Righty...
So, here I was minding my own business doing some housework with my PC playing some tunes while connected to the internet...
After about an hour, I head back to my PC to see some alarming things had happened.
Firstly, there are 2 new icons in the system tray... no idea why they were there!
Then there's the two new program groups in my Startmenu... and then I saw it.
GAIN.
Bugger.
Basically, without me clicking any buttons, or giving permission, there are now two applications running on my PC, with Gator in the background.
After a bit of searching, I found the install log... which made alarming reading... here it is for all to see...
C:\WINDOWS\TEMP\fsg_tmp\PdpSetup3201.exe v3201 starts Sat Feb 08 12:52:41 2003
Updating security...
-> Not supported on Windows 98.
DelVal HKLM\software\Gator.com, SetupStartedMessageSent... OK (didn't exist)
Fixing old-version anomalies:
Updating OC EntityFlag: Updating Gator EntityFlag: Not set.
Removing 2.x GSNInstalled value... DelVal HKLM\software\Gator.com\CMEII, GSNInstalled... OK (didn't exist)
PreviousInstallInfo:
Version: ""
AIC: ""
GatorInst: 0
OCInst: 0
CmeKeyExists: 0
LogToServer SENT: SILENTSETUP=START<^E>828957AD-5B35-4063-91C3-2768B5F59304<^E>HIC_TargetSearches<^E>3.2.0.1
WriteDW: HKLM\software\Gator.com, SetupStartedMessageSent=1... OK (0)
#STEP_EnsureOnlySetupApp:
Prev app is "None"... PdpSetup can run!
#STEP_CreateSentinel:OK
System Folders:
ProgramFilesDir = "C:\Program Files"
CommonFilesDir = "C:\Program Files\Common Files"
#STEP_CheckIfGatorAlreadyInstalled:
No previous version found.
#STEP_CheckOS: OS Version: 4.10.2222.1 - Windows 98 (allowed)
#STEP_CheckDiskSpace:
#STEP_ShutdownApp:
EnsureNoAppsRunning:
EnsureNotRunning(CME):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
EnsureNotRunning(Gator):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
EnsureNotRunning(OfferCompanion):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
EnsureNotRunning(GMT):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
#STEP_LoadInfo:
ReadSetting(SetupInf)... value="c:\windows\TEMP\fsg_tmp\files\PdpSetup.inf" OK
ReadSetting(Bundle)... value="c:\windows\TEMP\fsg_tmp\files\3305.gsz" OK
ReadSetting(OemResDllFile)... value="" OK
ReadSetting(OemResDllName)... value="" OK
#STEP_ProcessSetupInf:
WriteDW: HKLM\software\Gator.com\Gator\dyn\Settings, RequirePassword=0... OK (0)
WriteDW: HKLM\software\Gator.com\Gator\dyn\Settings, MinPasswordLength=0... OK (0)
WriteDW: HKLM\software\Gator.com\Gator\stat\GMT\Settings, IMU_Delay=0... OK (0)
WriteDW: HKLM\software\Gator.com\Gator\stat\GMT\Settings, AU_DelayHrs=0... OK (0)
-> OK
#STEP_CheckInstallGatorOffers:
ShouldInstallApp(Gator):
Install (INF flag): 0
Upgrade (file exists): 0 (C:\Program Files\Gator.com\Gator\Gator.exe)
-> NO
ShouldInstallApp(Offers):
Install (INF flag): 0
Upgrade (file exists): 0 (C:\Program Files\Gator.com\OfferCompanion\Offers.exe)
Upgrade (file exists): 0 (C:\Program Files\Gator.com\Gator\Offers.exe)
-> NO
#STEP_Migrate:
GMT.exe (C:\Program Files\Common Files\GMT\GMT.exe) NOT found, performing migration...
Migrating installed files:
Old dir is "C:\Program Files\Gator.com\Gator
New dir is "C:\Program Files\Common Files\GMT
Migration skipped: no files or subdirs
Removing pre-1.8 Uninstaller...
Deleting "C:\WINDOWS\GatorUninstaller.exe"... OK (didn't exist)
Deleting "C:\WINDOWS\Start Menu\Programs\Gator.com\Gator\GatorUninstaller.exe"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\GatorUninstaller.exe"... OK (didn't exist)
Removing 2.5/2.6 Uninstaller...
