Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Rogue Google Searches?

Posted on 2004-08-11
Medium Priority
Last Modified: 2010-04-11
When I got home this evening my husband asked me if I had been doing a Google search for a lawyer on his computer. I said no, but sure enough, on the Google search bar was the name of this lawyer. I was the last one out this morning and I use the internet lock on Zonealarm on his machine before I go because he is the host machine for our networked satellite connection. Presumably a wayward stranger just didn't break in to use his computer for a quick search.

I've never seen anything like this. I frequently run about 3 anti-spyware programs on my machine so I know the strange hijacks they can do, but this is a first.  I haven't run any spyware cleaners on his machine yet.  I wanted to see if anybody has seen or heard of this first?

The web site for the guy looks like a legitimate site - not porn or gambling. We've actually heard of this guy too.

Thanks for any advice.

Question by:renne2001
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Assisted Solution

jimwasson earned 260 total points
ID: 11780643
This sounds like it might be a MyDoom virus infection. A variant does automated Google searches for new e-mail addresses to spread to.

There is quite a bit of info on this:

Assisted Solution

agundrum earned 160 total points
ID: 11780648
There really isn't any way I am aware of, that can put information in your search bar for you.  The only way, and it's highly unlikely, is if you had some sort of remote connection enabled on your machine.  I know of one program called gotomypc, that could take control of your desktop like this.  Also, there are a couple of virus/trojans that have this ability.  Most valid remote connection programs (terminal services or windowsXP desktop sharing) create a virtual desktop, that does not allow you to take control the current users desktop.  I would update virus definitions, and do a full scan.  If nothing was found, my advice would be to forget about it.

Expert Comment

ID: 11780655
I just read Jims answer. (must have been posting as I was)  

I concur.
Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!


Expert Comment

ID: 11781314

I have been informed on anti-virus programs, IF you have installed more than one anti-virus which you stated above. I recremened Deleting all of them. and reinstalling the one of your choice. I have researched on this topic, The following results came back.

IF you have more than one installed anti virus software, your anti virus is not working correctly. As you know viruses can be found anyware. and having more than one antivirus limits the files being scanned. Therefore you are not getting the proper anti virus scans.

Although with your Zone alarm Firewall software, I recremend opening the program, and looking under "Program Controls" and under the tab "Programs"  Look threw this carefully, and see if any programs has gained access without your proper permission, or by some other user. I have had this problem also. It usualy was from Hacking the Browser. Clear all of your Recent searches and history, keep a close eye on the searches.

I would not recremend to ignore this issue. This can be very alearting, Even more if you use personal information such as "SS # Credit card # Personal Lawers, Accountants. etc." If some one has searched your Lawers name on YOUR browser(Google Searches) they can easily get other information. I have not heard of any Spyware, Adware, or trojains that do this.  but make sure if you would like to keep your private information "private" to update all software including Zone alarm updates and ANTI VIRUS updates.


Accepted Solution

Beluga earned 260 total points
ID: 11783628

My money is on Jim's answer too. Even if you enter a search on Google's web page, the search term will appear on the Google toolbar.

Check that your anti-virus software is still automatically updating. I've known some that appear to be updating, but aren't despite having all the options set - this is probably due to file corruption. Load up the AV software and look at the date of the virus definition file - this is often in Help > About, or Help > Virus information, or similar. If there isn't a date, there should be a version number that you can compare to the one on the vendor's web site. If the software isn't updating, often the best fix is to uninstall and reinstall. Then do a manual scan of your hard disk.

Err... you *are* running anti-virus, aren't you? Sorry, have to ask! ;o)

Assisted Solution

drewtarvin earned 260 total points
ID: 11783756
I think we all agree that it is most likely some type of virus/trojan, most likely that of what jim suggested, meaning you should do an updated virus scan with System Restore off (if on win xp).  If you don't have a anti-virus program, AVG makes one that is free for home use and rather effective.  You can download it at  Keep in mind that while it is not recommended to have more than one anti virus program, you should definitely have more than one spyware program.  There's no spyware program that effectively gets everything, so a mix of ad-aware, spybot, xcleaner and spyware blaster can usually keep the computer clean (all can be found at the website above for free).

Assisted Solution

PC-Expert2007 earned 160 total points
ID: 11787275
I believe we all are correct in this matter. We do need more than one spyware and adware. I am just concerned on how that happened.  Beluga, I believe that you are correct on the File corruption.Athough there are risks. Just like any risks. I would just advise to keep a close eye on any software issues or PC issues. If you must enter a credit card try to have a low balance on it. more or less like 1,000. This will most liekly prevent any orginal hacker to get into your credit card, Only because they are most likely going to go after higher ones set at 100,000.

This isn't a HUGE risk to take, and I am deeply sorry to make it sound like a huge deal. But i wouldnt ignore it. like i said before keep a close eye on it. Drewtarvin and other users that commented are correct, and spychecker was recremened by PC brands including Dell. Gateway, Compaq.  

and Be sure that your anti virus is running all the time. and check it often to make sure its still operating. Some viruses, Adware, or Spyware can cause the Anti-virus to Malfunction, and in this case deleting some important files. As this happened to me also. I had to re install Nortan, and still didnt work.

I would personaly follow up on Jims, drewtarvin and Beluga's comments. They have been at this longer, and know what they are talking about. I agree with all statements relating to this question.

-Justin A Scott
PC Expert 2007


Author Comment

ID: 11827255
Thanks guys, I'm taking all of the above into advisement. It will take at least a week to get it all done. It's really hard to grade this, but I did the best I could for my first time. It's nice to be able to get intelligent, thoughtful answers to computer questions. Thanks again.



Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
How does someone stay on the right and legal side of the hacking world?
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question