis log from the link below.

http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php

Please do not post the log into the comment window. Use "Attach File" under the comment window to post the log.
0
WTFDonAuthor Commented:
As requested, here's a freshly created HiJackThis log file.  Thanks for the quick response!
hijackthis.log
0
IndiGenusCommented:
Not seeing anything evident from HJT? I recommend you run a Spyware scan with AVG and post the log that comes from it. Instructions on set up and run here:

http://www.anti-malwareoutlook.com/forum/viewtopic.php?f=14&t=9&sid=eb63f101d6ce3a7151f84359db630179
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

WTFDonAuthor Commented:
Hi IndiGenus, it appears to be fixed.  I followed the instructions from your link above and the problem still persisted.  Even though it's not still causing me any problem, I uploaded the AVG report and HJT log file for prosperity.

The malware had gotten itself attached to a flash player I had downloaded named flvplayer but was using RealPlayer to lauch IE 7 to the clckm.com webpage.  Here's how I got to my happy state:  I removed and re-installed Adobe Flash, no help.  I removed RealPlayer, no help.  I removed the flash player and associated .flv files back to Windows Media Player and instantly I was able to view flash videos without IE lauching the Click2Find crapware.  The file may still be on my computer somewhere but it seems that it is not actively working any more.  

Since your suggestion got me moving in the right direction and I'm not having any problem at this point, I'm accepting your solution.  Thanks for your help!
Report-Scan-20080126-124629.txt
hijackthis.log
0
WTFDonAuthor Commented:
IndiGenus, if you're able to find anything else that might lead to the name and location of the file, I'd love to hear from you.  Thanks again for your help.
0
IndiGenusCommented:
Hmm that is interesting, nice work on your part finding the problem.

Question, where did you get the flvplayer from? Was it from a "trusted source" or....?
0
IndiGenusCommented:
Not sure what the file is but you identified where it came from so I would make sure to avoid it in the future...

Good luck,
Dave
0
WTFDonAuthor Commented:
The player had been working on my PC for about a month before the malware "infected" it.  I wouldn't call it a trusted source since I downloaded it from download.com but I don't think it had any nasties in the beginning.  My sister who is not blessed with much common sense went to some get-rich-quick site and told my NoScript Firefox add-in to allow everything so she could watch a video and that's when my troubles started.  I'll forgive her one day :-)

Thanks,
Don
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Browsers

From novice to tech pro — start learning today.