Another version of malware

Discussion in 'Malware Help (A Specialist Will Reply)' started by JimLL, Nov 30, 2010.

Thread Status:
Not open for further replies.
  1. JimLL

    JimLL I can't follow the rules

    In my opinion _anything_ that installs itself in a sneaky, stealthy way is malware, spam.

    Can someone please tell me the best way to remove the malware I call "Google Spam?" It has scores of elements and secretly attempts to install things I don't want.

    JimLL
     
    JimLL, Nov 30, 2010
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Welcome to Major Geeks!

    Please read ALL of this message including the notes before doing anything.

    Pleases follow the instructions in the below link:

    READ & RUN ME FIRST. Malware Removal Guide


    and attach the requested logs when you finish these instructions.

    • **** If something does not run, write down the info to explain to us later but keep on going. ****
    • Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


    • After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
    Helpful Notes:


    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

    2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
    3. If you cannot seem to login to an infected user account, try using a different user account (if you have one) in either normal or safe boot mode and running only SUPERAntiSpyware and Malwarebytes while logged into this aother user account. Then reboot and see if you can log into the problem user account. If you can then run SUPERAntiSpyware, Malwarebytes, ComboFix and MGtools on the infected account as requested in the instructions.
    4. To avoid additional delay in getting a response, it is strongly advised that after completing the READ & RUN ME you also read this sticky:

    Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.
     
    TimW, Nov 30, 2010
    #2
  3. JimLL

    JimLL I can't follow the rules

    I see your auto-responder is working fine.

    JimLL
     
    Last edited by a moderator: Dec 2, 2010
    JimLL, Dec 2, 2010
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    That is our standard reply when someone asking for assistance has not done the Read and Run First instructions. It is the only way we have of being able to "see" what is happening in your system.
     
    TimW, Dec 2, 2010
    #4
  5. JimLL

    JimLL I can't follow the rules

    Thank you. I have been through the procedure many times over the past few years.

    I think I may have been registered differently before, but I have a new email and had a crash before I got a hard copy made of the passwords.

    I tried logging in as JimL but the system said there was another JimL registered. I have 2 or 3 similar issues elsewhere but no one _EVER_ answers if I try to get information about something like this, so I didn't even try this time. Almost everywhere they make it almost impossible to contact a system manager if you aren't registered. (That is _very_ irritating, by the way, like "you aren't good enough to talk to me unless I can force you through extra procedures." I dislike re-registering so many times simply because no one will give you a way to contact them.)

    I tried what I remembered of the previous passwords but never got in so I registered again. Perhaps there is actually another JimL who isn't me. My memory isn't what it used to be.

    I won't go through the Run First again; I read too slowly now and can't remember what I DO read for 3 minutes. I have multiple serious anti-malware and firewall measures in place, and I seriously doubt there are anti-google procedures here, which is why I simply asked a question. Perhaps I'm wrong.

    JimLL
     
    JimLL, Dec 4, 2010
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Then I am afraid we can't help you. I have no idea what issues you are having and without logs, I can not begin to guess what your issues are. I do not know what you mean by "Google Spam" as that can be anything from unwanted ads to google redirects.
     
    TimW, Dec 4, 2010
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you don't want to run our malware cleaning procedures because you just have issues with Google Software then uninstall all of the Google Software from your PC. For example, things like below:

    Google Toolbar
    Google Desktop
    Google Earth
     
    chaslang, Dec 4, 2010
    #7
  8. JimLL

    JimLL I can't follow the rules

    TimW, do you _really_ believe there is something in your malware stuff that will chase google away? Really? I won't tell you what the problem is? I told you. Google tries to install stuff. And some of it tried while I was offline installing a new modem.

    Chaslang, the reason I came here to ask is that I have already removed everything on my hard drive containing "goog" and my firewall tells me I am still getting google attempts to update something. Apparently Google hides some of their stuff in places and files having no obvious connection with the google name. And every now and then something "googlish" will pop up in the autostart/autorun entries again (seen with HijackFree). That signals hidden junk. As I said, I define hidden, sneaky stuff as malware.

