Ping.exe

[CRedskinsRule]

So this is for the computer hacks among us. I have decided to shoot my laptop. ok no not really, however, I have gotten a virus/malware which launches a PING.exe process every 5 or so minutes. At one point my system disk had gotten corrupt to the point of having to run the Windows recovery system. Steps I have taken include running Malwarebytes in safe mode, and a generic disk cleaner(not Windex :cheeky-sm )

It definitely came attached with the google re-direct virus. I think I have mostly cleared that up, although on sporadic searches an eleven tab Firefox window is spawned, so somethings lurking somewhere.

Finally,the corruption erased all my past restore points, so the only one I have probably won't do much good in terms of wiping this thing out.

Googling it wasn't much help, but I came across several places saying to run combofix, but that seems more drastic then I am prepared to go. SOOO

any suggestions, has anyone else dealt with this thing successfully.

[724Skinsfan]

I would try Super Antispyware first, then go ahead with combofix. I've run combofix close to a hundred times and the only problem I've ever run into has been a corrupt profile, which I renamed.

[CRedskinsRule]

Quote:

Originally Posted by 724Skinsfan

I would try Super Antispyware first, then go ahead with combofix. I've run combofix close to a hundred times and the only problem I've ever run into has been a corrupt profile, which I renamed.

Thanks I will try it. Also, I deleted PING.exe from 2 spots in the registry (one was a key, and the other data) for browser emulation, and they re-generated once, so i deleted them again, and so far it hasn't kicked into any high CPU usage. Hopefully that was where the little bugger was hiding...

[Lotus]

I hope it all works out CRed.

Can someone enlighten me about computer viruses like this? Why would someone create such a virus? There is no apparent financial gain for the attacker. And victims are anonymous - it's not like the attacker is getting revenge. I just don't get the point of trying to create such a virus. With all the things that one can do with one's time, why spend time creating such a virus?

[firstdown]

Stop looking at porn or buy better protection.

[skinsfaninok]

Quote:

Originally Posted by firstdown

Stop looking at porn or buy better protection.

Eh buy protection

[CRedskinsRule]

Quote:

Originally Posted by Lotus

I hope it all works out CRed.

Can someone enlighten me about computer viruses like this? Why would someone create such a virus? There is no apparent financial gain for the attacker. And victims are anonymous - it's not like the attacker is getting revenge. I just don't get the point of trying to create such a virus. With all the things that one can do with one's time, why spend time creating such a virus?

Thanks Lotus,

The conspiracy theorist would tell you that the antivirus companies have people who make them and put them out, just to keep their business going. (they do in fact have people who develop them, but I doubt with the intention of releasing them)

2nd reason is vendettas against mega corps like Microsoft, OWS folks apply here

3rd, and probably the most common reason, is the "because it's there group" You get teenagers who are learning to code, think they have hit on cool techniques and get some acclaim in there circle for making them. Mostly they are repetitive and common ways of attacks, pretty straight-forward even for the free protection.

4th, a few people use them for identity theft etc


Everything seems good now so, I can go back to my surfing FD, LOL

[Lotus]

Quote:

Originally Posted by CRedskinsRule

Thanks Lotus,

The conspiracy theorist would tell you that the antivirus companies have people who make them and put them out, just to keep their business going. (they do in fact have people who develop them, but I doubt with the intention of releasing them)

2nd reason is vendettas against mega corps like Microsoft, OWS folks apply here

3rd, and probably the most common reason, is the "because it's there group" You get teenagers who are learning to code, think they have hit on cool techniques and get some acclaim in there circle for making them. Mostly they are repetitive and common ways of attacks, pretty straight-forward even for the free protection.

4th, a few people use them for identity theft etc


Everything seems good now so, I can go back to my surfing FD, LOL

I was talking about viruses which don't strike back at megacorporations like Microsoft and don't seem to help anyone to steal your identity.

But I think you are right about kids who need to be cool. That's a helpful insight. Thank you for that.

[SirClintonPortis]

Use Spybot S&D and go to their forums for support. They'll probably tell you to use Hijackthis! for a log to analyze and help diagnose the problem.

[SirClintonPortis]

Oh, and do not use an administrator account in the future, unless you have to. Create one of those user accounts and use that.

[That Guy]

zombies and root kits... they get paid for making your computer look at ads, and they get paid to be able to make your computer DDoS servers on command... plus they can also look for financial data and send that in too if they're feeling froggy.

[SirClintonPortis]

Quote:

Originally Posted by Lotus

I hope it all works out CRed.

Can someone enlighten me about computer viruses like this? Why would someone create such a virus? There is no apparent financial gain for the attacker. And victims are anonymous - it's not like the attacker is getting revenge. I just don't get the point of trying to create such a virus. With all the things that one can do with one's time, why spend time creating such a virus?

Who makes computer viruses and why? - JREF Forum

Have fun.

[skinsguy]

I'm not sure about the issue with ping.exe. If this is one of those rogue anti-virus programs, then they usually hide in c:\documents and settings \ all users \ application data. It's also quite possible that it hides in system restore, which could be why it regenerates some of its attacks. You could try unplugging the Ethernet cable from your computer, or shutting down the wireless and see if the ping.exe thing goes away. It could possible tell you which program is trying to access the internet, and from there, you'd know where it's at and what to get rid of.

I'm curious to know how you got your computer infected. We have people at work who tell me they have not been to any questionable websites at any time, not even facebook, yet they get these nasty viruses on their computers and I'm having to get rid of the viruses. Luckily for me, I've become somewhat of an expert in getting rid of the rogue anti-virus viruses, but you didn't say for sure if this was that type of virus or not.

[saden1]

Install Linux Mint...why waste time an energy on a product whose performance degrades over time and is susceptible to viruses?

[CRedskinsRule]

Quote:

Originally Posted by skinsguy

I'm not sure about the issue with ping.exe. If this is one of those rogue anti-virus programs, then they usually hide in c:\documents and settings \ all users \ application data. It's also quite possible that it hides in system restore, which could be why it regenerates some of its attacks. You could try unplugging the Ethernet cable from your computer, or shutting down the wireless and see if the ping.exe thing goes away. It could possible tell you which program is trying to access the internet, and from there, you'd know where it's at and what to get rid of.

I'm curious to know how you got your computer infected. We have people at work who tell me they have not been to any questionable websites at any time, not even facebook, yet they get these nasty viruses on their computers and I'm having to get rid of the viruses. Luckily for me, I've become somewhat of an expert in getting rid of the rogue anti-virus viruses, but you didn't say for sure if this was that type of virus or not.

I used the SuperAntispyware and it got rid of the last remnants of the PING thing. In terms of when I got it/where I got it, the most traceable thing that I can say is I switched to Google Chrome, nothing else in my surfing behaviour changed, and perhaps, I missed a setting when I switched to it. But I got the google re-direct virus within a few hours of installing chrome, and the PING thing seemed to be attached to that. I won't begin to say I avoid all "questionable" sites, but nothing that I hadn't been to many many times before.

I doubt it was in Chrome, but I have gone back to Mozilla just cause.