Have you encountered the Goo.gl virus in Skype or Facebook? This article aims to help you understand the nature of this virus as well as show you how to remove it from your device completely.
Goo.gl virus is the name used by users to label the malicious application spreading malware infection through Skype, Facebook and other social networks. The Goo.gl virus is in fact a Trojan horse in disguise but we will get to that in a brief moment. Before that though, let’s clear something up.
What is Goo.gl?
Goo.gl is a legitimate service provided by Google for shortening of URLs. What is essentially does is take long URL addresses and crunch them inside far fewer characters. In this way a link gets easier to share, email, retweet, whatever social network interaction you can think of would benefit from a shorter web link. And while the EULA for this service states that “short URLs do not publicly reveal the identity of the user who created that URL mapping” and “short URL history for a user is accessible only when signed in using that Google Account” this is a preferred method for malware spreading. Why? You can’t see the full link before opening it, thus it is much easier to trick the victim into clicking on the link.
Skype Goo.gl Virus – What is it?
If you are interested in this article it is most likely that you have received a skype message from one or more of your Skype friends with a somewhat strange message contained inside as well as a goo.gl link. Unfortunately the user that has sent you the message is infected with the Skype Goo.gl virus and if you clicked and followed the link inside the message you are probably infected as well. You probably have a type of malware known as a Trojan horse and very soon if not already you will find out that you have started sending similar skype messages to people in your contact list as well. Regrettably this might not be the worst of it.
If you indeed have a Trojan in your system you might be in a big trouble. Trojan horses have seen regular use as backdoors for far more dangerous malware known as Ransomware. This type of software encrypts your files making them completely inaccessible and a Ransom payment is demanded to get a decryption key. Even if you don’t get a Ransomware, which we sincerely hope you won’t, there are other way for which the Trojan horse might make your life miserable:
- The use of your computer as a malware spreading or spamming machine (we already established that).
- Your device might be used for Bitcoin mining, greatly shortening the life-span of your hardware and significantly increasing your electricity bill.
- Your PC might be used as a “proxy of sorts” to launch cyber attacks and other cyber criminal activities, much like the Skype messages sent to your friends without your knowledge or participation.
- Your personal information might be in immediate danger. Including user names and passwords. If you are using any type of online payments methods you should be extremely alarmed and change your passwords immediately after you remove the Goo.gl virus.
- If you notice that some of your files are corrupted or missing that might be a direct effect of the presence of a Trojan horse virus in your system.
In additional to our removal instructions, please do not forget to change your Skype and/or Facebook password, depending on how far this infection has spread. This is a problem that should not be taken lightly. You should also consider contacting your friends and warning them not to open the malicious goo.gl links. If they have already done so send them a link to this article, we are trying to help as many of the affected users as possible.
|Name||Skype Goo.gl Virus|
|Type||Trojan Horse Malware|
|Danger Level||High (relatively).
|Symptoms||Strange messages sent to your Skype/Facebook contacts without your knowledge.
|Distribution Method||Clicking on infected links, downloaded executable files from unsafe locations.
If the removal guide helps you, remember: a thank you in the comments goes a long way to warm our hearts!
1: Enter Safe Mode.
2: Uninstall the virus from your Add/Remove Programs.
3: Permanently delete Goo.gl virus from Task Manager’s processes.
4: Uninstall the virus from Regedit and Msconfig.
Skype Goo.gl Virus Removal
Readers are interested in:
Reboot in Safe Mode (use this guide if you don’t know how to do it).
This is the first preparation.
The first thing you absolutely must do is Reveal All Hidden Files and Folders.
- Do not skip this. Goo.gl virus may have hidden some of its files and you need to see them.
Hold together the Start Key and R. Type appwiz.cpl –> OK.
You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:
Type msconfig in the search field and hit enter. A window will pop-up:
Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.
Hold the Start Key and R – copy + paste the following and click OK:
A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:
If there are suspicious IPs below “Localhost” – write to us in the comments.
Open the Start Menu, type “Control Panel” in the search box —> Enter. Network and Internet —> Network and Sharing Center —> Change Adapter Settings. Right-click your Internet connection —> Properties.
In Networking, left click Internet Protocol Version 4 —> Properties. If everything is normal, your window will look like the picture below. If it doesn’t, click on the two “automatic” choices. NOTE: If you are in a domain network (check here if you don’t know what that is), contact your Domain Administrator so he can make these settings, or this may break your Internet Connection.
Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are a virus. Google them or ask us in the comments.
WARNING! STOP HERE AND READ CAREFULLY!
It is very important to stop for a moment here and take the time to reflect on what would come next. The last part of our removal guide should be considered more complex and dangerous than anything you were instructed to do up until this point. It is preferable only users with previous manual malware removal experience continue. Since you will be dealing with important system processes any mistake might turn out to be extremely damaging to your device. For the less experienced users and for those who do not wish to take any chances we recommend an alternative solution – download and install a professional program to help you deal with the Goo.gl Virus and any other malware threats.
Right click on each of the virus processes and select Open File Location, then End the process. Copy the folders somewhere (as a backup if you make a mistake) and delete the directories you were sent to.
Type Regedit in the windows search field and press Enter.
Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:
- HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random
If these things fail to help you find Goo.gl virus you need to resort to a professional scanner – obviously this is a malware that was created to steal your credentials and credit cards – meaning the people who created it spent a lot of resources to make it as dangerous as possible.
Remember to leave us a comment if you run into any trouble!