Deleting "C:\Program Files\Common Files\GMT\GSNUninstaller.exe"... OK (didn't exist)
Deleting CTB files from C:\Program Files\Common Files\GMT...
Deleting "C:\Program Files\Common Files\GMT\ctbrte2.dll"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\ctb.dat"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\upd_ctb.dat"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\last_ctb.dat"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\ctbg.xcl"... OK (didn't exist)
Deleting "C:\Program Files\Common Files\GMT\upd_ctbg.xcl"... OK (didn't exist)
#STEP_InitBundle:
Bundle Init completed successfully.
#STEP_ExtractItems:
Extracting GMT.exe to c:\windows\TEMP\GBI42B2.TMP...
Extracting GatorStubSetup.exe to c:\windows\TEMP\GBI42B3.TMP...
Extracting GUninstaller.exe to c:\windows\TEMP\GBI42B4.TMP...
Extracting egIEEngine.dll to c:\windows\TEMP\GBI42B5.TMP...
Extracting EGIEProcess.dll to c:\windows\TEMP\GBI42B6.TMP...
Extracting EGNSEngine.dll to c:\windows\TEMP\GBI42B7.TMP...
Extracting GatorRes.dll to c:\windows\TEMP\GBI42B8.TMP...
Extracting Helper.wav to c:\windows\TEMP\GBI42B9.TMP...
Extracting FillIn.wav to c:\windows\TEMP\GBI42BA.TMP...
Extracting GMT.exe.manifest to c:\windows\TEMP\GBI42BB.TMP...
Extracting CMESys.exe to c:\windows\TEMP\GBI42BC.TMP...
Extracting CMEIIAPI.dll to c:\windows\TEMP\GBI42BD.TMP...
Extracting CMEUpd.exe to c:\windows\TEMP\GBI42BE.TMP...
Extracting GAppMgr.dll to c:\windows\TEMP\GBI42BF.TMP...
Extracting GController.dll to c:\windows\TEMP\GBI42C0.TMP...
Extracting GDwldEng.dll to c:\windows\TEMP\GBI42C1.TMP...
Extracting GFormCTM.dll to c:\windows\TEMP\GBI42C2.TMP...
Extracting GIocl.dll to c:\windows\TEMP\GBI42C3.TMP...
Extracting GIoclClient.dll to c:\windows\TEMP\GBI42C4.TMP...
Extracting GMTProxy.dll to c:\windows\TEMP\GBI42C5.TMP...
Extracting GObjs.dll to c:\windows\TEMP\GBI42C6.TMP...
Extracting GStore.dll to c:\windows\TEMP\GBI42C7.TMP...
Extracting GStoreServer.dll to c:\windows\TEMP\GBI42C8.TMP...
Extracting GSvcMgr.dll to c:\windows\TEMP\GBI42C9.TMP...
Extracting GSvcSAP.dll to c:\windows\TEMP\GBI42CA.TMP...
Extracting Gtools.dll to c:\windows\TEMP\GBI42CB.TMP...
Extracting bundle.inf to c:\windows\TEMP\GBI42CC.TMP...
#STEP_DecompressItems:
Decompressing "c:\windows\TEMP\GBI42B2.TMP" to "C:\Program Files\Common Files\GMT\GMT_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42B3.TMP" to "C:\Program Files\Common Files\GMT\GatorStubSetup_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42B4.TMP" to "C:\Program Files\Common Files\GMT\GUninstaller_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42B5.TMP" to "C:\Program Files\Common Files\GMT\egIEEngine_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42B6.TMP" to "C:\Program Files\Common Files\GMT\EGIEProcess_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42B7.TMP" to "C:\Program Files\Common Files\GMT\EGNSEngine_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42B8.TMP" to "C:\Program Files\Common Files\GMT\GatorRes_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42B9.TMP" to "C:\Program Files\Common Files\GMT\Helper_wav.INT"...
Decompressing "c:\windows\TEMP\GBI42BA.TMP" to "C:\Program Files\Common Files\GMT\FillIn_wav.INT"...
