Jump to content

my computer is infected by ping.exe also

fh2000

By fh2000
in Resolved Malware Removal Logs

 Share

Recommended Posts

fh2000

fh2000

Posted
Posted

Hi,

My computer keeps showing ping.exe in Task Manager even after I killed it repeatedly. I ran the Malwarebytes Anti-Malware (see below log).

But I am not able to download DDS. Can you help me what I should do next?

Thanks

fh2000

=========================================================================================

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8339

Windows 5.1.2600 Service Pack 2

Internet Explorer 7.0.5730.13

12/8/2011 10:56:26 PM

mbam-log-2011-12-08 (22-56-26).txt

Scan type: Quick scan

Objects scanned: 251804

Time elapsed: 33 minute(s), 15 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 8

Registry Values Infected: 2

Registry Data Items Infected: 1

Folders Infected: 1

Files Infected: 4

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{EFF39A40-C163-4d5d-B073-52FBB55C646A} (Trojan.Passwords) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\linkrdr.AIEbho.1 (Trojan.Passwords) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\linkrdr.AIEbho (Trojan.Passwords) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFF39A40-C163-4D5D-B073-52FBB55C646A} (Trojan.Passwords) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Trojan.Email) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AH (Rogue.MultipleAV) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Value: (default) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ah\Content Type (Rogue.MultipleAV) -> Value: Content Type -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\appconf32.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:

c:\WINDOWS\system32\xmldm (Stolen.Data) -> Quarantined and deleted successfully.

Files Infected:

c:\WINDOWS\system32\acroiehelpe.dll (Trojan.Passwords) -> Quarantined and deleted successfully.

c:\windows\temp\ydgrdc\setup.exe (Trojan.Email) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\srvblck2.tmp (Malware.Trace) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\acroiehelpe.txt (Malware.Trace) -> Quarantined and deleted successfully.

Link to post
Share on other sites
fh2000

fh2000

Posted
  • Author
Posted

Hi,

I am still trying to do this step from your instruction email, but when I click on DDS, nothing happens to me. Maybe the virus blocked that site from me.

Is there another way to get DDS downloaded to my PC?

Thanks for your help

fh2000

=======================================================

Download DDS and save it to your desktop

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr to run the tool.

When done, the DDS.txt file will open.

Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:

DDS.txt

Attach.txt

Save both reports to your desktop

Please include the following logs in your new topic that you will create: DDS.txt and Attach.txt

Link to post
Share on other sites
fh2000

fh2000

Posted
  • Author
Posted

Hi, Elite engineers from Malwarebytes,

I read thru some of the old threads and saw suggestions to run ComboFix. So, I downloaded ComboFix, and run it. I watched it for 2 hours, and it appears that ping.exe no longer showing up in Task Manager.

I will keep watching it and hope it won't come back. For now, no need to reply to my request. If my problem comes back again, I will post again.

Thanks

Link to post
Share on other sites
  • 2 weeks later...
  • 1 month later...
  • 1 month later...
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.