Hello,

Recently a computer of mine has been having some major issues. I don't know how I got it, as the purpose of the computer is for Internet and IM.
Here's what I have attempted to do:
-Use Norton
-Use Adaware
-Use Windows Defender
-Use Spypot Search and Destroy (could not install due to the virus)

In order to describe this virus/trojan pop-ups occassionally began to appear on my desktop. Then, realizing that this was adware or spyware, I proceeded on using the following programs to get rid of it. I tried to update the programs, but it wouldn't work, none of them did. Norton had an error with Liveupdate, Windows Defender had an error with updates, Adaware couldn't receive updates and Spybot Search and Destroy wouldn't even install. Also to mentio, my computer is extremely slow at the moment.

Adaware managed to pick up 2 "Possible Hijack Attempts". Norton didn't pick up anything. And Windows Defender scanned a Trojan called Win32/C2Lop.Gen!A. I tried to do some research on that given Trojan name but I couldn't find anything, just definitions of what it is.

I have HijackThis if I need to get any logs, but I'm not sure if you guys actually need it right now.

But any help is appreciated. Thanks.

Download malwarebytes to one of your other machines and if you can install it from a pendrive to the infected machine.
Installing in Safe Mode is unlikely to work as Windows installer is not running in Safe Mode.
If you cant get malwarebytes to install then it might be time to slave the harddrive to another of your machines and run scans on it that way.

www.malwarebytes.org (free application and highly recommended around here)

Hi rjfvillarosa

I was reading this post of yours, cause I am having problems getting Malwarebytes to run, and I am pretty sure it is because what ever virus I have is stopping it. I know Malwearbytes is a good one it got me out of a pinch some time ago after trying tons of them before I came across it.

Now what I was wanting to know is this, your statement slave the HD to another machine and run a scan on it that way. I don'treally understand what you are saying here. What does moving it to another machine do that you cannot do with it where it is.? I tried the windows install repair, that did not help. I really didn't think it would but tried it just the same. I have tried several other good mal wear removers too, and they will not install at all. I had a couple of them install but they were not very good ones and did not even come close to finding the pest I have. I have tried running Malwearbytes in safe mode too, that would not run there either. Any and all help apreciatted.

Thanx....Gunny

What does moving it to another machine do that you cannot do with it where it is.
When the drive is slaved to another machine the slaved drive is not booting up it shows up as another hard drive, there for the virus / spyware is not active, and can be removed / cleaned. Also in XP and Vista you will need to turn off your restore feature, because any restore points made after getting infected will be included in the restore point.

This piece of equipment is nice to have, It sure beats getting access to a host computers insides and running data cables power to the slaved drive
http://www.newegg.com/Product/Product.aspx?Item=N82E16812232002

Hi Mikel

That does look like a great time saving tool. One question you say you hook it up as a slave drive, what if it is a SATA drive and you cannot hook it up as a slave or master, what then.? Does a SATA drive automatically take on as a slave, as long as the other drive is a master, what then if both drives are SATA.?

Thanx...Gunny

Hi Me again. I just clicked on the link in rjfvillarosa post, to dowload Malwarebytes, and this is what came up, "Internet Explorer cannot display this page". This is one of the little strange things that is going on with my computer, that comes up very often on other things but for sure when I try to download some thing to do with malware removal sites. I get that same thing when I click on to get my Windows udates too, and this is happening just since I found out I have this bug. Up till then everything seemed to be working great, and smooth. After I did the windows repair I had to do all my updates, like SP2 and 3 from a disk, I could not do it from the update site, strange.

Thanx....Gunny

Gunny. From experience with those adapters, I find that your computer recognises the adapter rather than the harddrive, it will detect it at a USB mass storage device.
The first thing you should do is plug the adapter into the computer you want to slave the drive to, this allows the computer to install the adapter as a USB device, after that remove the adapter and connect it to the harddrive, recconect the adapter to the computer and this time it should see the harddrive and tell you it is installing it. If it doesn't see the harddrive first time you may need to move the jumper from MS to SL or CS, the harddrives all behave differently when used in this way and sometimes convention goes out the window, obviously you shouldn't need to mess with jumpers on a SATA drive, but be ready I have seen drives do some weird and wonderfull things when using my adapter.