Decompressing "c:\windows\TEMP\GBI42BB.TMP" to "C:\Program Files\Common Files\GMT\GMT.exe_manifest.INT"...
Decompressing "c:\windows\TEMP\GBI42BC.TMP" to "C:\Program Files\Common Files\CMEII\CMESys_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42BD.TMP" to "C:\Program Files\Common Files\CMEII\CMEIIAPI_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42BE.TMP" to "C:\Program Files\Common Files\CMEII\CMEUpd_exe.INT"...
Decompressing "c:\windows\TEMP\GBI42BF.TMP" to "C:\Program Files\Common Files\CMEII\GAppMgr_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C0.TMP" to "C:\Program Files\Common Files\CMEII\GController_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C1.TMP" to "C:\Program Files\Common Files\CMEII\GDwldEng_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C2.TMP" to "C:\Program Files\Common Files\CMEII\GFormCTM_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C3.TMP" to "C:\Program Files\Common Files\CMEII\GIocl_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C4.TMP" to "C:\Program Files\Common Files\CMEII\GIoclClient_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C5.TMP" to "C:\Program Files\Common Files\CMEII\GMTProxy_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C6.TMP" to "C:\Program Files\Common Files\CMEII\GObjs_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C7.TMP" to "C:\Program Files\Common Files\CMEII\GStore_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C8.TMP" to "C:\Program Files\Common Files\CMEII\GStoreServer_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42C9.TMP" to "C:\Program Files\Common Files\CMEII\GSvcMgr_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42CA.TMP" to "C:\Program Files\Common Files\CMEII\GSvcSAP_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42CB.TMP" to "C:\Program Files\Common Files\CMEII\Gtools_dll.INT"...
Decompressing "c:\windows\TEMP\GBI42CC.TMP" to "c:\windows\TEMP\bundle_inf.INT"...
#STEP_RenameItems:
Renaming "C:\Program Files\Common Files\GMT\GMT_exe.INT" to "C:\Program Files\Common Files\GMT\GMT.exe"
Renaming "C:\Program Files\Common Files\GMT\GatorStubSetup_exe.INT" to "C:\Program Files\Common Files\GMT\GatorStubSetup.exe"
Renaming "C:\Program Files\Common Files\GMT\GUninstaller_exe.INT" to "C:\Program Files\Common Files\GMT\GUninstaller.exe"
Renaming "C:\Program Files\Common Files\GMT\egIEEngine_dll.INT" to "C:\Program Files\Common Files\GMT\egIEEngine.dll"
Renaming "C:\Program Files\Common Files\GMT\EGIEProcess_dll.INT" to "C:\Program Files\Common Files\GMT\EGIEProcess.dll"
Renaming "C:\Program Files\Common Files\GMT\EGNSEngine_dll.INT" to "C:\Program Files\Common Files\GMT\EGNSEngine.dll"
Renaming "C:\Program Files\Common Files\GMT\GatorRes_dll.INT" to "C:\Program Files\Common Files\GMT\GatorRes.dll"
Renaming "C:\Program Files\Common Files\GMT\Helper_wav.INT" to "C:\Program Files\Common Files\GMT\Helper.wav"
Renaming "C:\Program Files\Common Files\GMT\FillIn_wav.INT" to "C:\Program Files\Common Files\GMT\FillIn.wav"
Renaming "C:\Program Files\Common Files\GMT\GMT.exe_manifest.INT" to "C:\Program Files\Common Files\GMT\GMT.exe.manifest"
Renaming "C:\Program Files\Common Files\CMEII\CMESys_exe.INT" to "C:\Program Files\Common Files\CMEII\CMESys.exe"
Renaming "C:\Program Files\Common Files\CMEII\CMEIIAPI_dll.INT" to "C:\Program Files\Common Files\CMEII\CMEIIAPI.dll"
