Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

help meeeeee! "possible spyware and adware infection!"

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: help meeeeee! "possible spyware and adware infection!"

Unread postby mjq424 » March 4th, 2008, 4:48 pm

Hi
Do you use Online Monopoly games? It seems that the online scan thought there could be a possible virus in one of those files, just to check I would like you to submit that file:

Upload a File to Virustotal
Please visit Virustotal
  • Click the Browse... button
  • Navigate to the file C:\My Games\MONOPOLY HERE & NOW EDITION\googlestubinst.exe
  • Click the Open button
  • Click the Send button
  • Copy and paste the results back here please.
User avatar
mjq424
Regular Member
 
Posts: 1502
Joined: April 14th, 2007, 10:20 am
Location: UK
Advertisement
Register to Remove

Re: help meeeeee! "possible spyware and adware infection!"

Unread postby crisnic » March 4th, 2008, 5:21 pm

File googlestubinst.exe received on 01.30.2008 06:39:07 (CET)
Current status: finished

Result: 2/32 (6.25%)
Compact Print results
Antivirus Version Last Update Result
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
F-Prot - - W32/Heuristic-217!Eldorado
F-Secure - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - probably unknown NewHeur_PE virus
Norman - - -
Panda - - -
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - -
Additional information
MD5: 1f90c8e69b5058e96fec95fa0fb95180
SHA1: 7ec1728687fc20bc75e61379775601dc58c5cf50
SHA256: 4b8661f1712c07c4a042ecd1a5acf2186adec32c83f9cef655538f84d13a3ade
SHA512: 70b7768150401e336ca38bdb4bfe7600047cd1c78c46c3195648e4e46534c8fe aff8766faa2610e2d5096587e7262ae39104c74e9a9eacb31d131534196d4b47
crisnic
Active Member
 
Posts: 12
Joined: February 20th, 2008, 12:04 pm

Re: help meeeeee! "possible spyware and adware infection!"

Unread postby mjq424 » March 5th, 2008, 12:07 pm

Hi
I think that detection is a false positive and can be ignored. So after a few housekeeping jobs you are clean! :)

Let's clear out the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately.

Download OTMoveIt2 by OldTimer to your Desktop.
  • Double click OTMoveIt2.exe to launch it.
  • Click on the CleanUp! button.
  • OTMoveIt will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTMoveIt2
  • Now delete OTMoveIt2.exe (if still present)

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

  1. Disable and Enable System Restore. - If you are using Windows ME/XP/Vista then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.

    Reset System Restore.
    Now you should disable System restore to purge any infected files and then re-enable it,

    On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    Check Turn off System Restore.
    Click Apply, and then click OK.
    Restart your computer

    Turn ON System Restore

    On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    Un-Check Turn off System Restore.
    Click Apply, and then click OK.
  2. Make your Internet Explorer more secure - This can be done by following these simple instructions:
    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.
      1. Change the Download signed ActiveX controls to Prompt
      2. Change the Download unsigned ActiveX controls to Disable
      3. Change the Initialise and script ActiveX controls not marked as safe to Disable
      4. Change the Installation of desktop items to Prompt
      5. Change the Launching programs and files in an IFRAME to Prompt
      6. Change the Navigate sub-frames across different domains to Prompt
      7. When all these settings have been made, click on the OK button.
      8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
    5. Next press the Apply button and then the OK to exit the Internet Properties page.
    If you are using Internet Explorer v. 7 please read and follow the recommendations at this site. http://surfthenetsafely.com/ieseczone8.htm

  • Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.
  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  • Install WinPatrol - Download and install Winpatrol by BillP Studios.
    This program can monitor what software start with Windows. You can delay startup for some programs and stop malicious programs from starting up. It can also view some hidden files.
    Download it from here
  • Install Spybot - Search and Destroy - Download and install Spybot - Search and Destroy with its TeaTimer option.
    This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here:
    Instructions for - Spybot S & D
  • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A article on anti-malware products with links for this program and others can be found here:
    Computer Safety on line - Anti-Malware
  • Install ThreatFire - Download and install ThreatFire. This program defends against malware by detecting certain malicious behaviours. It is configured "out-of-the-box" and acts as a complement to your Antivirus software. It can be downloaded here:
    PC Tools ThreatFire
  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.
User avatar
mjq424
Regular Member
 
Posts: 1502
Joined: April 14th, 2007, 10:20 am
Location: UK

Re: help meeeeee! "possible spyware and adware infection!"

Unread postby crisnic » March 9th, 2008, 12:17 am

i have a question for you. my security is apparently blocking something from Orb netwroks or something like that. it asks if i want to continue blocking, unblock, or "ask me later". Is it safe to unblock?
crisnic
Active Member
 
Posts: 12
Joined: February 20th, 2008, 12:04 pm

Re: help meeeeee! "possible spyware and adware infection!"

Unread postby mjq424 » March 10th, 2008, 2:15 pm

Hi
I am assuming that it is your firewall that is prompting you? Orb Networks is a remote access program that allows you to access your digital photos, music, etc on your home PC on any internet connected computer. Have you installed this program yourself? (this is the website for that software: http://www.orb.com) If so you can allow this program access to the internet as it is "safe".
User avatar
mjq424
Regular Member
 
Posts: 1502
Joined: April 14th, 2007, 10:20 am
Location: UK

Re: help meeeeee! "possible spyware and adware infection!"

Unread postby Elrond » March 19th, 2008, 1:36 pm

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 286 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware