Solved

Rogue Google Searches?

Posted on 2004-08-11
8
265 Views
Last Modified: 2010-04-11
When I got home this evening my husband asked me if I had been doing a Google search for a lawyer on his computer. I said no, but sure enough, on the Google search bar was the name of this lawyer. I was the last one out this morning and I use the internet lock on Zonealarm on his machine before I go because he is the host machine for our networked satellite connection. Presumably a wayward stranger just didn't break in to use his computer for a quick search.

I've never seen anything like this. I frequently run about 3 anti-spyware programs on my machine so I know the strange hijacks they can do, but this is a first.  I haven't run any spyware cleaners on his machine yet.  I wanted to see if anybody has seen or heard of this first?

The web site for the guy looks like a legitimate site - not porn or gambling. We've actually heard of this guy too.

Thanks for any advice.

Diane
0
Comment
Question by:renne2001
8 Comments
 
LVL 7

Assisted Solution

by:jimwasson
jimwasson earned 65 total points
ID: 11780643
This sounds like it might be a MyDoom virus infection. A variant does automated Google searches for new e-mail addresses to spread to.

There is quite a bit of info on this:

http://www.washingtonpost.com/wp-dyn/articles/A16473-2004Jul26.html
0
 
LVL 1

Assisted Solution

by:agundrum
agundrum earned 40 total points
ID: 11780648
Diane,
There really isn't any way I am aware of, that can put information in your search bar for you.  The only way, and it's highly unlikely, is if you had some sort of remote connection enabled on your machine.  I know of one program called gotomypc, that could take control of your desktop like this.  Also, there are a couple of virus/trojans that have this ability.  Most valid remote connection programs (terminal services or windowsXP desktop sharing) create a virtual desktop, that does not allow you to take control the current users desktop.  I would update virus definitions, and do a full scan.  If nothing was found, my advice would be to forget about it.
0
 
LVL 1

Expert Comment

by:agundrum
ID: 11780655
I just read Jims answer. (must have been posting as I was)  

I concur.
0
 
LVL 1

Expert Comment

by:PC-Expert2007
ID: 11781314
Diane

I have been informed on anti-virus programs, IF you have installed more than one anti-virus which you stated above. I recremened Deleting all of them. and reinstalling the one of your choice. I have researched on this topic, The following results came back.

IF you have more than one installed anti virus software, your anti virus is not working correctly. As you know viruses can be found anyware. and having more than one antivirus limits the files being scanned. Therefore you are not getting the proper anti virus scans.

Although with your Zone alarm Firewall software, I recremend opening the program, and looking under "Program Controls" and under the tab "Programs"  Look threw this carefully, and see if any programs has gained access without your proper permission, or by some other user. I have had this problem also. It usualy was from Hacking the Browser. Clear all of your Recent searches and history, keep a close eye on the searches.

I would not recremend to ignore this issue. This can be very alearting, Even more if you use personal information such as "SS # Credit card # Personal Lawers, Accountants. etc." If some one has searched your Lawers name on YOUR browser(Google Searches) they can easily get other information. I have not heard of any Spyware, Adware, or trojains that do this.  but make sure if you would like to keep your private information "private" to update all software including Zone alarm updates and ANTI VIRUS updates.

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 3

Accepted Solution

by:
Beluga earned 65 total points
ID: 11783628
Hi,

My money is on Jim's answer too. Even if you enter a search on Google's web page, the search term will appear on the Google toolbar.

Check that your anti-virus software is still automatically updating. I've known some that appear to be updating, but aren't despite having all the options set - this is probably due to file corruption. Load up the AV software and look at the date of the virus definition file - this is often in Help > About, or Help > Virus information, or similar. If there isn't a date, there should be a version number that you can compare to the one on the vendor's web site. If the software isn't updating, often the best fix is to uninstall and reinstall. Then do a manual scan of your hard disk.

Err... you *are* running anti-virus, aren't you? Sorry, have to ask! ;o)
0
 
LVL 3

Assisted Solution

by:drewtarvin
drewtarvin earned 65 total points
ID: 11783756
I think we all agree that it is most likely some type of virus/trojan, most likely that of what jim suggested, meaning you should do an updated virus scan with System Restore off (if on win xp).  If you don't have a anti-virus program, AVG makes one that is free for home use and rather effective.  You can download it at www.spychecker.com.  Keep in mind that while it is not recommended to have more than one anti virus program, you should definitely have more than one spyware program.  There's no spyware program that effectively gets everything, so a mix of ad-aware, spybot, xcleaner and spyware blaster can usually keep the computer clean (all can be found at the website above for free).
0
 
LVL 1

Assisted Solution

by:PC-Expert2007
PC-Expert2007 earned 40 total points
ID: 11787275
I believe we all are correct in this matter. We do need more than one spyware and adware. I am just concerned on how that happened.  Beluga, I believe that you are correct on the File corruption.Athough there are risks. Just like any risks. I would just advise to keep a close eye on any software issues or PC issues. If you must enter a credit card try to have a low balance on it. more or less like 1,000. This will most liekly prevent any orginal hacker to get into your credit card, Only because they are most likely going to go after higher ones set at 100,000.

This isn't a HUGE risk to take, and I am deeply sorry to make it sound like a huge deal. But i wouldnt ignore it. like i said before keep a close eye on it. Drewtarvin and other users that commented are correct, and spychecker was recremened by PC brands including Dell. Gateway, Compaq.  

and Be sure that your anti virus is running all the time. and check it often to make sure its still operating. Some viruses, Adware, or Spyware can cause the Anti-virus to Malfunction, and in this case deleting some important files. As this happened to me also. I had to re install Nortan, and still didnt work.

I would personaly follow up on Jims, drewtarvin and Beluga's comments. They have been at this longer, and know what they are talking about. I agree with all statements relating to this question.

-Justin A Scott
PC Expert 2007

0
 

Author Comment

by:renne2001
ID: 11827255
Thanks guys, I'm taking all of the above into advisement. It will take at least a week to get it all done. It's really hard to grade this, but I did the best I could for my first time. It's nice to be able to get intelligent, thoughtful answers to computer questions. Thanks again.

Regards,

Diane
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now