Go Premium for a chance to win a PS4. Enter to Win


Rogue Google Searches?

Posted on 2004-08-11
Medium Priority
Last Modified: 2010-04-11
When I got home this evening my husband asked me if I had been doing a Google search for a lawyer on his computer. I said no, but sure enough, on the Google search bar was the name of this lawyer. I was the last one out this morning and I use the internet lock on Zonealarm on his machine before I go because he is the host machine for our networked satellite connection. Presumably a wayward stranger just didn't break in to use his computer for a quick search.

I've never seen anything like this. I frequently run about 3 anti-spyware programs on my machine so I know the strange hijacks they can do, but this is a first.  I haven't run any spyware cleaners on his machine yet.  I wanted to see if anybody has seen or heard of this first?

The web site for the guy looks like a legitimate site - not porn or gambling. We've actually heard of this guy too.

Thanks for any advice.

Question by:renne2001

Assisted Solution

jimwasson earned 260 total points
ID: 11780643
This sounds like it might be a MyDoom virus infection. A variant does automated Google searches for new e-mail addresses to spread to.

There is quite a bit of info on this:


Assisted Solution

agundrum earned 160 total points
ID: 11780648
There really isn't any way I am aware of, that can put information in your search bar for you.  The only way, and it's highly unlikely, is if you had some sort of remote connection enabled on your machine.  I know of one program called gotomypc, that could take control of your desktop like this.  Also, there are a couple of virus/trojans that have this ability.  Most valid remote connection programs (terminal services or windowsXP desktop sharing) create a virtual desktop, that does not allow you to take control the current users desktop.  I would update virus definitions, and do a full scan.  If nothing was found, my advice would be to forget about it.

Expert Comment

ID: 11780655
I just read Jims answer. (must have been posting as I was)  

I concur.
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.


Expert Comment

ID: 11781314

I have been informed on anti-virus programs, IF you have installed more than one anti-virus which you stated above. I recremened Deleting all of them. and reinstalling the one of your choice. I have researched on this topic, The following results came back.

IF you have more than one installed anti virus software, your anti virus is not working correctly. As you know viruses can be found anyware. and having more than one antivirus limits the files being scanned. Therefore you are not getting the proper anti virus scans.

Although with your Zone alarm Firewall software, I recremend opening the program, and looking under "Program Controls" and under the tab "Programs"  Look threw this carefully, and see if any programs has gained access without your proper permission, or by some other user. I have had this problem also. It usualy was from Hacking the Browser. Clear all of your Recent searches and history, keep a close eye on the searches.

I would not recremend to ignore this issue. This can be very alearting, Even more if you use personal information such as "SS # Credit card # Personal Lawers, Accountants. etc." If some one has searched your Lawers name on YOUR browser(Google Searches) they can easily get other information. I have not heard of any Spyware, Adware, or trojains that do this.  but make sure if you would like to keep your private information "private" to update all software including Zone alarm updates and ANTI VIRUS updates.


Accepted Solution

Beluga earned 260 total points
ID: 11783628

My money is on Jim's answer too. Even if you enter a search on Google's web page, the search term will appear on the Google toolbar.

Check that your anti-virus software is still automatically updating. I've known some that appear to be updating, but aren't despite having all the options set - this is probably due to file corruption. Load up the AV software and look at the date of the virus definition file - this is often in Help > About, or Help > Virus information, or similar. If there isn't a date, there should be a version number that you can compare to the one on the vendor's web site. If the software isn't updating, often the best fix is to uninstall and reinstall. Then do a manual scan of your hard disk.

Err... you *are* running anti-virus, aren't you? Sorry, have to ask! ;o)

Assisted Solution

drewtarvin earned 260 total points
ID: 11783756
I think we all agree that it is most likely some type of virus/trojan, most likely that of what jim suggested, meaning you should do an updated virus scan with System Restore off (if on win xp).  If you don't have a anti-virus program, AVG makes one that is free for home use and rather effective.  You can download it at www.spychecker.com.  Keep in mind that while it is not recommended to have more than one anti virus program, you should definitely have more than one spyware program.  There's no spyware program that effectively gets everything, so a mix of ad-aware, spybot, xcleaner and spyware blaster can usually keep the computer clean (all can be found at the website above for free).

Assisted Solution

PC-Expert2007 earned 160 total points
ID: 11787275
I believe we all are correct in this matter. We do need more than one spyware and adware. I am just concerned on how that happened.  Beluga, I believe that you are correct on the File corruption.Athough there are risks. Just like any risks. I would just advise to keep a close eye on any software issues or PC issues. If you must enter a credit card try to have a low balance on it. more or less like 1,000. This will most liekly prevent any orginal hacker to get into your credit card, Only because they are most likely going to go after higher ones set at 100,000.

This isn't a HUGE risk to take, and I am deeply sorry to make it sound like a huge deal. But i wouldnt ignore it. like i said before keep a close eye on it. Drewtarvin and other users that commented are correct, and spychecker was recremened by PC brands including Dell. Gateway, Compaq.  

and Be sure that your anti virus is running all the time. and check it often to make sure its still operating. Some viruses, Adware, or Spyware can cause the Anti-virus to Malfunction, and in this case deleting some important files. As this happened to me also. I had to re install Nortan, and still didnt work.

I would personaly follow up on Jims, drewtarvin and Beluga's comments. They have been at this longer, and know what they are talking about. I agree with all statements relating to this question.

-Justin A Scott
PC Expert 2007


Author Comment

ID: 11827255
Thanks guys, I'm taking all of the above into advisement. It will take at least a week to get it all done. It's really hard to grade this, but I did the best I could for my first time. It's nice to be able to get intelligent, thoughtful answers to computer questions. Thanks again.



Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes Administrators rights are not enough. These cases call for the SYSTEM account. The process in this article outlines the steps required to execute commands using the SYSTEM account.
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question