Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange message box/Notepad file on my computer?


  • Please log in to reply
42 replies to this topic

#1 MrKalius

MrKalius

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England.
  • Local time:11:20 PM

Posted 12 October 2014 - 03:10 PM

I was just randomly using the computer as normal, and a message box randomly pops up stating "Cannot run specified program" with an "Ok" button and "Details" button. I click "Details" and this notepad file pops up.

PLEASE NOTE - MINITOOLBOX INFORMATION ON SECOND POST

 

PLATFORM VERSION INFO
Windows : 6.1.7601.65536 (Win32NT)
Common Language Runtime : 4.0.30319.18444
System.Deployment.dll : 4.0.30319.18408 built by: FX451RTMGREL
clr.dll : 4.0.30319.18444 built by: FX451RTMGDR
dfdll.dll : 4.0.30319.18408 built by: FX451RTMGREL
dfshim.dll : 4.0.41209.0 (Main.041209-0000)
 
SOURCES
 
ERROR SUMMARY
Below is a summary of the errors, details of these errors are listed later in the log.
+ Exception reading manifest from http://www.reponets.com/creative/2-002138011-00001i;size=728x90;tag_id=7881;sub_id=2320;ref=INSERT_REFERRER_HERE;cb=INSERT_CACHEBUSTER_HERE: the manifest may not be valid or the file could not be opened.
+ An error occurred while parsing EntityName. Line 1, position 43.
 
COMPONENT STORE TRANSACTION FAILURE SUMMARY
No transaction error was detected.
 
WARNINGS
There were no warnings during this operation.
 
OPERATION PROGRESS STATUS
 
ERROR DETAILS
Following errors were detected during this operation.
* [12/10/2014 20:51:11] System.Deployment.Application.InvalidDeploymentException (ManifestParse)
- Exception reading manifest from http://www.reponets.com/creative/2-002138011-00001i;size=728x90;tag_id=7881;sub_id=2320;ref=INSERT_REFERRER_HERE;cb=INSERT_CACHEBUSTER_HERE: the manifest may not be valid or the file could not be opened.
- Source: System.Deployment
- Stack trace:
at System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
at System.Deployment.Application.DownloadManager.DownloadDeploymentManifestDirectBypass(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, SubscriptionState& subState, IDownloadNotification notification, DownloadOptions options, ServerInformation& serverInformation)
at System.Deployment.Application.DownloadManager.DownloadDeploymentManifestBypass(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, SubscriptionState& subState, IDownloadNotification notification, DownloadOptions options)
at System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
at System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)
--- Inner Exception ---
System.Xml.XmlException
- An error occurred while parsing EntityName. Line 1, position 43.
- Source: System.Xml
- Stack trace:
at System.Xml.XmlTextReaderImpl.Throw(String res, String arg)
at System.Xml.XmlTextReaderImpl.ParseEntityName()
at System.Xml.XmlTextReaderImpl.ParseAttributeValueSlow(Int32 curPos, Char quoteChar, NodeData attr)
at System.Xml.XmlTextReaderImpl.ParseAttributes()
at System.Xml.XmlTextReaderImpl.ParseElement()
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Deployment.Application.ManifestValidatingReader.XmlFilteredReader.Read()
at System.Xml.XmlCharCheckingReader.Read()
at System.Xml.XsdValidatingReader.Read()
at System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
 
COMPONENT STORE TRANSACTION DETAILS
No transaction information is available.


Could this be related to something dangerous?

Edited by hamluis, 12 October 2014 - 06:33 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 MrKalius

MrKalius
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England.
  • Local time:11:20 PM

Posted 12 October 2014 - 03:11 PM

!!!MINIBOX TOOL INFO!!!

