PDA

View Full Version : Downloaded software not opening or installing



derekpayne
10-17-2011, 06:03 PM
Hi

It would appear that every time I try to download any software, when it is finished downloading, and I click on it to run and install nothing happens.

I am running windows 7 64bit.

all the software downloaded are listed as binary files and they dont appear to be the whole file as their sizr is smaller than listed.

Cheers

LochLomonder
10-18-2011, 12:47 PM
Is this on the same notebook you mentioned on this thread (http://www.pcguide.com/vb/showthread.php?t=80094)?

derekpayne
10-18-2011, 01:09 PM
Hi

No this is another laptop we have, which incidently is running the same operating system but apart from the problem I stated above works fine.

Cheers

LochLomonder
10-18-2011, 03:20 PM
Can you give an example of what you're trying to download, and from where?

derekpayne
10-19-2011, 08:10 AM
the programme that I tried to download first was Iobit's Advanced Systemcare 4 free version.

I have run Malwarebites anti malware in safe mode, and managed to install Advanced System care 4 by copying the installation program onto a usb memory stick and run that also in safe mode, it found some faults and corrected them, but no malware was found, and the problem still exists.

It allows me to download programmes, but when I go to run them nothing happens.

Its just annoying!!

FTT
10-19-2011, 10:52 AM
Can you post the log from the MBAM scan or at thre very least what the errors were?

Also you were asked not only what, but from WHERE also by LL, if you are downloading from a torrent or similar site, there is still the possibility the download itself is corrupt or infected.

Also, these files downloaded, are they .exes? .zip? .iso? .rar? Exes will install by clicking, any other needs to be unzipped or burned to cd prior to install.

derekpayne
10-19-2011, 11:38 AM
Here is the log file from Antimalware Bytes:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7977

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 9.0.8112.16421

19/10/2011 10:15:05
mbam-log-2011-10-19 (10-15-05).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 403732
Time elapsed: 1 hour(s), 2 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Cheers

derekpayne
10-19-2011, 11:41 AM
It was the Advanced Systemcare that found the faults

derekpayne
10-19-2011, 01:26 PM
Just tried dowloading another programme (Java deployment toolkit plugin update for Firefox) which was a "binary file" but on trying to run it, it looks like it is only part of the download, although it stated that the download was complete.

derekpayne
10-22-2011, 11:50 AM
Right,

Tried using IE 9 to download a peice of software fron Cnet Downloads (should be safe) it downloaded the whole file then told me "this programme contained a virus and was deleted", I don't believe that a virus was downloaded from that site as everything is tested and virus free?

I think maybe there is something on my system that is stopping thinks from being downloaded.

I have run deep scans with both Malwarebytes anti malware & Emsisoft anti malware both found issues and quarantined them but still no joy?

Cheers

derekpayne
10-22-2011, 12:05 PM
Whilst trying the download with IE I viewed the log file and lo and behold AVG was mentioned, so I disabled AVG for 10 minutes whilst downloading it again, perfect, programme opened and I was able to run it with no problems.

Now I know I can prepair, but I have never had to disabvle my virus scanner before and have been running AVG for years.

If anyone else is having the same problems try what I did.

Cheers

david eaton
10-22-2011, 02:41 PM
IObit Security 360 is a rogue security program known to cause system problems and that had stolen material from other computer security companies to use in their own program.
IOBit Steals Malwarebytes’ Intellectual Property (http://www.spywareinfoforum.com/index.php?showtopic=126267)
IOBit’s Denial of Theft Unconvincing (http://www.spywareinfoforum.com/index.php?showtopic=126286)
The program has also been seen to cause numerous system problems that tend to go away after uninstalling their software.

Go to Start > Control Panel > Add or Remove Programs and remove the following programs:
IObit Security 360
Advanced SystemCare
(or any program from IObit)

T-Tools (http://www.t-tools.nl/) has created a free program that has been designed specifically to remove every last trace of the entries of IObit programs left behind if and when you had decided to uninstall one or more of these programs. Please download BitRemover from here:
http://www.t-tools.nl/bitremoveren.php
Save the program to your Desktop and double-click on the program to run it.

mjc
10-22-2011, 07:54 PM
Well...that explains why AVG did what it did. And I've seen this type of behavior in the past when trying to run a legit antimalware app AND the imposter on the same machine. The imposter tries to remove the legit one by any means it can...including but not limited too deliberate false positives. Then of course the legit program is trying to remove the imposter....

derekpayne
10-25-2011, 04:47 PM
It would appear that when I disabled AVG and the software downloaded and installed OK, was a one off, I can't get it to do it again even after disabling AVG.

Anyone got any ideas?

Cheers

david eaton
10-25-2011, 05:27 PM
Did you take my advice above about Iobit software?

derekpayne
10-25-2011, 05:38 PM
Yeah I did but I can't download Bitremover as my system wont allow me to, thats the problem.

I will have to download it on one of my other machines and save it onto memory stick to install on this machine.

I will do it in the morning. I tried just now and it would appear that as soon as any programme is downloaded it is removed as it is suspected of being a virus.

I only have AVG 2012 running at the mo.

Cheers

derekpayne
10-26-2011, 11:19 AM
Right

Have run bitremover and it did its job, rebooted and tried again but the problem still persists.

Any advice would be appreciated

derekpayne
10-26-2011, 06:20 PM
Oh

Insidently, I was able to download and install programs with no problems whilst IObit was installed as I had it installed long before this problem occurred.

mjc
10-26-2011, 08:52 PM
Oh

Insidently, I was able to download and install programs with no problems whilst IObit was installed as I had it installed long before this problem occurred.

Sounds like it's one of the ones that doesn't like to leave.

