Unusual problem installing Norton 360 onto Acer Aspire X1700 running Win Vista Home Premium

I am currently repairing a customers system and I am having issues with installing the Norton 360 product V4 standard.

 

The system was infected apparently, but I have since scanned the hard drive by removing it and installing it onto a repair PC using Norton Internet Security 2011 installed on the repair system.  The scan came up clean.  I then re-installed it into it's own PC turned it on.  I shared the drive and then scanned it across the network using the same repair PC to do the work.  It came up clean with no infections. (Yes, the NIS 2011 was updated prior to the scans).

 

I also ran "ComboFix" on the system with nothing unusual found.  I also ran Malwarebytes and Spybot to test for malware directly on the system and all came up clean.  The owner obviously had done scans of his own and suspected that the system had been hacked.  As a result of this I also ran "UnHackMe" which found "CatchMe.sys", and removed it.

 

The system had the Microsoft Security Software loaded with Defender.  I uninstalled the software prior to all of the scans above. 

 

After each attempt to load 360, the load screen appears briefly and then disappears - this happens twice and very quickly and then does not display at all.  There are no warning messages, or error messages of any kind.  I tried to load NIS 2011 also to check if the 360 CD was faulty.  I discovered exactly the same issue was happening with NIS 2011 also.

 

Loading AVG free seemed to go without a hitch, as I wanted to see if another unrelated product would also display unusual install issues.  I did try to run the Norton Removal Tool in case a previous version may have been left behind, and I ran this more than once.  Obviously, the problem persists.   I tried loading as Adminisrator and even turned off UAC out of desperation

 

Can anyone please suggest anything else to try here.  Thank you.

Hello Noddy2156

 

Welcome to the Norton Community Forum

 

According to this link    http://www.prevx.com/filenames/2651304760124610190-X1/CATCHME.SYS.html CatchMe sys is often associated with a rootkit. Please don't use what is suggested there. I only posted it so that you can see the information that is listed there.

 

Therefore, I would recommend a visit to one of the malware removal sites and register with them. Please put CatchMe .Sys. in the topic and please tell them what you have done so far. They have the proper tools and knowledge to guide you to safely remove the malware on the computer. They work with you on a 1 to 1 basis which is not available here. So please visit one of these sites.

 

Please go to one of these free Forums for help in removing your bad malware or rootkits.


http://www.bleepingcomputer.com

http://www.geekstogo.com/forum/

http://www.cybertechhelp.com/forums/

http://forums.whatthetech.com/

(Thanks to Delph for providing the list of sites)

 

Please come back and let us know which one you have registered with and the username with the account since some here like to follow the thread. The possible rootkit may prevent you from installing the Norton product. Thanks.

Ok. Thanks. I will give one of them a try and get back to you.

I have gone to Bleeping Computer to have them assist in this matter.

 

Here is the Topic Link for those that are interested:

 

http://www.bleepingcomputer.com/forums/topic377419.html

 

I will post back at the end of the topic to advice the result.

 

Try these steps:

- Make sure that you do not have any other security products installed.

- Restart your computer to Safe Mode with Networking.

- Run the reset registry permission tool from the following link:

http://us.norton.com/support/kb/web_view.jsp?wv_type=public_web&docurl=20090814163739EN

- Restart your computer to normal mode and then try installing Norton product.


Let us know the results.


Yogesh

Thanks for the link -- don't forget that Bleeping Computer insists you do NOT try anything else while working with them.

 

No reflection on Yogesh but leave his suggestion in reserve for the moment ....... ?