 

MiniToolBox by Farbar  Version: 21-07-2014

Ran by luke (administrator) on 12-10-2014 at 21:07:12
Running from "C:\Users\luke\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/12/2014 05:37:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 11.10.13.1, time stamp: 0x52f202d0
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00033a96
Faulting process id: 0x1c90
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
 
Error: (10/12/2014 05:36:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 11.10.13.1, time stamp: 0x52f202d0
Faulting module name: nvspcap.dll_unloaded, version: 0.0.0.0, time stamp: 0x52f20257
Exception code: 0xc0000005
Fault offset: 0x100c9860
Faulting process id: 0x1c90
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
 
Error: (10/12/2014 03:04:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (10/11/2014 05:36:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 11.10.13.1, time stamp: 0x52f202d0
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00033a96
Faulting process id: 0x1a8c
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
 
Error: (10/11/2014 05:36:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 11.10.13.1, time stamp: 0x52f202d0
Faulting module name: nvspcap.dll_unloaded, version: 0.0.0.0, time stamp: 0x52f20257
Exception code: 0xc0000005
Fault offset: 0x100c9860
Faulting process id: 0x1a8c
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
 
Error: (10/10/2014 08:46:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (10/09/2014 10:49:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: gta_sa.exe, version: 0.0.0.0, time stamp: 0x427101ca
Faulting module name: gta_sa.exe, version: 0.0.0.0, time stamp: 0x427101ca
Exception code: 0xc0000005
Fault offset: 0x000dd5a3
Faulting process id: 0xa54
Faulting application start time: 0xgta_sa.exe0
Faulting application path: gta_sa.exe1
Faulting module path: gta_sa.exe2
Report Id: gta_sa.exe3
 
Error: (10/09/2014 05:32:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 11.10.13.1, time stamp: 0x52f202d0
Faulting module name: OLEAUT32.dll, version: 6.1.7601.17676, time stamp: 0x4e58702a
Exception code: 0xc0000005
Fault offset: 0x00021750
Faulting process id: 0x19bc
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
 
Error: (10/09/2014 05:32:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 11.10.13.1, time stamp: 0x52f202d0
Faulting module name: nvspcap.dll_unloaded, version: 0.0.0.0, time stamp: 0x52f20257
Exception code: 0xc0000005
Fault offset: 0x100c9860
Faulting process id: 0x19bc
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
 
Error: (10/08/2014 05:32:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 11.10.13.1, time stamp: 0x52f202d0
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00033a96
Faulting process id: 0x758
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
 
 
System errors:
=============
Error: (10/12/2014 02:22:43 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (10/11/2014 00:08:40 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
Error: (10/06/2014 09:19:52 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MACPRO-F3B607
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{EC4859B9-2BDD-42BB-820B-94D726415B28}.
The master browser is stopping or an election is being forced.
 
Error: (09/29/2014 01:35:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
Error: (09/28/2014 02:04:04 PM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
 
Error: (09/28/2014 04:02:41 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.
 
Error: (09/27/2014 03:34:50 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/26/2014 05:56:32 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (09/25/2014 03:32:04 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (09/25/2014 03:32:04 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
 
Microsoft Office Sessions:
=========================
Error: (10/12/2014 05:37:14 PM) (Source: Application Error)(User: )
Description: NvBackend.exe11.10.13.152f202d0ole32.dll6.1.7601.175144ce7b96fc000000500033a961c9001cfe59db6fafec3C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Windows\syswow64\ole32.dll04d1483d-522e-11e4-8889-001d7d4694ea
 
Error: (10/12/2014 05:36:56 PM) (Source: Application Error)(User: )
Description: NvBackend.exe11.10.13.152f202d0nvspcap.dll_unloaded0.0.0.052f20257c0000005100c98601c9001cfe59db6fafec3C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exenvspcap.dllfa333b31-522d-11e4-8889-001d7d4694ea
 
Error: (10/12/2014 03:04:32 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8
 
Error: (10/11/2014 05:36:35 PM) (Source: Application Error)(User: )
Description: NvBackend.exe11.10.13.152f202d0ole32.dll6.1.7601.175144ce7b96fc000000500033a961a8c01cfe3e0c6018de4C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Windows\syswow64\ole32.dllc3355177-5164-11e4-8889-001d7d4694ea
 
Error: (10/11/2014 05:36:10 PM) (Source: Application Error)(User: )
Description: NvBackend.exe11.10.13.152f202d0nvspcap.dll_unloaded0.0.0.052f20257c0000005100c98601a8c01cfe3e0c6018de4C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exenvspcap.dllb43f24a1-5164-11e4-8889-001d7d4694ea
 
Error: (10/10/2014 08:46:55 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8
 
