Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Installer Virus [Moved]


  • Please log in to reply
5 replies to this topic

#1 stlleader

stlleader

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 PM

Posted 08 August 2009 - 03:46 AM

Whenever i turn on the computer i get a error that says "google installer has encountered a problem and needs to close. we are sorry for the inconvenience." I heard this is from the google installer virus and i have no idea how to get rid of it. I tried to use combofix. but i got an error possibly because my Malwarebytes-Anti Mawlare was on (i dont think its not the full verison though). I dont know how to turn it off though. Then i heard combofix should be used with a supervisor. I have no clue where to go from here.

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,917 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:30 PM

Posted 08 August 2009 - 10:58 AM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:30 PM

Posted 08 August 2009 - 12:14 PM

Let's get a good look at what's running on that computer.

Please download and run Processexplorer

http://technet.microsoft.com/en-us/sysinte...s/bb896653.aspx

Under file and save as, create a log and post here

copy and paste into a reply
Chewy

No. Try not. Do... or do not. There is no try.

#4 stlleader

stlleader
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 PM

Posted 08 August 2009 - 03:08 PM

Here is the log i think




Process PID CPU Description Company Name
System Idle Process 0 98.44
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 580 Windows NT Session Manager Microsoft Corporation
csrss.exe 636 Client Server Runtime Process Microsoft Corporation
winlogon.exe 664 Windows NT Logon Application Microsoft Corporation
services.exe 708 Services and Controller app Microsoft Corporation
ati2evxx.exe 892 ATI External Event Utility EXE Module ATI Technologies Inc.
svchost.exe 908 Generic Host Process for Win32 Services Microsoft Corporation
GoogleToolbarNotifier.exe 1032 GoogleToolbarNotifier Google Inc.
unsecapp.exe 2988 WMI Microsoft Corporation
wmiprvse.exe 3808 WMI Microsoft Corporation
svchost.exe 1120 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1428 Generic Host Process for Win32 Services Microsoft Corporation
wuauclt.exe 1912 Windows Update Automatic Updates Microsoft Corporation
svchost.exe 1664 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1764 Generic Host Process for Win32 Services Microsoft Corporation
AAWService.exe 1856 Ad-Aware Service Application Lavasoft
spoolsv.exe 196 Spooler SubSystem App Microsoft Corporation
svchost.exe 1460 Generic Host Process for Win32 Services Microsoft Corporation
AppleMobileDeviceService.exe 1520 Apple Mobile Device Service Apple Inc.
avgwdsvc.exe 1572 AVG Watchdog Service AVG Technologies CZ, s.r.o.
avgrsx.exe 252 AVG Resident Shield Service AVG Technologies CZ, s.r.o.
avgnsx.exe 552 AVG Network scanner Service AVG Technologies CZ, s.r.o.
mDNSResponder.exe 1688 Bonjour Service Apple Inc.
svchost.exe 2216 Generic Host Process for Win32 Services Microsoft Corporation
McciCMService.exe 2232 mcci+McciCMService Motive Communications, Inc.
svchost.exe 2352 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 2376 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 2476 Generic Host Process for Win32 Services Microsoft Corporation
avgemc.exe 2540 AVG E-Mail Scanner AVG Technologies CZ, s.r.o.
avgcsrvx.exe 2652 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o.
iPodService.exe 2960 iPodService Module Apple Inc.
alg.exe 3588 Application Layer Gateway Service Microsoft Corporation
svchost.exe 3956 Generic Host Process for Win32 Services Microsoft Corporation
lsass.exe 720 LSA Shell (Export Version) Microsoft Corporation
explorer.exe 464 Windows Explorer Microsoft Corporation
jusched.exe 1108 Java™ Platform SE binary Sun Microsystems, Inc.
jucheck.exe 4092 Java™ Update Checker Sun Microsystems, Inc.
avgtray.exe 1116 AVG Tray Monitor AVG Technologies CZ, s.r.o.
iTunesHelper.exe 1172 iTunesHelper Module Apple Inc.
AAWTray.exe 1180 Ad-Aware Tray Application Lavasoft
veohwebplayer.exe 1200 Veoh Web Player Beta Veoh Networks
Reg Tool.exe 1220 Reg Tool PC Utility, Inc.
firefox.exe 1272 Firefox Mozilla Corporation
IEXPLORE.EXE 3772 Internet Explorer Microsoft Corporation
procexp.exe 944 1.56 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

#5 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:30 PM

Posted 08 August 2009 - 03:47 PM

Will the google toolbar uninstall?
Chewy

No. Try not. Do... or do not. There is no try.

#6 stlleader

stlleader
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 PM

Posted 09 August 2009 - 01:36 AM

no i dont think so.
I went to tools then add-ons and it wasn't even there




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users