We help IT Professionals succeed at work.

CLCKM.COM or Click2Find removal

My sister managed to get a malware infection on my computer.  Now when I run any flash content with RealPlayer or Firefox, Internet Explorer 7 (which I don't use for anything unless I absolutely have to!) opens up to this link http://clckm.com/searchinfo?fp=%2F6aThAjcGiWQ2B1S%2BwFvKJtNupP6o2QUcZpyo46OY6d0VwjJ1OCfXWyCefua&pt=2&sp=2&vid=1201313561_3X01X1478346977&rpt=1&rm=1#

I have tried SpyBot, AdAware, avast!, an Kapersky online scan and walking through the registry all to no avail.  I'm not the brightest bulb in the box, but I've been doing IT support for 17 years and I can't manage to rid of this crap.  I see where someone else posted on EE trying to get help removing this and ended up loading a new image on the PC.  I hope someone here has better advice by now... anyway your help will be truly appreciated!

Thanks!
Comment
Watch Question

Top Expert 2007

Commented:
It would help if we could see what was going on with your computer. I suggest that you download, run, and upload a HijackThis log from the link below.

http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php

Please do not post the log into the comment window. Use "Attach File" under the comment window to post the log.

Author

Commented:
As requested, here's a freshly created HiJackThis log file.  Thanks for the quick response!
hijackthis.log
Top Expert 2007
Commented:
Not seeing anything evident from HJT? I recommend you run a Spyware scan with AVG and post the log that comes from it. Instructions on set up and run here:

http://www.anti-malwareoutlook.com/forum/viewtopic.php?f=14&t=9&sid=eb63f101d6ce3a7151f84359db630179

Author

Commented:
Hi IndiGenus, it appears to be fixed.  I followed the instructions from your link above and the problem still persisted.  Even though it's not still causing me any problem, I uploaded the AVG report and HJT log file for prosperity.

The malware had gotten itself attached to a flash player I had downloaded named flvplayer but was using RealPlayer to lauch IE 7 to the clckm.com webpage.  Here's how I got to my happy state:  I removed and re-installed Adobe Flash, no help.  I removed RealPlayer, no help.  I removed the flash player and associated .flv files back to Windows Media Player and instantly I was able to view flash videos without IE lauching the Click2Find crapware.  The file may still be on my computer somewhere but it seems that it is not actively working any more.  

Since your suggestion got me moving in the right direction and I'm not having any problem at this point, I'm accepting your solution.  Thanks for your help!
Report-Scan-20080126-124629.txt
hijackthis.log

Author

Commented:
IndiGenus, if you're able to find anything else that might lead to the name and location of the file, I'd love to hear from you.  Thanks again for your help.
Top Expert 2007

Commented:
Hmm that is interesting, nice work on your part finding the problem.

Question, where did you get the flvplayer from? Was it from a "trusted source" or....?
Top Expert 2007

Commented:
Not sure what the file is but you identified where it came from so I would make sure to avoid it in the future...

Good luck,
Dave

Author

Commented:
The player had been working on my PC for about a month before the malware "infected" it.  I wouldn't call it a trusted source since I downloaded it from download.com but I don't think it had any nasties in the beginning.  My sister who is not blessed with much common sense went to some get-rich-quick site and told my NoScript Firefox add-in to allow everything so she could watch a video and that's when my troubles started.  I'll forgive her one day :-)

Thanks,
Don

Explore More ContentExplore courses, solutions, and other research materials related to this topic.