Error: (10/09/2014 10:49:51 PM) (Source: Application Error)(User: )
Description: gta_sa.exe0.0.0.0427101cagta_sa.exe0.0.0.0427101cac0000005000dd5a3a5401cfe40adb0fae40\\ADAMCOMP\VG Base\GTA San Andreas\gta_sa.exe\\ADAMCOMP\VG Base\GTA San Andreas\gta_sa.exe31955373-4ffe-11e4-8889-001d7d4694ea
 
Error: (10/09/2014 05:32:52 PM) (Source: Application Error)(User: )
Description: NvBackend.exe11.10.13.152f202d0OLEAUT32.dll6.1.7601.176764e58702ac00000050002175019bc01cfe390ef1dadceC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Windows\syswow64\OLEAUT32.dlle9d53d48-4fd1-11e4-8889-001d7d4694ea
 
Error: (10/09/2014 05:32:34 PM) (Source: Application Error)(User: )
Description: NvBackend.exe11.10.13.152f202d0nvspcap.dll_unloaded0.0.0.052f20257c0000005100c986019bc01cfe390ef1dadceC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exenvspcap.dlldf09b6f2-4fd1-11e4-8889-001d7d4694ea
 
Error: (10/08/2014 05:32:12 PM) (Source: Application Error)(User: )
Description: NvBackend.exe11.10.13.152f202d0ole32.dll6.1.7601.175144ce7b96fc000000500033a9675801cfdfde6a1b1c5fC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Windows\syswow64\ole32.dlla7094a01-4f08-11e4-8889-001d7d4694ea
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-05-04 05:51:14.400
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-04 05:51:14.306
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-04 05:28:53.050
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-04 05:28:52.957
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-04 04:56:05.237
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-04 04:56:05.003
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-04 04:37:20.766
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-04 04:37:20.579
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-04 04:22:44.607
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-04 04:22:44.520
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\xbcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B001064C-D061-4BAE-9031-416A838D5536}) (Version: 10.2.153.1 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{9C542173-96F0-435D-A95C-468CAAC75EA0}) (Version: 10.2.153.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
FileZilla Client 3.7.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.1.1 - Tim Kosse)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Controller Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Control Panel 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TreeSize Free V3.0.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.0.1 - JAM Software)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.10 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.1 - win.rar GmbH)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 57%
Total physical RAM: 4094.49 MB
Available physical RAM: 1745.99 MB
Total Pagefile: 8187.16 MB
Available Pagefile: 2825.88 MB
Total Virtual: 4095.88 MB
Available Virtual: 3981.95 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:74.4 GB) (Free:11.69 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\LUKE-PC
 
Administrator            Guest                    luke                     
 
 
**** End of log ****
 


#3 Gareth79

Gareth79

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:20 PM

Posted 12 October 2014 - 04:01 PM

I have had this twice and just found this while searching. I'm reasonably sure it's somebody trying to exploit Skype's banner ads to install malicious programs, mine popped up just as the banner rotated.  I assume Skype calls an internal IE browser instance that (for some reason) allows a Click Once install to progress.


Edited by Gareth79, 12 October 2014 - 04:02 PM.


#4 Natini

Natini

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 12 October 2014 - 04:37 PM

Ive had this twice too and I can't find any traces of it ever happening in the event log. I want to know what it is because it looks dodgey and I tried to look up the link and reponets.com comes back as something not trusted.. yet the url itsself is in a 404...I've blocked it just incase its trying to initiate some kind of download via that url. 

I don't know about skype though. I do have it running and it is in use but I've not noticed any consistencies with it (i.e the ad changing) 

I really don't like it. 



#5 xtrmn8r

xtrmn8r

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 13 October 2014 - 05:56 AM

Had this popup this morning. Nothing in event viewer. 16 people viewing this thread at the time too, so it doesn't seem isolated.

 

Skype was running at the time.


Edited by xtrmn8r, 13 October 2014 - 05:57 AM.


#6 PermissionGranted

PermissionGranted

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 13 October 2014 - 06:56 AM

I received the pop-up twice last night, along with a graphic displaying an attempt to 'connect' to a network. Only had two windows running at the time, one was a browser window on a known safe-site with no ads running, the other was Skype. Notepad document was the same as OPs, the domain url it was trying to connect to is only a few weeks only, seems pretty suspicious. 