    I think I may have picked it up while doing a windows update, because it embedded a bunch of google stuff in Internet Explorer (without asking). Microsoft may have IE requesting the stuff automatically.

    The fact that no one here seems to even have heard about it tells me that no malware procedures have even been written for it.

    I'm getting similar SPAM via ZoneAlarm. They prevent everybody else from getting through but I keep getting ZA adware crap. I suppose I need to install a second firewall to block ZA adware.

    JimLL
     
    Last edited: Dec 5, 2010
    JimLL, Dec 5, 2010
    #8
  9. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Today's modern malware often morphs and infections may produce varying filenames from one pc to another. Very rarely will running a simple tool or two fix the problem.

    * Why not run the procedure and attach the requested logs so that what doesn't belong can be discovered? You may be frustrated, but we need logs to get an "insides view" of what's going on with your machine. No one here or on any other forum can help you, otherwise.
     
    Last edited: Dec 5, 2010
    dr.moriarty, Dec 5, 2010
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes you probably did not uninstall it properly and still have Google Update running. It runs as a service.

    Now you are just being plain silly or paranoia has gotten the best of you.;)

    We don't write malware procedures for things that are not malware. You need to get all of Google properly removed and you probably have not done this. If you ran our procedures, at least running MGtools and attaching the log from it at an absolute minimum, it would likely allow us to see if you still have any Google software running. No one can help you if you don't help them to help you.

    Did you pay for Zonealarm? If not, you have the free version that periodically asks you to update or purchase the program.
     
    Last edited: Dec 5, 2010
    chaslang, Dec 5, 2010
    #10
  11. JimLL

    JimLL I can't follow the rules

    There was no entry in Add or Remove. Are you just being plain silly? Or has something got the best of you?

    My point exactly - as I already said. But I did _NOT_ ask for or permit it to be installed. It just appeared. That makes it malware.

    I have used a paid version for years. The adware I see has nothing to do with updates, rather continued pushing to use ZA forms of software far beyond that of fire wall: ZA's anti-virus, registry cleaners, etc. - just as many other companies are trying to expand from their original specialized function. Their "ancient" reputation as a good firm does not excuse slipping into the very practices they are there to protect us from.

    I do not begrudge any of them their advertisements, but continually forcing the ZA ads on an unwilling audience without an opportunity to turn them off is - once again - _MALWARE_, no matter how famous or respected their products have long been.

    And I have no use for simplistic dismissals nor for the standard assumption that anyone without thousands of posts by his name is an incapable and/or lazy newby with no ability to grasp, understand or analyze computer related situations.

    Of course saying that will incur the wrath of the elite and I will get replies saying how ungrateful or rude or silly or stupid or out of order I am. Only the well established ones who control their little turf are permitted and excused for all those things. No biggie. I've heard it for decades in programming / computer BBS's, forums, newsgroups, blogs, etc., etc.

    Sorry to have disturbed you all.

    JimLL
     
    JimLL, Dec 5, 2010
    #11
  12. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Frankly, I don't understand why you are being argumentative with us. You have had three of the four malware fighters respond to your queries. Yet you have not done anything as simple as download and run the MGtools. That would as least allow use to see what you are complaining about.

    However, if your complaint now is about ZoneAlarm, we can't fix that! Uninstall it if it bothers you and go with a different firewall.

    None of your issues are a matter of true malware. You just are not liking what some of your software is doing. Perhaps you would like to take this up in the software forum. :major
     
    TimW, Dec 5, 2010
    #12
  13. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Just because something is not in Add/Remove Programs, it does not mean it is not still running. You kept stating you are having problems with Google thus it is still running and installed. But since you really don't want our help, this thread is closed. We cannot help those who do not want to cooperate and help us to help them.
     
    Last edited: Dec 5, 2010
    chaslang, Dec 5, 2010
    #13
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds