Program won't install-program disappears

P

Papa Oomawmaw

I am working on a friend's computer. He had a lot of viruses (a whole lot)
that I have gotten rid of. There is one virus/trojan that I can't find,
though. It is not reported by his AV. An example of the symptoms follow
(this has happened numerous times).

I tried to install a new program after downloading it from a website (this
site is a reputable one). The install starts, gets to the first or second
installation screen, then stops and installation stops (all install screens
disappear). I go to the downloaded file, to start install again and the file
is gone from the folder. It's nowhere to be found. I go to the 'Task
Manager', find what looks to be suspicious files running, and stop them. I
have even deleted these files/programs numerous times but they keep getting
reinstalled. Also, I stop any suspicious files that are in the auto-start
file.

After I restart, after stopping/deleting the suspicious files, I download
the program that I originally wanted to install again and installation goes
fine. The program works fine and all is rosy (until I return later).

But when I come back to see my friend a couple of weeks later, the above
routine starts again. It's like the offending virus/program has reinstalled
itself and is again doing whatever it is doing. Has anyone had similar
experiences of this kind? Or is anyone familiar with this scenario? Thanks
for any help. Windows XP SP2.
 
M

Michael Solomon \(MS-MVP\)

Have you run a virus scan on the system with a fully updated antivirus
application or have you only resorted to manual means of removing the
viruses?

Second, how do you know your friend has not been reinfected with the same
virus? Does your friend have a firewall, does your friend have antivirus
software installed, are you sure your friend hasn't done anything in the
intervening period that would have caused the reinfection?
 
P

Papa Oomawmaw

I ran the AV several times when I first cleaned his computer. The AV always
reports 2 or 3 viruses and reports that they have been quarantined. I always
ask him if he has run the AV and he reports the same 2 or 3 viruses are
always found and have been quarantined. That's why I'm thinking that they
are getting reinstalled by a virus/trojan that the AV doesn't recognize.
Windows XP SP2 firewall is being used. Thanks for your reply.
 
M

Michael Solomon \(MS-MVP\)

The SP2 firewall doesn't block outgoing messages, just incoming. If
anything is phoning home, he doesn't know about it and such an action might
be a clue as to what is going on:
Several have free firewalls that block both incoming and outgoing:
www.agnitum.com
www.zonelabs.com
www.sygate.com
http://www.tinysoftware.com/home/tiny2?la=EN
http://www.kerio.com/kerio.html

You might try using the trial version of some other antivirus and see if it
can remove it. Other than that, based on the information you've posted, it
sounds as though the user may be doing something that may be causing him to
become infected again.
 
C

Colin Barnhorst

Have you run programs like AdAware (Lavasoft) since antivirus programs do
not catch spyware? Spybot is also good.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Install to another drive - program folder in Start\Program 8
Install new program always goes to Kodak 4
VB 2008, how to do installation for small program with a lot of files 0
VB 2008, how to do installation for small program with a lat of files 0
VB 2008, how to do installation for small program with a lot of files 9
Program un-unstall software 24
Can't get old program to install under XP 7
Startup Installer 2

Top