That's another typical behavior.

derekpayne
11-04-2011, 09:40 AM
I have run every malware programme I can find, Antimalwarebytes found some small problem but after removal it didn't cure the fault.

Every time I try to download something it downlaods it then only leaves part of the download on the desktop, whaich I am unable to open.

Anyone know of any programme that will run at boot before windows runs that will get rid of this thing?

Cheers

Sylvander
11-04-2011, 12:11 PM
1. I normally scan the contents of the Windows partition from Puppy Linux...
Normally using the Avast! Antivirus on-demand scanner [installed using avast4workstation-1.0.8.pet], whilst Windows is dormant.

2. See this post of earlier today (http://www.murga-linux.com/puppy/viewtopic.php?p=579737#579737) where I used instead the portable Malaware.exe file run using WINE within Lupu-526.
It has seemingly found an infected imm.dll file in Win2000Pro.
Anyone know if this is a real infection or not?

mjc
11-04-2011, 12:46 PM
Upload a copy here...

http://virusscan.jotti.org/en

Sylvander
11-04-2011, 06:36 PM
Oops, sorry for this little diversion.
My Win2000Pro Windows folder is named "WINNT"...
And the file reported as infected is said to be in the "Windows" folder.
Also, my file is imm32.dll, NOT imm.dll.

So this imm.dll file must be part of the WINE installation of Windows.
Not much use if the MalAware.exe file run within WINE is only scanning the WINE files. :confused:
Only useful if run from Windows methinks.

At least I can report that I have the 1.3.0 version of the Avast! on-demand scanner, scanning the contents of my Win2000Pro partition right now as I type.
Now completed, no viruses found. :)
I'll now update the virus definitions and scan again.
Downloading updates...
Done.
Scanning again.
Finished. No viruses found this time either. :)

mjc
11-04-2011, 06:48 PM
Repeat the above scans/removal steps in Safe Mode.

Sylvander
11-04-2011, 08:25 PM
Are you telling ME to do that mjc?

And if so, you want me to use Windows Safe Mode to run the portable MalAware.exe file?

I'll go try that and get back.

Should derekpayne try that?

Sylvander
11-04-2011, 09:12 PM
Tried to run the portable MalAware.exe file, but it wouldn't run in Safe Mode nor normal mode of Win2000Pro. :( :confused:

Odd, because it still runs in the WINE version of XP. :confused:

mjc
11-04-2011, 09:27 PM
Actually, it was for Derek.

derekpayne
11-07-2011, 04:11 AM
I tried running Puppy Linux, but couldnt configure the network connection.

I have got the latest version of Ubuntu installed on this machine as duel boot, again the problem started long before I installed it just in case anyone thought it was causing the problem.

Is there a programme anyone would recommend I download inside Ubuntu that will scan the Windows folders etc?

Cheers

derekpayne
11-08-2011, 04:10 AM
Hi

Run a scan with "HijackThis" and the following log is the result just in case anyone can see any problems:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:04:54, on 08/11/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Derek\AppData\Local\MediaGet2\mediaget.ex e
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=OIE9HP
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5532&r=27360211d125l0374z1l5t4912x45r
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/mediaget/{133797DB-0507-467B-A7C1-3195D17B220B}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbInc2.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\MediaGet DB Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O2 - BHO: (no name) - {9D717F81-9148-4f12-8568-69135F087DB0} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: IncrediMail MediaBar 2 - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbInc2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\MediaGet DB Toolbar\tbcore3.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbInc2.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: MediaGet DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\MediaGet DB Toolbar\tbcore3.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

I have split it into 2 separate posts as it is too long for 1, please see next post for other part.


I would be gratefull for any advice with this.

Cheers

derekpayne
11-08-2011, 04:11 AM
Here's the other half:

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MediaGet2] C:\Users\Derek\AppData\Local\MediaGet2\mediaget.ex e --minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183 CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24) -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: EASEUS Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe
O23 - Service: SymSnapService - Symantec - C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14255 bytes

Cheers

derekpayne
11-21-2011, 05:52 PM
Just an updat on this one; I have run every anti-whatever threat programme that I have had the time to do. Nothing has cured the problem although I can sometimes download a programme but if I try another one straight away it wont let me.

I am getting by, by downloading software by shutting down windows, re-booting into Ubuntu, downloading the software using Ubuntu, saving it onto a memory stick, re-booting into windows and installing the software from the memory stick.

I am considering doing a factory reset and starting again from scratch, but only as a last resort.

mjc
11-21-2011, 06:14 PM
Go to Add/Remove programs and uninstall EVERY toolbar listed.

Then,go here...

http://support.microsoft.com/kb/811259

Scroll down to the Vista section (the steps are the same for Vista and Win7) and do the Winsock reset

derekpayne
11-22-2011, 02:00 PM
Hi

Did all that, also tried doing a configsys stop all services and reboot, didn't make any difference after stopping all services. Tried to stop some microsoft services then found I couldn't access the internet so gave up on that one, did a reinstallation of windows without losing user data, no change, also tried it in safe mode, no difference.

Like I said before, as a last resort I am considering doing a factory re-installation of windows if I don't get the answer soon.

Have tried removing suspect protection programmes and temporarily disabling AVG didn't make any difference. I did notice that when I downloaded anything using Internet Explorer, it states that "the download contained a virus and was deleted" when I know it is from a safe source, which makes me thinks that I have a rogue protection programme stopping me from downloading anything?

All advice would be appeciated before I do a full factory re-installation.

Cheers

derekpayne
11-22-2011, 03:46 PM
Just a quick update.

I have now installed a download manager, have tested it and it allows me to download and open or run things with no problems.

Hope this helps

Cheers