Windows 7 Unknown program trying to install

J

jackotis

New Member
Joined
Jan 2, 2014
Messages
3
For the past few days, when booting my computer, the last startup action is
UAC, showing the blue-yellow "OK" checked shield, asking for admin approval to run a file named "...AppData\local\temp\s3ms\Setup.exe /S". The file has no signature, and the folder/file doesn't show up on any search. Moreover, the file address changes on each reboot, like "...\s304\Setup.exe /S" or "...\ss68\Setup.exe /S". A bootlog doesn't show it, nor does a registry search. A complete scan reveals no problem and browser download history shows nothing amiss. I'm not about to run the file before knowing exactly what it is.

One other thing - when rousing the system from dozing, the UAC request appears.

Any ideas or suggestions would be welcome. Thanks.

Jack Moore
jackotis.com
 
Solution
T
Hello, please go to the start button and in the Run/Search box, please type in msconfig
Then a new window will pop-up. Please select the tab that says Startup.
Look for this program and any weird entries uncheck it.
The next thing you should do if you are unaware of this program is to run a scan for malware.
Update your current anti-virus and run a full scan while disconnected from Internet.

Also you can go to download.com and download several applications to assist in your removal of malware.
Link Removed anti-virus, Spybot Search & Destroy and malwarebytes; to name a few.
Usually files in the temp location can be deleted, but it's definitely some sort of malware.
Sort by date Sort by votes
I would share your suspicion, but when you say you ran a full scan, what did you run it with? Have you scanned with Malwarebytes?

EDIT: Also delete everything that is deletable in AppData/local/temp and see if the problem remains.
 
Last edited:
Upvote 0 Downvote
Hello, please go to the start button and in the Run/Search box, please type in msconfig
Then a new window will pop-up. Please select the tab that says Startup.
Look for this program and any weird entries uncheck it.
The next thing you should do if you are unaware of this program is to run a scan for malware.
Update your current anti-virus and run a full scan while disconnected from Internet.

Also you can go to download.com and download several applications to assist in your removal of malware.
Link Removed anti-virus, Spybot Search & Destroy and malwarebytes; to name a few.
Usually files in the temp location can be deleted, but it's definitely some sort of malware.
 
Upvote 0 Downvote
Solution
Thanks for your replies and help. It turned out to be "tubedimmer," an app that had not completely installed. As for malware scans I use MS Security Essentials with UAC on, set high.
 
Upvote 0 Downvote
Hi

I too use MS Security Essentials but I do advise running both CCleaner and Malwarebytes regularly.
There's a lot of stuff that MSE lets through.

I don't run the UAC but that's a personal choice, I just don't like the hassle of all the pop up messages.

Mike
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

A
  • Solved
Outlook cannot open .pst file which was in use by an unknown program
Replies
6
Views
6K
adomclick
A
C
  • Solved
Windows 7 Windows cannot find D:\setup.exe when trying to install a program from a disc
Replies
2
Views
15K
colfmedion
C
B
  • Solved
Windows 7 Trying to Install Win7 from Vista fails at Setup is Starting
Replies
6
Views
6K
blizzald
B