Jump to content


Photo

Not sure what to do about mysterious program

mapsgalaxy

  • Please log in to reply
1 reply to this topic

#1 Inquisitive

Inquisitive

    New Member

  • Members
  • Pip
  • 1 posts

Posted 27 February 2012 - 02:27 AM

A few weeks ago there was an 'add-on' that tried to install itself onto my browser(firefox) and it happened randomly when I was doing nothing related to any downloading. The add-on was called mapsgalaxy. I blocked it and didn't think much of it until I saw that it had downloaded itself onto internet explorer without my consent. I did some research and couldn't find anything about it (I didn't look too much into it because I didn't feel it was a threat at the time). I wasn't able to remove it no matter what I did, so I just let it stay for a while. A couple weeks ago when I ran a Malwarebytes scan, mapsgalaxy showed up as several adware files, which I promptly removed. This morning, I finally got suspicious and decided to go through my whole registry and carefully wipe out any and all signs of this thing on my computer using the 'Find' feature with the keyword 'galaxy'. It no longer shows up in my add-on list on IE and as far as I can tell, I've deleted it completely. It will show up as maps_galaxy, mapsgalaxy_39, mapsgalaxy, anything of that sort and it was spread all throughout my registry. I'm not sure if it's at all dangerous, but it makes me a bit uneasy to think it might be, and that Malwarebytes couldn't detect and remove everything.
I emailed tech support to see if I could contribute in any way to Malwarebytes by reporting this, but they said I needed to post samples of it in the 'newest threats' section of the forum. I didn't keep any samples. The best thing I have is my Malwarebytes log from that particular scan (it was a quick scan, but I later ran a full scan and it didn't detect anything else). Not sure what else I can do, but just thought I'd try to give everyone a heads up.

Thank you!

Attached Files



#2 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,904 posts
  • Gender:Not Telling

Posted 27 February 2012 - 09:00 AM

Hello, Inquistive:

No legitimate extension/add-on will automatically install itself into Firefox, and it does not turn up on a search of the AMO site (though some legitimate devs choose not to host their extensions at AMO).
And a quick Google search turns up several hits about this being some form of spyware.

Since we don't work on malware detection or removal in this particular sub-section of the forums, it might be advisable to have one of our malware experts take a peek under the hood of your system & assist you with removing this pest, if need be.

PLEASE CHOOSE ONE OF THE FOLLOWING 3 OPTIONS:
OPTION 1: Free, one-on-one, expert assistance in the Malware Removal Forum.
OPTION 2: For paid users of MBAM PRO, free, one-on-one, expert assistance from MBAM support.
OPTION 3: Fee-based, one-on-one, expert assistance from Premium Support.

OPTION 1:
  • Please print out, read and carefully follow the instructions in the "I'm Infected - What Do I Do Now?" article.
  • If the infection has so crippled the computer that you cannot complete some or all of the steps, then just do the best you can and start a new topic as described below.
  • Then please start a new post in the Malware Removal Forum.
  • When starting your new post, please note the following:
  • Please do NOT post in a topic started by someone else, even if their problem sounds similar.
  • Please COPY/PASTE the requested logs into your post, rather than attaching them.
  • Under options, please be sure to select "track this topic" and "immediate email notification", so you'll know when a helper responds.
  • Please be patient - it may be 48 hours or more before a helper can assist you, especially when the forum is very busy.
  • Please do NOT "bump" your topic or reply back to it for at least 48 hours.
  • Doing so may cause your topic to be overlooked, as it will appear that you are already being helped.
OPTION 2:
If you are a paid user of MBAM PRO and prefer expert assistance via email, please send an email to support@malwarebytes.org, or contact the help desk here.

OPTION 3:
If you would like to use the Malwarebytes Premium Services (comprehensive solutions to all your computer support needs – from installation and set-up to troubleshooting and tune-ups), please go to our Premium Support site here.

Please be patient – someone will assist you as soon as possible.

Thank you very much,

daledoc1


PS Please use thePosted Image button or the Posted Image message pane (instead of the “Quote” and “MultiQuote” buttons) when replying here & at the other forums. That will make your topic easier to follow. :)

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users