Renaming "C:\Program Files\Common Files\CMEII\CMEUpd_exe.INT" to "C:\Program Files\Common Files\CMEII\CMEUpd.exe"
Renaming "C:\Program Files\Common Files\CMEII\GAppMgr_dll.INT" to "C:\Program Files\Common Files\CMEII\GAppMgr.dll"
Renaming "C:\Program Files\Common Files\CMEII\GController_dll.INT" to "C:\Program Files\Common Files\CMEII\GController.dll"
Renaming "C:\Program Files\Common Files\CMEII\GDwldEng_dll.INT" to "C:\Program Files\Common Files\CMEII\GDwldEng.dll"
Renaming "C:\Program Files\Common Files\CMEII\GFormCTM_dll.INT" to "C:\Program Files\Common Files\CMEII\GFormCTM.dll"
Renaming "C:\Program Files\Common Files\CMEII\GIocl_dll.INT" to "C:\Program Files\Common Files\CMEII\GIocl.dll"
Renaming "C:\Program Files\Common Files\CMEII\GIoclClient_dll.INT" to "C:\Program Files\Common Files\CMEII\GIoclClient.dll"
Renaming "C:\Program Files\Common Files\CMEII\GMTProxy_dll.INT" to "C:\Program Files\Common Files\CMEII\GMTProxy.dll"
Renaming "C:\Program Files\Common Files\CMEII\GObjs_dll.INT" to "C:\Program Files\Common Files\CMEII\GObjs.dll"
Renaming "C:\Program Files\Common Files\CMEII\GStore_dll.INT" to "C:\Program Files\Common Files\CMEII\GStore.dll"
Renaming "C:\Program Files\Common Files\CMEII\GStoreServer_dll.INT" to "C:\Program Files\Common Files\CMEII\GStoreServer.dll"
Renaming "C:\Program Files\Common Files\CMEII\GSvcMgr_dll.INT" to "C:\Program Files\Common Files\CMEII\GSvcMgr.dll"
Renaming "C:\Program Files\Common Files\CMEII\GSvcSAP_dll.INT" to "C:\Program Files\Common Files\CMEII\GSvcSAP.dll"
Renaming "C:\Program Files\Common Files\CMEII\Gtools_dll.INT" to "C:\Program Files\Common Files\CMEII\Gtools.dll"
Renaming "c:\windows\TEMP\bundle_inf.INT" to "c:\windows\TEMP\bundle.inf"
-> All files renamed successfully.
#STEP_InstallOemResDll:
None supplied (OK).
DelVal HKLM\software\Gator.com\Gator\dyn, OEMResDll... OK (didn't exist)
#STEP_InstallApps:
Pre-installed apps: ""
App-install requests: "
DateManager$aic$$tid$CONB25PrecisionTime$aic$$tid$CONB25"
WriteCmePdpRegSettings:
(no PreInstalledApps)
AppRequests:
WriteSZ: HKLM\software\Gator.com\PDP\Install, 000="
DateManagerHIC_TargetSearches3E4451CECONB25PrecisionTimeHIC_TargetSearches3E4451CECONB25"... OK (123)
SetCmePendingApps, reason=AppRequests
Updating 'OemInstall' flag...
Value not changed: OemInstall
**Installing GMT...
EnsureNotRunning(GMT):
Using 3x Event... Not Listed.
Using Pre-3x method... Not running.
EnsureAppFilesLockable(GMT):
Using 3x Event... OK.
Using Pre-3x method... OK.
Installing GMT...
UnlistApp(GMT)
WriteSZ: HKLM\software\Gator.com\Gator\stat\GMT, Uninstaller="C:\Program Files\Common Files\GMT\GUninstaller.exe"... OK (0)
WriteSZ: HKLM\software\Gator.com\Gator\stat\GMT\Settings, WorkingDir="C:\Program Files\Common Files\GMT"... OK (0)
WriteSZ: HKLM\software\Gator.com\Gator\stat\GMT\Settings, GMTExe="C:\Program Files\Common Files\GMT\GMT.exe"... OK (0)
WriteSZ: HKLM\software\Gator.com\Gator\dyn, AppPath="C:\Program Files\Common Files\GMT"... OK (0)
WriteSZ: HKLM\software\Gator.com\Gator\dyn, AppExe="GMT.exe"... OK (0)
SUU_DoGainStartMenuItem(C:\Program Files\Common Files\GMT\GMT.exe):
Removing current-user Start Menu Program folder for "GAIN"... folder is "C:\WINDOWS\Start Menu\Programs\GAIN"... didn't exist (OK).
