Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WIndows Installer nightmare- constant random pop ups


  • Please log in to reply
43 replies to this topic

#1 NYskyHI

NYskyHI

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 17 August 2012 - 05:44 AM

I just reviewed the "Before you post about a problem Some simple guidelines". I hope to make this as easy to follow as possible. In a nutshell I have had an issue for quitesome time involving the windows installer popup indicator windows. Slowly overtime multiple other issues have come to play.

I need to get these popups "windows installer" which I believed is associated with windows installer from popping up repeatedly as well as all the other problems that are happening as of recently. When the pop up appears I recognize the install shield logo in the system tray.
I am running Windows XP Home Edition version 2002 Service pack three on an old Dell Inspirion Laptop. For at least 5 months I've been battling it out with this crazy window's installer popup. I am not trying to install anything. The popup shows up randomly and sometimes even has multiple windows that show up and blink repeatedly and then disappear. 'Randomly' being the key word here since nothing in particular that I do prompts them to display. I go to processes to stop the process but this is simply a temporary solution. I've tried to tackle the issue by monitoring processes (using Process Hacker) as well stopping start up processes by researching each process in the startup to see if it's important process or not. There is much information on the web about all the processes (some people saying certain processes are necessary, and some are not) I really don't know these processes so I can't be sure if I caused more problems by terminating some of these processes. I do know now after messing around with the processes, that I am not able to open programs by utilizing left click of mouse.
Here are the issues that I am currently having.
Windows Installer pop ups repeatedly.
I cannot open programs by left clicking on them. Programs are unresponsive. I have to right click and select open on the programs that will open.
As of recently I cannot run msconfig and all other functions whether it's from the "run" option or from the direct root itself.
I cannot open downloaded files that are sitting on my browser's download page. (google chrome)
As of recently the laptop has been running hard and the fan kicks on constantly
I recently purchased a new external hard drive which at times keeps getting disconnected from my laptop. I recently moved all my music, photos and word doc. files to the hard drive freeing up space on the laptop's hard drive.

I downloaded AVAST virus detector, which has replaced my previous virus protection Mcafee.

Any tips to resolve my laptops issues is very greatly appreciated. Thank you for your time.

Edited by hamluis, 17 August 2012 - 07:09 AM.
Moved from XP to Am I Infected - Hamlluis.


BC AdBot (Login to Remove)

 


#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,049 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:02:21 AM

Posted 17 August 2012 - 03:28 PM

Hi,

Can you Download and install Malwarebytes Anti-Malware?
During install choose not to active the Trial because you only need the Free version and will avoid any conflict with the existing Antivirus.

Let the program update and do a quick scan, post the resulting log on your reply.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 17 August 2012 - 03:50 PM

Hi,

Can you Download and install Malwarebytes Anti-Malware?
During install choose not to active the Trial because you only need the Free version and will avoid any conflict with the existing Antivirus.

Let the program update and do a quick scan, post the resulting log on your reply.


will do. thanks

#4 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 17 August 2012 - 04:04 PM

so as Malwarebytes Anti-Malware is about to complete installing and I get this error message. CoCReateinstance failed. Code 0x80040154. Class not registered. IT seems to still have installed so I am going to run it and start scan. I have to go to work now, I will report back with results. Thanks

#5 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 18 August 2012 - 01:57 AM

Here are the results from the scan:

Database version: v2012.08.17.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Alexa :: NYSKYHI [administrator]

8/17/2012 11:03:28 AM
mbam-log-2012-08-17 (20-56-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240338
Time elapsed: 21 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> No action taken.

Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 2871944b580555e1896ed1b70e4faa28 -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#6 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,049 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:02:21 AM

Posted 18 August 2012 - 10:49 AM

Hi,

Malwarebytes didn't find any serious thread but you should run the program again and this time let it remove the malicious items.

Download MiniToolBox run the program and check the option List last 10 Event Viewer Errors copy the generated report to your next reply.

Lets try a last check for Virus... Download HitmanPro and run the file
  • click Next and then select the option "No, I only want to perform a one-time scan to check this computer"
  • let the program scan...
  • when the scan completes click on the link Save Log at the bottom left next to the Buy Now Button, by default the log will be saved on the Desktop
  • close the HitManPro Window
  • open the HitMan log using Notepad, select all the text to copy & paste the text in your next reply

Edited by Rui Paz, 19 August 2012 - 05:27 AM.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#7 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 18 August 2012 - 02:37 PM

I will follow your directions and post back. Thank you!

#8 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 18 August 2012 - 02:42 PM

the mini tool bar link that you listed expired. i will try to find it via google

#9 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,049 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:02:21 AM

Posted 18 August 2012 - 02:56 PM

the mini tool bar link that you listed expired. i will try to find it via google


Sorry about that, link corrected.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#10 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 18 August 2012 - 03:10 PM

Just a quick note...
The mini tool bar link directed me to a page that states "MiniToolBox detects Internet connection issues due to broken or hijacked LSP, proxy settings, and problems with network adapters. It can also be used to detecte search redirections and router hijackings."

router hijackings...I wouldn't be surprised if this is happening also.

