Rogue Google Searches?

Posted on 2004-08-11
Last Modified: 2010-04-11
When I got home this evening my husband asked me if I had been doing a Google search for a lawyer on his computer. I said no, but sure enough, on the Google search bar was the name of this lawyer. I was the last one out this morning and I use the internet lock on Zonealarm on his machine before I go because he is the host machine for our networked satellite connection. Presumably a wayward stranger just didn't break in to use his computer for a quick search.

I've never seen anything like this. I frequently run about 3 anti-spyware programs on my machine so I know the strange hijacks they can do, but this is a first.  I haven't run any spyware cleaners on his machine yet.  I wanted to see if anybody has seen or heard of this first?

The web site for the guy looks like a legitimate site - not porn or gambling. We've actually heard of this guy too.

Thanks for any advice.

Question by:renne2001
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Assisted Solution

jimwasson earned 65 total points
ID: 11780643
This sounds like it might be a MyDoom virus infection. A variant does automated Google searches for new e-mail addresses to spread to.

There is quite a bit of info on this:

Assisted Solution

agundrum earned 40 total points
ID: 11780648
There really isn't any way I am aware of, that can put information in your search bar for you.  The only way, and it's highly unlikely, is if you had some sort of remote connection enabled on your machine.  I know of one program called gotomypc, that could take control of your desktop like this.  Also, there are a couple of virus/trojans that have this ability.  Most valid remote connection programs (terminal services or windowsXP desktop sharing) create a virtual desktop, that does not allow you to take control the current users desktop.  I would update virus definitions, and do a full scan.  If nothing was found, my advice would be to forget about it.

Expert Comment

ID: 11780655
I just read Jims answer. (must have been posting as I was)  

I concur.
Webinar May 25: Cloud Security Strategies for SMBs

Small and mid-sized businesses are a driving force behind cloud adoption, and it’s no wonder: cloud benefits are BIG.  But for all the convenience that moving to the cloud provides, where does security come into play?


Expert Comment

ID: 11781314

I have been informed on anti-virus programs, IF you have installed more than one anti-virus which you stated above. I recremened Deleting all of them. and reinstalling the one of your choice. I have researched on this topic, The following results came back.

IF you have more than one installed anti virus software, your anti virus is not working correctly. As you know viruses can be found anyware. and having more than one antivirus limits the files being scanned. Therefore you are not getting the proper anti virus scans.

Although with your Zone alarm Firewall software, I recremend opening the program, and looking under "Program Controls" and under the tab "Programs"  Look threw this carefully, and see if any programs has gained access without your proper permission, or by some other user. I have had this problem also. It usualy was from Hacking the Browser. Clear all of your Recent searches and history, keep a close eye on the searches.

I would not recremend to ignore this issue. This can be very alearting, Even more if you use personal information such as "SS # Credit card # Personal Lawers, Accountants. etc." If some one has searched your Lawers name on YOUR browser(Google Searches) they can easily get other information. I have not heard of any Spyware, Adware, or trojains that do this.  but make sure if you would like to keep your private information "private" to update all software including Zone alarm updates and ANTI VIRUS updates.


Accepted Solution

Beluga earned 65 total points
ID: 11783628

My money is on Jim's answer too. Even if you enter a search on Google's web page, the search term will appear on the Google toolbar.

Check that your anti-virus software is still automatically updating. I've known some that appear to be updating, but aren't despite having all the options set - this is probably due to file corruption. Load up the AV software and look at the date of the virus definition file - this is often in Help > About, or Help > Virus information, or similar. If there isn't a date, there should be a version number that you can compare to the one on the vendor's web site. If the software isn't updating, often the best fix is to uninstall and reinstall. Then do a manual scan of your hard disk.

Err... you *are* running anti-virus, aren't you? Sorry, have to ask! ;o)

Assisted Solution

drewtarvin earned 65 total points
ID: 11783756
I think we all agree that it is most likely some type of virus/trojan, most likely that of what jim suggested, meaning you should do an updated virus scan with System Restore off (if on win xp).  If you don't have a anti-virus program, AVG makes one that is free for home use and rather effective.  You can download it at  Keep in mind that while it is not recommended to have more than one anti virus program, you should definitely have more than one spyware program.  There's no spyware program that effectively gets everything, so a mix of ad-aware, spybot, xcleaner and spyware blaster can usually keep the computer clean (all can be found at the website above for free).

Assisted Solution

PC-Expert2007 earned 40 total points
ID: 11787275
I believe we all are correct in this matter. We do need more than one spyware and adware. I am just concerned on how that happened.  Beluga, I believe that you are correct on the File corruption.Athough there are risks. Just like any risks. I would just advise to keep a close eye on any software issues or PC issues. If you must enter a credit card try to have a low balance on it. more or less like 1,000. This will most liekly prevent any orginal hacker to get into your credit card, Only because they are most likely going to go after higher ones set at 100,000.

This isn't a HUGE risk to take, and I am deeply sorry to make it sound like a huge deal. But i wouldnt ignore it. like i said before keep a close eye on it. Drewtarvin and other users that commented are correct, and spychecker was recremened by PC brands including Dell. Gateway, Compaq.  

and Be sure that your anti virus is running all the time. and check it often to make sure its still operating. Some viruses, Adware, or Spyware can cause the Anti-virus to Malfunction, and in this case deleting some important files. As this happened to me also. I had to re install Nortan, and still didnt work.

I would personaly follow up on Jims, drewtarvin and Beluga's comments. They have been at this longer, and know what they are talking about. I agree with all statements relating to this question.

-Justin A Scott
PC Expert 2007


Author Comment

ID: 11827255
Thanks guys, I'm taking all of the above into advisement. It will take at least a week to get it all done. It's really hard to grade this, but I did the best I could for my first time. It's nice to be able to get intelligent, thoughtful answers to computer questions. Thanks again.



Featured Post

Increase your protection from Zero Day threats!

Running two Antivirus' is never a good idea.
Taking advantage of Multiple Security layers on the other hand can often save your hide.
See which top notch security software brands have been proven to happily coexist together.
Reduce your chances of becoming a statistic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

OnPage: Incident management and secure messaging on your smartphone
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Sending a Secure fax is easy with eFax Corporate ( First, just open a new email message. In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question