Creating Start Menu Program folder "C:\WINDOWS\Start Menu\Programs\GAIN"... OK
Adding URL to Start Menu Program folder (C:\WINDOWS\Start Menu\Programs\GAIN\GAIN Website.URL)... OK
->OK
Removing current-user Start Up Menu item for "GStartup"... File is "C:\WINDOWS\Start Menu\Programs\StartUp\GStartup.lnk"... didn't exist (OK).
-> OK
**NOT installing Gator.
**NOT installing Offers.
**Installing CMESys...
EnsureNoAppsRunning:
EnsureNotRunning(CME):
EnsureNotRunning(Gator):
EnsureNotRunning(OfferCompanion):
EnsureNotRunning(GMT):
EnsureAppFilesLockable(CMESys):
Installing CME...
UnlistApp(CME)
Successfully added "CMESys="C:\Program Files\Common Files\CMEII\CMESys.exe"" to the Start-with-Windows list
WriteSZ: HKLM\software\Gator.com\CMEII, appPath="C:\Program Files\Common Files\CMEII\CMESys.exe"... OK (0)
WriteSZ: HKLM\software\Gator.com\CMEII, Uninstall="C:\Program Files\Common Files\GMT\GUninstaller.exe /CME"... OK (0)
WriteSZ: HKLM\software\Gator.com\CMEII, server="gatorcme.gator.com"... OK (0)
WriteDW: HKLM\software\Gator.com\CMEII, port=80... OK (0)
WriteSZ: HKLM\software\Gator.com\CMEII, srvPath="gatorcme"... OK (0)
DelVal HKLM\software\Gator.com\CMEII, log... OK (didn't exist)
WriteDW: HKLM\software\Gator.com\CMEII, FirstRun=1... OK (0)
WriteDW: HKLM\software\Gator.com\CMEII, PendingApps=1... OK (0)
WriteSZ: HKLM\software\Gator.com\CMEII, GAINUpgrade="none,3.3.0.5"... OK (0)
GatorPre3XState:
Gator state: (never installed?)
OfferCompanion state: (never installed?)
WriteSZ: HKLM\software\Gator.com\CMEII, GatorPre3XState="gator::;offercompanion::"... OK (0)
-> OK
#STEP_StartApps:
WriteDW: HKLM\software\Gator.com\Gator\stat, InstallDate=1044708765... OK (0)
Setting GAIN AIC: Set value to "HIC_TargetSearches"
WriteSZ: HKLM\software\Gator.com\Gator\stat, AIC="HIC_TargetSearches"... OK (0)
Setting GAIN TID: Set value to "3E4451CE"
WriteSZ: HKLM\software\Gator.com\Gator\stat, GainTid="3E4451CE"... OK (0)
SUL_EnsureAppsRunning()...
EnsureGatorRunning():
No 'Restart' command for Gator, trying default cmdline.
No default commandline for Gator.
EnsureOffersRunning():
No 'Restart' command for OfferCompanion, trying default cmdline.
No default commandline for OfferCompanion.
EnsureGmtRunning():
No 'Restart' command for GMT, trying default cmdline.
Launching "C:\Program Files\Common Files\GMT\GMT.exe /oem"... rslt=success, err=0
**Client mutex FOUND
EnsureCMERunning():
No 'Restart' command for CME, trying default cmdline.
Launching "C:\Program Files\Common Files\CMEII\CMESys.exe"... rslt=success, err=0
SUL_LaunchSetupApps()...
(No apps in list)
DelKey HKLM\software\Gator.com\Setup\Launch... OK (didn't exist)
#STEP_LaunchIndependantExes:
(None to launch)
SilentSetup completed successfully !!!
Set completion code: "SUCCESS"
LogToServer SENT: SILENTSETUP=END<^E>828957AD-5B35-4063-91C3-2768B5F59304<^E>HIC_TargetSearches<^E>SUCCESS<^E>(no detail)
Log closes Sat Feb 08 12:52:54 2003
So there we have it.
Now i can't get the bloody thing uninstalled and I have ad popups on my machine every 2 minutes!!!
AAARRGGHHH!!
Where's my copy of AdAware?
If anyone knows how to get rid of this please help!!!
Cheers,
AndyC
