Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

What is Riskware.InstallMonetizer and how can I remove it?


  • Please log in to reply

#1
Waterfireearth

Waterfireearth

    Member

  • Member
  • PipPip
  • 17 posts
So after many months of having only MSE I decided to try Malwarebytes after hesitating for months becuase of possible conflicts between the two programs. Just ran Malwarebytes now and it has found: Riskware.InstallMonetizer with a file location of: C:\Users\My username\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QN0OIUW7\MyPhoneExplorer_v2_5185[1].exe.

I use My Phone Explorer to link my phone to my PC and control it and back it up. What exactly is this and does this mean this application is not to be trusted? How do I get rid of it - I hesitate to let Malwarebytes get rid of it after googling the riskware and reading someone else had this issue and trying to get rid of it on Malwarebytes only made it worse. I have not noticed any problems other then recently stuttering in videos on YouTube and I do not mean loading problems. My PC specs are more then sufficient (8GB RAM, i5, SSD, Radeon 7800 series).

Can someone please advise me what to do next? I will run a full scan again because I could not wait to find out what this particular infection was as I was surprised I even have one as I try to stay as risk free as possible. If there are anymore infections I will update here.

Thank you in advance

Scan completed no additional malware found. Full MSE scan was run prior to this scan which found nothing.

Edited by Waterfireearth, 21 December 2012 - 08:37 PM.

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Reports as a program software developers can install and thereafter receive payment for each install of their software.

From what I can find out it seems to be relatively harmless but a question mark hangs over whether it is adware. A number of anti-virus programs signal it as bad http://reports.antiv...zer-b-pup-vpf0/ and Malwarebytes says it's adware. Personally I don't like anything that tracks me without being up front about it. Not that there aren't a lot of those around lol.

Can't see why/how problems would develop by letting Malwarebytes remove it. After all, with Malwarebytes you can always restore an item put in quarantine, just go to the quarantine tab and you will see a number of radio button options... one if which is restore.
  • 0

#3
Waterfireearth

Waterfireearth

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Thank you I removed it as you advised and ran a scan again - nothing found. Thanks. Are there any other precautions I need to take due to that riskware? Perhaps more scans using the tools often recommended on here - the user uses the tool then reports back on the forum with a copy and paste of the report from the tool. Do i need to do that? Once again thank you for your help.

Also what exactly was it? And a google search for me yielded nothing much other then that one other forum where someone had the same riskware and tried removing it; only it made it worse for him. Here is a link to that specific forum and topic: http://forums.malwar...howtopic=118593
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello Warerfireearth,

Here is a link to that specific forum and topic: http://forums.malwar...howtopic=118593


That one had an additional infection.

If your machine is exhibiting unusual symptoms or you suspect you might have malware post an OTL scan log back here.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    /md5start
    services.*
    wbemess.dill
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    consrv.dll
    qmgr.dll
    /md5stop
    %USERPROFILE%\..|smtmp;true;true;true /FP
    %systemdrive%\$Recycle.Bin|@;true;true;true /fp
    %systemroot%\System32\config\*.sav
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT 
    
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so.

    o When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    o Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post back here.
Note: Unless otherwise instructed always post the logs in the forum. If reports don't fit on one post. It might be necessary to break the logs up to get them on the forum. Just use as many posts as you need, that's fine. :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP