Redirecting... with no browser open.
Posted 12 April 2012 - 10:33 AM
Our normal Trend Micro didn't detect any of this, so I went onto their website and ran their Fake AV removal. Still got pop-ups on the machine, which the normal Trend Micro detects as malicious and blocks. So then loaded MalwareBytes, ran the computer in safe mode and did the search, and it found a bunch of infected processes. Cleaned those off, but am still getting blocked popups. Now both Trend Micro AND MalwareBytes are showing these blocked addresses, even with Internet Explorer closed. We run in XP here in the office, and I checked the forums to see if there was anything to tell where the "outgoing" link was coming from, and downloaded Tcpview.exe to see if I could find where the problem is originating from.
The closest thing I can tell is that it's a "ping.exe" that's doing it... but there's no name to the process and it seems to remove itself immediately after it's blocked. Exceedingly confused by all of this. Any help would be appreciated.
Posted 14 April 2012 - 11:26 AM
Post back the 2 logs.
Please remove any usb or external drives from the computer before you run this scan!
Please download and run RogueKiller.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
Click Scan to scan the system (don't run any other options)
Post back the report.
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
Posted 17 April 2012 - 06:46 AM
Other members who need assistance please start your own topic in a new thread. Thanks!
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users