#11 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 18 August 2012 - 03:33 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Alexa (administrator) on 18-08-2012 at 10:32:44
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/18/2012 02:25:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5937

Error: (08/18/2012 02:25:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5937

Error: (08/18/2012 02:25:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/18/2012 02:25:28 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2078

Error: (08/18/2012 02:25:28 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2078

Error: (08/18/2012 02:25:28 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/18/2012 01:33:25 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile, P4 3.0.8402.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/18/2012 01:33:24 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 passthrough, P4 1.1.8601.0, P5 fixed, P6 1 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/18/2012 01:33:23 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.8601.0, P5 fixed, P6 1 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/18/2012 01:33:15 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.8601.0, P5 fixed, P6 1 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (08/18/2012 10:09:14 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/18/2012 01:33:10 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%834

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%838

Error: (08/17/2012 00:37:30 AM) (Source: Service Control Manager) (User: )
Description: The SiteAdvisor Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.

Error: (08/17/2012 00:37:17 AM) (Source: Service Control Manager) (User: )
Description: The SeaPort service terminated unexpectedly. It has done this 1 time(s).

Error: (08/17/2012 00:37:15 AM) (Source: Service Control Manager) (User: )
Description: The SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.

Error: (08/17/2012 00:37:06 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SpamKiller Server service terminated unexpectedly. It has done this 1 time(s).

Error: (08/17/2012 00:20:09 AM) (Source: Service Control Manager) (User: )
Description: The Network DDE service depends on the Network DDE DSDM service which failed to start because of the following error:
%%1058

Error: (08/16/2012 10:08:44 PM) (Source: Service Control Manager) (User: )
Description: The Network DDE service depends on the Network DDE DSDM service which failed to start because of the following error:
%%1058

Error: (08/16/2012 09:39:14 PM) (Source: Service Control Manager) (User: )
Description: The Network DDE service depends on the Network DDE DSDM service which failed to start because of the following error:
%%1058

Error: (08/16/2012 10:30:28 AM) (Source: Service Control Manager) (User: )
Description: The Network DDE service depends on the Network DDE DSDM service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (08/18/2012 02:25:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5937

Error: (08/18/2012 02:25:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5937

Error: (08/18/2012 02:25:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/18/2012 02:25:28 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2078

Error: (08/18/2012 02:25:28 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2078

Error: (08/18/2012 02:25:28 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/18/2012 01:33:25 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry2152759308unspecifiedscanfile3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)unspecifiedunspecifiedNILNILNIL

Error: (08/18/2012 01:33:24 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetrymicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)3.0.8402.0passthrough1.1.8601.0fixed1 _ 10245 _ not bootNILNILNIL

Error: (08/18/2012 01:33:23 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetrymicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)3.0.8402.0timeout1.1.8601.0fixed1 _ 10245 _ not bootNILNILNIL

Error: (08/18/2012 01:33:15 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetrymicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)3.0.8402.0timeout1.1.8601.0fixed1 _ 10245 _ not bootNILNILNIL


**** End of log ****

#12 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 18 August 2012 - 03:35 PM


HitmanPro 3.6.1.164

www.hitmanpro.com



   Computer name . . . . : NYSKYHI

   Windows . . . . . . . : 5.1.3.2600.X86/1

   User name . . . . . . : NYSKYHI\Alexa

   License . . . . . . . : Free



   Scan date . . . . . . : 2012-08-18 09:43:08

   Scan mode . . . . . . : Normal

   Scan duration . . . . : 40m 25s

   Disk access mode  . . : Direct disk access (SRB)

   Cloud . . . . . . . . : Internet

   Reboot  . . . . . . . : No



   Threats . . . . . . . : 6

   Traces  . . . . . . . : 108



   Objects scanned . . . : 707,819

   Files scanned . . . . : 26,420

   Remnants scanned  . . : 152,948 files / 528,451 keys



Malware remnants ____________________________________________________________



   C:\WINDOWS\system32\d3d9caps.dat (Trojan.FakeAV)

   HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\ (Adware.MyWebSearch)

   HKU\S-1-5-21-232830807-4228998283-2509495060-1006\Software\Crossrider\215AppVerifier (Adware.IWantThis)

   HKU\S-1-5-21-232830807-4228998283-2509495060-1006\Software\Microsoft\Internet Explorer\LowRegistry\Extensions\CmdMapping\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato)

   HKU\S-1-5-21-232830807-4228998283-2509495060-1006\Software\Microsoft\Internet Explorer\LowRegistry\Extensions\CmdMapping\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.Hotbar)

   HKU\S-1-5-21-232830807-4228998283-2509495060-1006\Software\Microsoft\Internet Explorer\LowRegistry\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.Hotbar)



