I had a problem with an adware situation, and was told to download the ad-aware program. I did so, got rid of the adware and everything seemed fine. Now, my Norton anti-virus runs and finds a program called MediaTicketsInstall. it says it is an Adware.CDT program, it then asks if I want to delete it, and I click yes, but it cannot seem to delete it. I run the ad-aware program, and it does not seem to find this program, so how can I get rid of it? I don't know if because of it, my Norton Anti-virus has been finding alot of things lately, most of them I can delete from there, but some the ad-aware will take care of. All except for this one program I can't seem to get rid of. I've even had some bloodhound virus twice, but Norton has gotten rid of that. I just don't know where all these things are coming from, I'm not doing anything different I ever did before. Any help??? Thanks

Sounds like it may be located in the registry and it executes every time you reboot. You don't mention your operating system but you might try a couple of things.

Warning: Be very careful messing with the registry. You can't 'undo' or cancel any changes made.

Start > Run > (type) regedit > Ok. Scroll back to the top and select "My Computer" to start at the top of the registry. Do a search (Edit > Find) for "MediaTicketsInstall". See if there is an associated .EXE, .DLL, or similar file it runs at startup time. Note the location of that file then exit the registry. Rename the file to something like "filename.exe.old" to test if that's the problem file. Reboot. If it's the problem file, you should get a message saying the OS can't run "filename.exe"; if so, that's the cuplrit. You can either leave it alone or CAREFULLY remove the entry from the registry if you're comfortable doing that.

If searching for the "MediaTicketInstall" isn't successful (they like to play with names), try looking at the key HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run and see if there's anything odd there. Another key to look at is HKEY_LOCAL_MACHINE_\Software\Microsoft\Windows\Cur rentVersion\Run.

Here's a copy of my registry at the last key.
http://www.chevelles.com/showroom/396guy/registry.jpg

If you see a program that doesn't make much sense, try searching for it on Google.com to find out what it is.

Again, a warning about the registry. If you add/change/delete anything, you can't cancel the operation before closing the registry editor.

Wow, that sounds pretty complicated. I'll try and take a look. I'm not really that computer savvy, so hopefully I can find it ok. Thanks for the info Dale, I'll let you know how I make out

Ok Dale, I did as you said, and typed in the mediaticketsinstall. It came back with only 2 listing.

As on the copy of your registry it came up with exactly the first one on your list, showing the little ab, then (default)and under Data (value not set)

then under that it has the small ab then
000 REG_SZ and under Data it says mediaticketsinstall. I tried to copy the page like you did but could not. Is that what I am looking for? Do I just delete that? I will wait to hear from you? Thanks

Try this.

1. On the registry key that contains the 'mediaticketinstall', right-click the folder (in the left pane) that's the parent of the item. For example, if it showed up on mine above in the right pane under the folder 'Run' in the left pane, right-click the folder 'Run'.

2. Select Export from the drop down list.

http://www.chevelles.com/showroom/396guy/export.jpg

3. A dialog box will pop up asking for a name and a location to store the exported file. Navigate up to your Desktop (easiest place to find it) and give it some name - any name - like mediaticket.reg (Windows will append the .REG if you don't.)

4. The in the right-pane, click the 'mediaticketinstall' entry to highlight it then delete it with the Del key.

5. Close the registry.

6. Reboot the PC.

Now, the reason for exporting the registry key is if something goes awry, you can always double-click the registry file (on your desktop) and restore it.

If the entry shows up in more than one registry key, repeat 1 through 4 above before closing the registry and rebooting giving each exported file a different name.

I made the first picture just doing a screen print then saving it in Paint Shop Pro so I could resize and crop it a bit. The one in this post is done with Snag-it so it'd also capture the mouse pointer and menu highlighted area.

If it's all still too scarry, I found http://www.spywareguide.com/product_show.php?id=813 describing the product. Following a link to http://www.mediatickets.net/ there is an option on the top bar for "Uninstaller". If you click that, it'll ask you if you want to Open or Save...always save. You can then run the file from your workstation instead of over the Internet.

Good luck!

I think I did it! I tried doing what you said, but when I went into registry, I did not see anywhere on the left where it said run. I then tried going to the link, and saving the uninstall like you said, I did that it said it uninstalled it, but when I ran my antivirus it still came up with it. I then clicked on the name that the antivirus put up,(which I guess I should have done right away) and it gave me the location, so I went into my search, and clicked the hidden files, and it found it. I deleted it, then ran the antivirus again, and it did not show up. I hope this takes care of it. How does this stuff show up, I have the antivirus, and a firewall, but that does not seem to help. Anyway Dale, thanks a ton for all the information. I hope I did not delete anything else important. I found it in C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\63C7R8D4\MediaTicketsInstaller [1].cab. I watched the antivirus run, and it still scanned that file so hopefully I did not delete anything important. I know just about enough about computers to be dangerous lol