Google Installer Virus Removal Updated!

Updated! Well, along with Conficker, the Google Installer Virus is still at large. I just removed this virus from a friends computer, this information is collected from multiple sources across the Internet, thanks to everyones favorite Google. Technically, Google Installer Virus is actually malware, not a virus This form of malware is a tricky one, known as a RootKit. A RootKit is a virus that embeds itself (either through Hardware or Software) in the system, and doesnt come out with your usual Anti-Virus/Anti-Spyware. It also blocks almost every anti-spyware, anti-virus and the like. Through a combination of ComboFix, MalwareBytes AntiMalware, Spybot S&D (mentioned here) and Ad-Aware Free, well remove the virus (and anything else thats hiding on your computer.) I have all of these applications in a convenient zip folder for you. Download here. (password: spywarekiller)

If you are on a Windows Machine:

Disconnect from the Internet
1. First things first. Well run ComboFix first. ComboFix is an excellent RootKit remover. But, before we proceed, ComboFix requires all Anti-virus to be shut off. Visit here for help on that. Disabled your anti-everything software? Read on.

Note: Before Running ComboFix, close ALL applications and DO NOT, DO NOT, click on ComboFixs window while it is running just let it run its course. Run ComboFix.exe. Uh oh! It wont run! The RootKit has an advanced detection system that wont allow certain executables to run, such as ComboFix.exe Its ok, theres a solution. Right-Click on ComboFix.exe, and rename it to something like Ieexplore.exe (without quotes) Then run it. Once again, do not click on the ComboFix window. ComboFix may take a while, and may ask you to restart. It may also request you to write down some information. Write it down, restart, and let ComboFix work its magic. This may take 45min.- 1 Hour. if its less, good lets move on. After ComboFix finishes the scan, it brings up a log. Close that down, read it if you like. Itll look like nothings happening.. nothing is, press Ctrl+Alt+Del, hit New Task, and type explorer.exe. You should find that Explorer runs faster, at least a little. 2. MalwareBytes Anti-Malware. Run a quick scan. This will remove some other malware, that ComboFix didnt catch it should find 13 things, click Remove Selected Items. You can also run a full scan, but it didnt find anything else for me with a full scan. Done so soon? Whos Next? 3. Now were to my old favorite, Spybot Search and Destroy, something I would recommend running once every two weeks(at least). For more info on running Spybot S&D, visit my Essential Security Toolbox post. 4. Ad-Aware. Once again, an in the post mentioned right above, something to keep and install on every computer you get. 5. Run an online scan from ESET.

Run a free scan with ESET Online Scanner I know its not everyones favorite, but you will need to use Internet Explorer for this scan. Tick the box next to YES, I accept the Terms of Use. Click Start When asked, allow the ActiveX control to install Click Start Make sure that the options Remove found threats and the option Scan unwanted applications is checked Click Scan Wait for the scan to finish! Once its done, it should fix/delete the items. 6. You most likely still wont have it completely removed. If, when you start Windows (regular mode) and you get all of these command prompt windows, (including command.com) then follow these directions. If not, go ahead and skip down below these instructions. Download Killbox. Boot into Safe Mode. Do this by restarting the computer, when you hear a beep, and before the Windows logo appear, hit F8, and select Safe Mode from the options. From Safe Mode, run KillBox, and select the delete on reboot Click the All Files button. Enter these, one by one, into KillBox, after each one, click the button with the red circle and white x. After each one, select no when the reboot option is given, until the last one. Then reboot.

C:\WINDOWS\System32\x3cqp0.dll C:\Program Files\MsConfigs\MsConfigs.exe C:\Windows\system32\p2pnetwork.exe C:\Windows\system32\CMD.COM C:\Windows\system32\netstat.com C:\Windows\system32\ping.com C:\Windows\system32\regedit.com C:\Windows\system32\tasklist.com C:\Windows\system32\taskkill.com C:\Windows\system32\taskmgr.com C:\Windows\system32\tracert.com C:\Windows\system32\bt.exe C:\Windows\system32\z.tmp C:\Windows\system32\bszip.dll

EDIT: Run ComboFix, Spybot S&D, Your Anti-virus, and Ad-Aware again after following the above steps
Then enjoy your cleaned computer!!!