Only running Skype in a virtual machine for the time being just to be safe. Anyone made any headway into pinpointing the issue, or how to prevent it?



#7 mcwhizzleteats

mcwhizzleteats

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 13 October 2014 - 09:18 AM

Only running Skype in a virtual machine for the time being just to be safe. Anyone made any headway into pinpointing the issue, or how to prevent it?

 

You could just block Skype's advertisement server.

 

Go to Control Panel > Network and Internet > Internet Options > Security Tab > Restricted Sites

 

Then click sites, and add 

https://apps.skype.com/

Works for me with no loss of functionality.



#8 PermissionGranted

PermissionGranted

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 13 October 2014 - 09:25 AM

 

Only running Skype in a virtual machine for the time being just to be safe. Anyone made any headway into pinpointing the issue, or how to prevent it?

 

You could just block Skype's advertisement server.

 

Go to Control Panel > Network and Internet > Internet Options > Security Tab > Restricted Sites

 

Then click sites, and add 

https://apps.skype.com/

Works for me with no loss of functionality.

 

Great idea, will do that now.

 

Thanks for the advice.



#9 mattou07

mattou07

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 13 October 2014 - 10:04 AM

I got this issue as well and there are nearly 60 users reading this. So it must have been triggered at the same time. I clicked details and this is what I have (Filename is TQ0QL32T.log):

 

PLATFORM VERSION INFO
Windows : 6.1.7601.65536 (Win32NT)
Common Language Runtime : 4.0.30319.18444
System.Deployment.dll : 4.0.30319.18408 built by: FX451RTMGREL
clr.dll : 4.0.30319.18444 built by: FX451RTMGDR
dfdll.dll : 4.0.30319.18408 built by: FX451RTMGREL
dfshim.dll : 4.0.41209.0 (Main.041209-0000)
 
SOURCES
 
ERROR SUMMARY
Below is a summary of the errors, details of these errors are listed later in the log.
+ Exception reading manifest from http://www.reponets.com/creative/2-002138011-00001i;size=728x90;tag_id=7881;sub_id=2320;ref=INSERT_REFERRER_HERE;cb=INSERT_CACHEBUSTER_HERE: the manifest may not be valid or the file could not be opened.
+ An error occurred while parsing EntityName. Line 1, position 43.
 
COMPONENT STORE TRANSACTION FAILURE SUMMARY
No transaction error was detected.
 
WARNINGS
There were no warnings during this operation.
 
OPERATION PROGRESS STATUS
 
ERROR DETAILS
Following errors were detected during this operation.
* [13/10/2014 15:47:02] System.Deployment.Application.InvalidDeploymentException (ManifestParse)
- Exception reading manifest from http://www.reponets.com/creative/2-002138011-00001i;size=728x90;tag_id=7881;sub_id=2320;ref=INSERT_REFERRER_HERE;cb=INSERT_CACHEBUSTER_HERE: the manifest may not be valid or the file could not be opened.
- Source: System.Deployment
- Stack trace:
at System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
at System.Deployment.Application.DownloadManager.DownloadDeploymentManifestDirectBypass(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, SubscriptionState& subState, IDownloadNotification notification, DownloadOptions options, ServerInformation& serverInformation)
at System.Deployment.Application.DownloadManager.DownloadDeploymentManifestBypass(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, SubscriptionState& subState, IDownloadNotification notification, DownloadOptions options)
at System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
at System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)
--- Inner Exception ---
System.Xml.XmlException
- An error occurred while parsing EntityName. Line 1, position 43.
- Source: System.Xml
- Stack trace:
at System.Xml.XmlTextReaderImpl.Throw(String res, String arg)
at System.Xml.XmlTextReaderImpl.ParseEntityName()
at System.Xml.XmlTextReaderImpl.ParseAttributeValueSlow(Int32 curPos, Char quoteChar, NodeData attr)
at System.Xml.XmlTextReaderImpl.ParseAttributes()
at System.Xml.XmlTextReaderImpl.ParseElement()
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Deployment.Application.ManifestValidatingReader.XmlFilteredReader.Read()
at System.Xml.XmlCharCheckingReader.Read()
at System.Xml.XsdValidatingReader.Read()
at System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri)
 
COMPONENT STORE TRANSACTION DETAILS
No transaction information is available.


