Can't download .exe or run antimalware programs - help!

First, are you saying that you can download programs but they just don't run or do you mean something is blocking you from downloading? Can you download to a different computer and transfer them via USB thumb drive?

Run HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Now you will need to try to manually delete the following:
C:\WINDOWS\system32\tukdtjsr.exe
C:\WINDOWS\system32\tukdtjsrx.exe
C:\WINDOWS\negics.dll
C:\Documents and Settings\oneild\Application Data\C7EACBD9EFBAAC660C4807161DE2A93D\satdll70snn.exe
C:\DOCUME~1\oneild\LOCALS~1\Temp\zitui1.exe
C:\Documents and Settings\oneild\Application Data\C7EACBD9EFBAAC660C4807161DE2A93D\upd_debug.exe

Now see if you can download and run the scans.

 

Try running the tools you have in safe mode with networking. See if you can download then. Do try to run as many of the tools as you can. Tell me what happens if you try running MGTools.

We can also try doing this:
Now download and Run exeHelper

• Please download exeHelper to your desktop.
• Double-click on exeHelper.com to run the fix.
• A black window should pop up, press any key to close once the fix is completed.
• Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)

Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


Also please try running the below online scan:

http://www.superantispyware.com/onlinescan.html

Reboot immediately after scanning if it finds and removes anything. Let me know if anything was found. It does not save a log.

 

Now lets see if you can download this:

Download The Avenger by Swandog469, and save it to your Desktop.

* Extract+ avenger.exe from the Zip file and save it to your desktop

Where you able to do that?

 

So you were able to get Avenger to open?

If so:

* Run avenger.exe by double-clicking on it.
* -Do not change any check box options!!
* Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

* Now click the Execute button.
* Click Yes to the prompt to confirm you want to execute.
* Click Yes to the Reboot now? question that will appear when Avenger finishes running.
* Your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Attach the log which will be:
C:\Avenger.txt

Now see if you can download and run the other scans.

Go ahead and re-run HJT and get me that log, but first, rename it to analyse.exe.

 

Run HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O4 - HKLM\..\Run: [Xpokuy] rundll32.exe "C:\WINDOWS\onetilarejucow.dll",Startup
O4 - HKCU\..\Run: [Pguwakulejarivew] rundll32.exe "C:\WINDOWS\negics.dll",Startup

After clicking Fix, exit HJT.

* Run avenger.exe by double-clicking on it.
* -Do not change any check box options!!
* Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

* Now click the Execute button.
* Click Yes to the prompt to confirm you want to execute.
* Click Yes to the Reboot now? question that will appear when Avenger finishes running.
* Your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

See if you can download the reg fix:
http://www.dougknox.com/xp/file_assoc.htm
(Scroll down to the exe fix ).

Were you able to download MGTools? If so, try renaming the extension to MGTools.com and see if it will run. If not let's try a different tool.

Download OTL by Old Timer. and save it to your Desktop.

* Double click on OTL.exe to run it.
* Under Output, ensure that Minimal Output is selected.
* Under Extra Registry section, select Use SafeList.
* Click the Scan All Users checkbox.
* Click on Run Scan at the top left hand corner.
* When done, two Notepad files will open.
o OTListIt.txt <-- Will be opened
o Extra.txt <-- Will be minimized
* Please post the contents of these 2 Notepad files in your next reply.

 

I am about to shut down for the night. Long day. I have asked the other malware fighters to check in to see if there is something I may have missed that might help. In the meantime, do try to do the things I posted and if necessary, do them in safe mode. I will be back tomorrow.

 

Try and get this to run however you can but preferably with the way the instructions provided!

Please download RogueKiller.exe and save it to your desktop.

• Now quit all running programs.
• Double click RogueKiller.exe to run it.
• When prompted, type 1 and hit Enter.
• A RKreport.txt should appear on your desktop.
• Note: If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe .
• Please post the contents of the RKreport.txt in your next Reply.

Now are you able to run anything of the READ & RUN ME FIRST. Malware Removal Guide ?

 

Try this then

 

Let's take another shot at it with this:

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Administrator


You only need to get one of them to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

1. Rkill.exe
2. Rkill.com
3. Rkill.scr
4. Rkill.pif

* Double-click on the Rkill desktop icon to run the tool.
* If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
* Do not reboot until instructed.

If you are having problems running Rkill, you can download iExplore.exe or eXplorer.exe, which are renamed copies of Rkill.com, and try them instead.

* If the tool does not run from any of the links provided, please let me know.

 

Are you able to use another computer to download all of the tools needed to complete the R&R, then transfer over onto the sick PC to run? :confused

 

I don't know if this will help as I haven't used it before:
http://download.bleepingcomputer.com/reg/FixNCR.reg