Cookies _____________________________________________________________________



   C:\Documents and Settings\Alexa\Cookies\110OTTOQ.txt

   C:\Documents and Settings\Alexa\Cookies\22HA03KL.txt

   C:\Documents and Settings\Alexa\Cookies\2F44JU3Y.txt

   C:\Documents and Settings\Alexa\Cookies\4C2R0IV5.txt

   C:\Documents and Settings\Alexa\Cookies\7J985P67.txt

   C:\Documents and Settings\Alexa\Cookies\A1PRDBUW.txt

   C:\Documents and Settings\Alexa\Cookies\alexa@ad.yieldmanager[1].txt

   C:\Documents and Settings\Alexa\Cookies\alexa@adbrite[2].txt

   C:\Documents and Settings\Alexa\Cookies\alexa@advertising[2].txt

   C:\Documents and Settings\Alexa\Cookies\alexa@at.atwola[1].txt

   C:\Documents and Settings\Alexa\Cookies\alexa@casalemedia[2].txt

   C:\Documents and Settings\Alexa\Cookies\alexa@fastclick[1].txt

   C:\Documents and Settings\Alexa\Cookies\alexa@hawaiianairlines.112.2o7[1].txt

   C:\Documents and Settings\Alexa\Cookies\alexa@specificclick[1].txt

   C:\Documents and Settings\Alexa\Cookies\alexa@tribalfusion[2].txt

   C:\Documents and Settings\Alexa\Cookies\BSEZ410Q.txt

   C:\Documents and Settings\Alexa\Cookies\EBDT87XE.txt

   C:\Documents and Settings\Alexa\Cookies\HNYQ6F3M.txt

   C:\Documents and Settings\Alexa\Cookies\KJSAIGGR.txt

   C:\Documents and Settings\Alexa\Cookies\QCBDYF1Q.txt

   C:\Documents and Settings\Alexa\Cookies\QMG5TY28.txt

   C:\Documents and Settings\Alexa\Cookies\R8UQ1ASQ.txt

   C:\Documents and Settings\Alexa\Cookies\URZA8G3T.txt

   C:\Documents and Settings\Alexa\Cookies\V738T3RS.txt

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:247realmedia.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:a1.interclick.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.360yield.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adbrite.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adinterax.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.bleepingcomputer.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.cnn.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.e-planning.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.environmentalleader.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.foodbuzz.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.saymedia.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.undertone.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.us.e-planning.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adserver.adtechus.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adtech.de

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:advertising.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:apmebf.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ar.atwola.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:at.atwola.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:atdmt.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:atwola.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:burstnet.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:c.atdmt.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:care2.112.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:casalemedia.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:clickbank.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:collective-media.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:dmtracker.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:doubleclick.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:eaeacom.112.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:etrade.122.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:fastclick.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:gntbcstglobal.112.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:highbeam.122.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:in.getclicky.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:intelligentbeauty.122.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:interclick.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:invitemedia.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:journalregistercompany.122.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:kontera.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:leeenterprises.112.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:livejasmin.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:media6degrees.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:mediaplex.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:microsoftsto.112.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:mm.chitika.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:msnbc.112.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:mtvn.112.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:newsday.122.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:oracle.112.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:overture.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:pointroll.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:pubads.g.doubleclick.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:questionmarket.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:realmedia.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:revsci.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ru4.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:serving-sys.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:sexad.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:specificclick.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:stat.onestat.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:statcounter.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:t.pointroll.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:tacoda.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:track.prd1.netshelter.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:tradedoubler.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:trafficmp.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:tribalfusion.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:uk.sitestat.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:usatoday1.112.2o7.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www.burstnet.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:xiti.com

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:yadro.ru

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:yieldmanager.net

   C:\Documents and Settings\Alexa\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:zedo.com







#13 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 18 August 2012 - 03:42 PM

I am not sure if this would be necessary but I just bought an external hard drive that I recently move a few gigs of files to. mostly .mp3 files, images. and Word docs. Should I run a scan on this hard drive as well? It was not connected to my laptop when I ran these past scans.

I also would like to add that the reason for not having the HD connected is due to the laptop not able to maintain a consistent connection with the HD. I know....my laptop is jacked up!

Edited by NYskyHI, 18 August 2012 - 03:45 PM.


#14 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,049 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:02:21 AM

Posted 18 August 2012 - 03:45 PM

Ok, lets see if we can remove the Adware detected by HitManPro using Eset On-line Scanner

Make sure that the option Remove found threats is ticked and the Scan Archives option is also ticked.
Click on Advanced Settings, an check the options:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology are ticked.
Click Scan and then wait for the scan to finish (it will take some time).

When the scan ends press the button LIST OF THREATS FOUND, click Export to Text File open the text file and Copy & Paste the contents to your reply.
Press the BACK button.
Press Finish

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#15 NYskyHI

NYskyHI
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 18 August 2012 - 03:50 PM

So I should go ahead and "activate free license" first?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users