Sign In
Create Account
1
Having an issue with a computer. Took it in to have it looked at in a store on Friday, got it back for the office on Monday, and by Wednesday we were back with popups and the "Smart Fortress" fake antivirus. I uninstalled that from the program list before looking into it far enough to see that wouldn't work completely.
Our normal Trend Micro didn't detect any of this, so I went onto their website and ran their Fake AV removal. Still got pop-ups on the machine, which the normal Trend Micro detects as malicious and blocks. So then loaded MalwareBytes, ran the computer in safe mode and did the search, and it found a bunch of infected processes. Cleaned those off, but am still getting blocked popups. Now both Trend Micro AND MalwareBytes are showing these blocked addresses, even with Internet Explorer closed. We run in XP here in the office, and I checked the forums to see if there was anything to tell where the "outgoing" link was coming from, and downloaded Tcpview.exe to see if I could find where the problem is originating from.
The closest thing I can tell is that it's a "ping.exe" that's doing it... but there's no name to the process and it seems to remove itself immediately after it's blocked. Exceedingly confused by all of this. Any help would be appreciated.
-
This topic is locked
Back to top
#2
Posted 14 April 2012 - 11:26 AM
-
- Experts
-
- 17,554 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Welcome to the forum, please start at the link below:
http://forums.malwar...?showtopic=9573
Post back the 2 logs.
<====><====><====><====><====><====><====><====>
Next.......
Please remove any usb or external drives from the computer before you run this scan!
Please download and run RogueKiller.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
Click Scan to scan the system (don't run any other options)
Post back the report.
MrC
http://forums.malwar...?showtopic=9573
Post back the 2 logs.
<====><====><====><====><====><====><====><====>
Next.......
Please remove any usb or external drives from the computer before you run this scan!
Please download and run RogueKiller.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
Click Scan to scan the system (don't run any other options)
Post back the report.
MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#3
Posted 17 April 2012 - 06:46 AM
-
- Moderators
-
- 20,128 posts
Forum Deity
- Gender:Male
- Location:Missouri, USA
Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.
Other members who need assistance please start your own topic in a new thread. Thanks!
Other members who need assistance please start your own topic in a new thread. Thanks!
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