"Internet Explorer cannot display this page
Something is screwing with your internet settings, get the drive clean first and then we can look into running Winsocfix to try and repair your internet settings.

ya that is what I was thinking something is screwing around in there, just small things like this, but good thing I am still able to use it, hoping it don't get any worse until I get the tool. I will have to order it from Newegg. I see your point getting the HD clean first then messsing with the other stuff later, makes sense. So I will not probably be able to get back with any thing new on this until I get the tool and do my thing. If any thing else comes to mind meantime let me know, I will be back here all the time, reading and learning. What kind of a program is that Winsocfix.?

I really appreciate all your help on this, I feel certain we will get it back to good health soon.

Thanx....Gunny

You can download it here and there is a nice simple description of it on the page:

http://www.softpedia.com/get/Tweak/Network-Tweak/WinSockFix.shtml

Looks good, but you are saying it would be best to wait until I get the HD clean then do this. I was thinking too maybe if I get all the bugs out might this clear up all or most of the problems I am having.? Cause it seems that all this started at the same time, like one day came the bug, and problems showed up. Just my out loud thinking.

Thanx...Gunny

Malware often screws up the registry entries associated with your internet connection and cleaning the malware off your harddrive will not repair those corrupted entries, you will have to do it and one of the best methods I have used is Winsockfix.

Ok I understand. I clicked on that link you had and it keeps turning into Regcure. Is this the what it is called, and is it free or pay.? I don't mind the pay if it is. Most of these sites do the scan but to fix or remove it takes a paid version. I ordered that tool, UPS shipping 2 days.

Thanx..Gunny

The link I posted (just tried it again) goes straight to Softpedia and the Winsockfix download page.
There is nothing about Regcure on the page, you have some serious issues there Gunny.

HI All

I have been messing with this over the weekend and I came up with another question.

Now I know I have a bug, and what has been suggested from the posts above I am going to do, I should get the tool tomorrow. Now some thing that has come to mind is this, I downloaded this Malwarebytes from the site on another computer, put in on a disk, and tried to install it to another drive on the bugged computer. I have 2 HD's on it one with a operating system and the other HD with out a operating system. I tried to open it up and install it from that HD and it did the same thing like I got trying the same thing on the bugged HD. This makes me wonder if this will work with the tool that is coming. Isn't this doing the same thing.?i What would be different about it.?

Thanx....Gunny

The difference is, when you attache the infected computer to a clean computer, it's the clean computer that gets the program installed, and won't have the infection prevent it.

Right now, you still have an infection that is loading with windows and won't let you remove it.

Hi Gang

I received that tool today from Newegg, and went to install it and when I clicked to install the drivers from the mini disk it said they are only for Windows 98. Whats with that. ? Do I need to go to the site to update the drivers.?

Thanx...Gunny

Those are probably USB1.1 drivers for 98/ME.
You shouldn't need to install any drivers, XP/Vista should see the adapter and auto install it.

Hi rjfvillarosa

Ok I havent tried connecting it to the comp yet, thought I would just install the drivers first. I will connect it to the comp and see what happens.

Thanx...Gunny

Hi V

I connected it as you said and it shows up as another HD not a storage device. Tried running Malwearbytes and it only scanned the C (non bugged drive) drive not the bugged HD

Thanx...Gunny

Gunny,

When you open malewarebytes, choose full scan. You should then get a list of all drives connected to the computer. Choose teh usb one.

Hi Shadow

I was just testing it with a spare HD, and I did a quick scan from Malwearbytes. Ok on that. Now does it matter if the say bugged HD does not have a operating system on it as to how it shows up or not. The drive I am testing it with does not have a OS on it. So you are saying it makes no difference if it shows up as a storage device or a HD. How would it scan it if it did show up as a storage device.

Thanx...Gunny

Hi Shadow

Stupid me I just answered my own question, even if it does show up as a storage device it is given a letter, and you can check that box when Malwearbytes gives you the option as to what drives you want to scan.

Thanx...Gunny

Have you started the scan now? how is it going?