Jump to content

failed to remove threat Trojan.Clicker

Recommended Posts

good day sir i have a problem in my computer and thinking it as a virus so downloaded malwarebytes to check and got a result..i have 5 threats found including a trojan.clicker on my system and as i try to quarantine it after restart it shows that failed to remove the trojan.clicker..please help me sir thanks in advance and have a good day.


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.

I have identified a bad SmartService infection.

You will need access to a spare PC and a USB flash drive that has not been in contact with the sick PC...
Let me know if you have access to these devices.

I need to know first if you can enable the Recovery Environment...

Open FRST on the compromised computer:

copy/paste the following inside the text area of FRST. Once done, click on the Fix button. A file called fixlog.txt should appear on your desktop. Attach it in your next reply.

CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes


On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad
Copy and paste its content in your next reply.

Wait for further instructions.


Link to post
Share on other sites

good day sir thanks for helping me..yes sir i can use my cousin's PC and USB flash drive. here attached is the result of FRST you said sir.


Fix result of Farbar Recovery Scan Tool (x64) Version: 24.12.2018
Ran by 12Sky (27-12-2018 15:32:17) Run:1
Running from C:\Users\12Sky\Downloads
Loaded Profiles: 12Sky (Available Profiles: 12Sky & DefaultAppPool)
Boot Mode: Normal

fixlist content:
CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes


========= bcdedit.exe /set {bootmgr} displaybootmenu yes =========

The operation completed successfully.

========= End of CMD: =========

========= bcdedit.exe /set {default} recoveryenabled yes =========

The operation completed successfully.

========= End of CMD: =========

==== End of Fixlog 15:32:17 ====

Link to post
Share on other sites

Lets proceed:

Preparing the USB Flash Drive

Using the Clean computer download the right version of Farbar program for your system to Desktop.
64-bit or 32 bit version. Select the one you need.

Move the executable (FRST.exe or FRST64.exe) to your USB Flash Drive

How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system.


Boot in the Recovery Environment WINDOWS 7 USERS

To enter the Recovery Environment with Windows Vista and Windows 7, follow the instructions below:
Restart the computer
Once you've seen your BIOS splashscreen (the computer manufacturer logo), tap the F8 key repeatedly until the Advanced Boot Options menu appears

Look at this video if not familiar with it.

Use the arrow keys to select Repair your computer, and press on Enter
Select your keyboard layout (US, French, etc.) and click on Next

Once in the command prompt
Plug your USB Flash Drive in the infected computer

Click on Command Prompt to open the command prompt

In the command prompt, type notepad and press on Enter
Notepad will open. Click on the File menu and select Open
Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad

In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe and press on Enter

Note: Replace the letter e with the drive letter of your USB Flash Drive

FRST will open

Click on Yes to accept the disclaimer
Click on the Scan button and wait for the scan to complete
A log called FRST.txt will be saved on your USB Flash Drive. Attach it in your next reply.

Wait for further instructions.

If at any time you need additional information please ask before proceeding.

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.



Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.