Spyware, viruses, & security : My laptop will download files but won't install anything.
My laptop will download files but won't install anything.
by KennyCat - 11/9/09 5:28 PMI have an Acer Extensa 5630-4228, 2GHz Intel Pentium processor. 250GB Harddrive.
My DVD rom wasn't showing on my computer folder and it wouldn't work. So I system restored it to a date that I knew it worked and everything seem fine until I tried to do updates on my AVG Free anti virus program. I wouldn't load. So I decided to uninstall and download again. I wouldn't let me unintall. So I tried to download anyway. It showed as though it was downloading the files and I then nothing. I went into the AVG file to try to start the install from the setup file, and it did nothing. I installed a Kaspersky trial version from a disk and it found a trojan horse and it removed it but my laptop still won't allow me to download and install any programs. I have tried a few. I can't even download a video clip from my hotmail email account. I am assuming I have a virus, but I am not sure what to do from here. Please help!
Could well be malware is the cause........
by Marianna Schmudlach
- 11/9/09 6:04 PM
In reply to: My laptop will download files but won't install anything. by KennyCat
Please download Malwarebytes Anti-Malware (v1.33) and save it to your desktop.
alternate download link 1
alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.
* Make sure you are connected to the Internet.
* Double-click on mbam-setup.exe to install the application.
* When the installation begins, follow the prompts and do not make any changes to default settings.
* When installation has finished, make sure you leave both of these checked:
o Update Malwarebytes' Anti-Malware
o Launch Malwarebytes' Anti-Malware
* Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
* If an update is found, the program will automatically update itself.
* Press the OK button to close that box and continue.
* If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
On the Scanner tab:
* Make sure the "Perform Quick Scan" option is selected.
* Then click on the Scan button.
* If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
* The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
* When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
* Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
* Click on the Show Results button to see a list of any malware that was found.
* Make sure that everything is checked, and click Remove Selected.
* When removal is completed, a log report will open in Notepad.
* The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
* Copy and paste the contents of that report in your next reply and exit MBAM.
Notes: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes. Click this link to see a list of programs that should be disabled.
Download and scan with SUPERAntiSpyware Free for Home Users
* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
IF you are not able to download these tools on your machine, please use a friend's or family member's computer and download the Malwarebytes tool and it's manual update from the link below.. Once downloaded, rename the program installer "mbam-setup.exe" file to something else like "Your Name.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Your Name.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.
Malwarebytes Download Link (Clicking on the links below will immediately start the download dialogue window.)
http://www.besttechie.net/tools/mbam-setup.exe
Malwarebytes Manual Updater link
http://www.malwarebytes.org/mbam/database/mbam-rules.exe
SuperAntispyware
http://www.superantispyware.com/
SuperAntispyware Manual Updater
http://www.superantispyware.com/definitions.html
Good Luck !
Thanks, but it still won't work
by KennyCat - 11/9/09 6:40 PM In reply to: Could well be malware is the cause........ by Marianna Schmudlach
I tried to save to desktop, it appears to be doing it, but nothing happens or is saved after the download is complete. I even did a search of my computer for the exe file. Showed nothing, what is I copied the exe file from my husband's laptop and tried to run that way?
Okay...I save to memory stick
by KennyCat - 11/9/09 7:38 PM In reply to: Could well be malware is the cause........ by Marianna Schmudlach
I saved to memory stick and uploaded the software. Here is the log from the scan
Malwarebytes' Anti-Malware 1.41
Database version: 3137
Windows 6.0.6002 Service Pack 2
10/11/2009 12:05:11 AM
mbam-log-2009-11-10 (00-05-11).txt
Scan type: Quick Scan
Objects scanned: 92012
Time elapsed: 7 minute(s), 17 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\kt_bho.KettleBho (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> Delete on reboot.
I am going to try and download the anti virus software now...I will get back to you on that. Thanks
Good Job.....
by Marianna Schmudlach - 11/9/09 10:04 PM
In reply to: Okay...I save to memory stick by KennyCat
Did you reboot your computer after the scan finished?
Files Infected:
C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> Delete on reboot.
Memory Modules Infected:
C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> Delete on reboot.
Found more Today
by KennyCat - 11/10/09 12:58 PM In reply to: Good Job..... by Marianna Schmudlach
It still won't let me uninstall AVG, can't even delete the folder. But it found another Trojan "partner.exe" today. Here is today's log.
Malwarebytes' Anti-Malware 1.41
Database version: 3137
Windows 6.0.6002 Service Pack 2
10/11/2009 4:23:34 PM
mbam-log-2009-11-10 (16-23-34).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 207005
Time elapsed: 1 hour(s), 2 minute(s), 12 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\ProgramData\Partner\partner.exe (Trojan.BHO) -> Quarantined and deleted successfully.
Like I said though it still won't let me uninstall AVG. Does that matter? Let me know and thanks again for your help.
Same BHO
by Marianna Schmudlach - 11/10/09 2:53 PM
In reply to: Found more Today by KennyCat
I would suggest:
Download and scan with SUPERAntiSpyware Free for Home Users
* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
Does the scan come up clean?
did that last night too
by KennyCat - 11/10/09 6:40 PM In reply to: Same BHO by Marianna Schmudlach
I couldn't download the Super anti virus, I had to save to memory stick also. So I dis that last night and ran a scan it found 83 tracking cookies. I removed them. But still not letting me uninstall or delete AVG. 
Reason can only be there is still malware........
by Marianna Schmudlach - 11/10/09 6:52 PM
In reply to: did that last night too by KennyCat
Please download and install the latest version of HijackThis v2.0.2:
Download the "HijackThis" Installer from this link:
http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
1. Save " HJTInstall.exe" to your desktop.
2. Double click on HJTInstall.exe to run the program.
3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
4. Accept the license agreement by clicking the "I Accept" button.
5.Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
6. Click "Save log" to save the log file and then the log will open in Notepad.
7. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Then go to ONE of the following HJT forums
http://www.malwarebytes.org/forums/index.php?s=3bc54148eb5885f4b8c7295fa434fb79&showforum=7
http://www.bleepingcomputer.com/forums/forum22.html
http://www.geekstogo.com/forum/index.php?s=e39ad7e237ae123f43517316e44bf4bf&showforum=37
http://www.spywareinfoforum.com/index.php?s=5028cc67f4e5562d636b9a77c9017749&showforum=18
http://forum.gladiator-antivirus.com/
and start a NEW thread and post your HJT log.
Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
Good Luck !
Thanks
by KennyCat - 11/10/09 7:14 PM In reply to: Reason can only be there is still malware........ by Marianna Schmudlach
I will let you know what happens. 
(NT) O.k. :)
by Marianna Schmudlach - 11/10/09 9:56 PM
In reply to: Thanks by KennyCat
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
