Jump to content

Ping.exe Issue - Have logs ready


mae7

Recommended Posts

Hello,

I've encountered the same problem as a few others here. This originally started with "XP Security 2012" that came up on my screen, so I ran MBAM to get rid of it. This only removed the popups I was receiving regarding the program. Now, I notice "ping.exe" running in my processes and it's taking up most of my CPU usage. Please help me as I have several projects I need to work on this month.

I have run TDSS and OTL and have the logs ready. I will post them as soon as I get a reply (since I know topics with 0 replies are addressed first).

Please help me!!

Thank you,

Christina

Link to post
Share on other sites

Hi Screen,

Sorry for the delay in replying.

I was able run a quick scan on MBAM, but the DDS scan never worked for me. I waited 45 minutes for the scan to complete, and it never finished and didn't show the logs. I did this twice.

Anyways, here is my MBAM log.

Thank you for your help.

_____________________________________________________

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8377

Windows 5.1.2600 Service Pack 2

Internet Explorer 7.0.5730.11

12/16/2011 7:18:09 PM

mbam-log-2011-12-16 (19-18-09).txt

Scan type: Quick scan

Objects scanned: 189942

Time elapsed: 15 minute(s), 51 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 14

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\AH (Rogue.MultipleAV) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CLASSES_ROOT\ah\Content Type (Rogue.MultipleAV) -> Value: Content Type -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\Temp\0.098521623663543.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\gggf0.10000774279569147.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\gggf0.1644429057126955.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\gggf0.3056358048978489.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\gggf0.7705473123012408.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\nnnv0.026098304175084075.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\nnnv0.11641383095572666.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\nnnv0.19095675126004807.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\nnnv0.20861367196224734.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\nnnv0.29029038902817017.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\nnnv0.3575908813403762.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\nnnv0.9360725783121707.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\0.5218068795261045gtye.exe (Exploit.Drop.4) -> Quarantined and deleted successfully.

c:\WINDOWS\Temp\0.18246236542743755gtye.exe (Exploit.Drop.4) -> Quarantined and deleted successfully.

Link to post
Share on other sites

  • Staff

Hi,

Update MBAM, run a Quick Scan, and post its log. Delete DDS and download it again. Try running it. If no joy, do this instead:

Download OTL.exe by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe.
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.