#10 Natini

Natini

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 13 October 2014 - 02:36 PM

 

Only running Skype in a virtual machine for the time being just to be safe. Anyone made any headway into pinpointing the issue, or how to prevent it?

 

You could just block Skype's advertisement server.

 

Go to Control Panel > Network and Internet > Internet Options > Security Tab > Restricted Sites

 

Then click sites, and add 

https://apps.skype.com/

Works for me with no loss of functionality.

 

I love you.



#11 MrKalius

MrKalius
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England.
  • Local time:11:20 PM

Posted 13 October 2014 - 08:02 PM

I'll wait until a mod response.
The mods recommend not doing anything that anyone else suggests until they answer.
After another day, I'll post this in the "Didn't get an answer" yet section.
Remember everyone. 

Rules state that only I can follow what the Mod posts, as it could mess with your systems.

Just a fair warning.

Hope to get a reply soon! - Thanks!



#12 PermissionGranted

PermissionGranted

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 13 October 2014 - 08:07 PM

I'll wait until a mod response.
The mods recommend not doing anything that anyone else suggests until they answer.
After another day, I'll post this in the "Didn't get an answer" yet section.
Remember everyone. 

Rules state that only I can follow what the Mod posts, as it could mess with your systems.

Just a fair warning.

Hope to get a reply soon! - Thanks!

Right, you're free not to do anything of course but surely common sense suggests that blocking a potentially harmful ad-domain is a good thing? At the very least it's a useless thing. Just a heads up but most of the time in these sorts of forums the majority of advice is going to come from fellow users, not mods.



#13 reposkets

reposkets

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 13 October 2014 - 08:33 PM

Been having a few pop up from time to time. I also noticed I had an advert earlier on Skype that was formatted incorrectly, had visible JS... Clearly a botch job, that Skype let through.

 

Gone about blocking the skype adserver for now, and also added the ip of the reponets server to my block list. (107.21.0.163)

 

According to a few websites, the server has only been over for no more than 6 weeks or so, and many are reporting it as an untrusted suspicious source, so I'd definitely take steps to add the reponets server to your firewall, at the very least.

 

 

edit: just wondering a little, as I use skype on my phone too... I'm curious as to how vulnerable mobile devices are currently.


Edited by reposkets, 13 October 2014 - 08:43 PM.


#14 PermissionGranted

PermissionGranted

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 13 October 2014 - 08:57 PM

Been having a few pop up from time to time. I also noticed I had an advert earlier on Skype that was formatted incorrectly, had visible JS... Clearly a botch job, that Skype let through.

 

Gone about blocking the skype adserver for now, and also added the ip of the reponets server to my block list. (107.21.0.163)

 

According to a few websites, the server has only been over for no more than 6 weeks or so, and many are reporting it as an untrusted suspicious source, so I'd definitely take steps to add the reponets server to your firewall, at the very least.

 

 

edit: just wondering a little, as I use skype on my phone too... I'm curious as to how vulnerable mobile devices are currently.

Good name, good call. I did the same after mcwhizzleteats suggested blocking the Skype ad-domain.

To answer your question on the mobile phone front, it seems everyone here experienced this on a windows machine, I very much doubt the same attack is configured to run on Android too but I may be wrong. Seems to be a spate of malicious ads at the moment - http://www.pcworld.com/article/2686392/malicious-advertisements-distributed-by-doubleclick-zedo-networks.html

 

If you're paranoid I guess it wouldn't hurt to install an AV on your phone but I've not heard of this particular issue affecting mobile devices.

Also to note, after speaking to others reporting this issue, it seems the large majority are UK based, is that tallying up with the people in this thread?


Edited by PermissionGranted, 13 October 2014 - 08:59 PM.


#15 Gareth79

Gareth79

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:20 PM

Posted 14 October 2014 - 01:50 PM

I think it is probably related to today's Microsoft patches, especially this one: https://technet.microsoft.com/library/security/ms14-057




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users