FRIHOST • FORUMS • SEARCH • FAQ • TOS • BLOGS • COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Remove Fake Google Toolbar for Internet Explorer





paskall
Quote:
Scammers have set up an exact copy of the download page for Google’s Toolbar plug-in in an attempt to lure users to download Trojan backdoor (W32.Ranky.FW), Surfcontrol reports.

Some versions of the scam even spoof the correct Google Toolbar web address for Internet Explorer, using Google’s own redirection service in an attempt to hide the real, non-Google address.

W32.Ranky.FW is designed to turn your PC into a bot zombie, and is spread by asking recipients of a spam email to follow an embedded link. The spam email appears to come from Google which is more likely to convince recipients to follow the link.

The version detected by the Surfcontrol fails because of poor programming, but it remains a proof-of-concept in how to attack users using a simple combination of convincing elements.

It highlights the importance of having anti-phishing warning popups integrated in browsers. What bother's me is that they (or such similar schemes) can use AdWords, for example, to advertise on reputable sites and get large number of people infected in a short time.


My father incidentally downloaded the fake google toolbar which was slowing down the PC and it was really hard to notice it. I was trying to remove a program from the Add/REmove Programs section in the Control Panel and I saw the Google Toolbar for Internet Explorer which I tought I removed a week ago was there. And it's logo was not the famous google toolbar logo, it was the ie7 logo. The file size was 25,55 MB (approx) and I wanted to re-remove it. But whenever I tried to remove it, nothing was happening, just a ghost dialog box was flashing and disappearing less than a second. I couldnot remove it no matter what I tried. Kaspersky didnot detect it.

On the other hand, this trojan backdoor was recording all the e-mail addresses in the browser history and adding them to some spam lists and and all ma family started to get spam mails. And when we visit a website, it automatically clicks on the google ads, so we get millions of pop-up boxes and sites. Actually, the official google toolbar does the same thing but little bit innocently, it records our internet logs, and thus they define a google ad strategy according to these ratings. But it doesnot send spam mails and doesnot click on links automatically. Anyway, Here I will try to explain what I've done and cleaned it.

*First, restart your pc and open with the Secure Mode.
*Then logon to the Administrator.
*Then START - RUN - REGEDIT. (Be careful, if youre an advanced user you know the importance of the regedit, but if youre new to this, be really careful or call someone who does know about it.)
*CTRL+f to find a key. Type "google toolbar", "googletoolbar", "gtoolbar" and "googletoolbar1.dll" and delete all the records. When it finds a record, right click on it and delete, and again press CTRL+f to find new results. Do this for each entry untill you get the message saying it's done.
*If you can; delete the "google toolbar folder" on the left side of the pane.

This will solve the problem I hope. If you have msxml3.dll problems and MSN problems such as ERROR 800401f3, let me know.
internetjobs
is it some spyware?.. after removing keys form the regedit, you problem solved?.... any way check your services.msc and processor any google toolbar related services or process running...
Jaan
spybot S&D works wonders too... safer-networking.org ftw!
FunDa
That is a very strange virus (if it can be called that). There was another program I've seen that says its an antivirus program but is actually an elaborate virus.

They were called VirusHeat , VirusBurst and so on. They even had websites dedicated to the "antivirus" which you had to pay to buy . If you get this, it keeps reminding you that the computer is infected by hundreds of viruses and asks you to buy the full version and clean the computer.

Sounds like the fake Google toolbar and such programs can be classified as a completely new category of malware
Related topics
*OFFICIAL* Which Browser do you use?
Internet Explorer 7 sera mejor ?
[soft]Firefox más inseguro que IE
Internet Explorer 7 is coming!!!
Google is paying $1 to every referral to get firefox.
[Solved] [Java] KeyListener Not Working In Internet Explorer
Internet Explorer 7 (beta 2 preview)
Faking fixed position in Internet Explorer
Input Button's - Internet Explorer
Free Frihost Search Engines (Google toolbar**NEW** + FF)
Internet Explorer 7 Uninstall Guide
Internet Explorer Version 8 Groans
Internet Explorer 6'ın Sonu Göründü
Mart Ayı Sonunda Chrome Ile Internet Explorer Arasındaki Far
Reply to topic    Frihost Forum Index -> Computers -> Computer Problems and Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.