Solved

Malwarebytes Malicious Site Blocked PopUp

Posted on 2014-12-09
11
540 Views
Last Modified: 2014-12-10
I have a system I am working on...

Malwarebytes Malicious Site Blocked / Outbound pop up keeps coming up... port 49583...
  gives a site.. different ones.. search net.blinkxcore.com   Outbound ...

I ran a couple of cleanup utilities...
Malwarebytes
SuperAntiSpyWare
Iobit Malware Fighter
AdwCleaner
Junkware Removal Tool JRT
CCleaner
Eset Nod32 - Ran scan

NONE of these programs are finding anything, accept AdwCleaner did some cleanup

I need help, I don't know what to do from here?

It also is attacking Internet Options - Disables Downloads.. not sure what else, but that is getting turned off...

Hope someone can help.

Thanks!  :-)
0
Comment
Question by:etronics6
11 Comments
 
LVL 4

Expert Comment

by:hulsebosch
ID: 40488355
Give Hitmanpro a chance.
It's freeware and contains a coctail of software.
No waranty, but it has helped me out several times.
http://www.surfright.nl/en
0
 
LVL 23

Expert Comment

by:Eirman
ID: 40488527
A technicality hulsebosch
Hitmanpro is not freeware - You can get a free one month trial, (and it is really excellent).
0
 
LVL 4

Expert Comment

by:hulsebosch
ID: 40488606
Your right Eirman, it has become trial software.
Still, fully functional during this one month period. (which gives you more then enough time to fix the issue)
Thanks for correcting me.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:etronics6
ID: 40489171
Tried HMPro.. Still popping up

Tried Norton PEraser
Microsoft Malware scanner msert...

Still have popups.. Multiple Outbound websites... Different files in system32 & WOWsys (I think that's the folder)...

Any other suggestions??
0
 
LVL 4

Expert Comment

by:hulsebosch
ID: 40490112
You can follow the instructions on this website  :http://malwaretips.com/blogs/remove-adware-popup-ads/
You will find info about pop up adds, but also other malware.

Hope this will help you out.
For, if none of the software mentioned helps, probably something has been installed in a sneeky way.
(These a**holes get better and better in hiding this kind of stuff.)
0
 

Author Comment

by:etronics6
ID: 40490538
Here is the MalwareBytes graphic of "one of the pop-ups".. but there are many different ones that popup...

Let me know if that helps... any other ideas pleaseeeee :-)

mwb
0
 
LVL 4

Expert Comment

by:hulsebosch
ID: 40490572
See if sfc /scannow from the command prompt finds any system files that were tampered with.
Did you try using system restore to put your system files to a state before this issue started?
0
 

Author Comment

by:etronics6
ID: 40491570
Hi,

I tried all above..

Do you all agree that there is something (malware) somewhere that I am not getting to?  With this graphic I think there is malware of sorts still in system & NOT CLEAN, right?  Something is embedded in the system...

My client sounds like we will REPLACE system... I think that is the route we will go... If I give back like this.. I feel its still infected somehow that I just can't get... ONLY fix is to without reformat & rebuild... Correct?

Do you guys agree??

Thanks for all your help... please respond your thoughts on above...
0
 
LVL 4

Accepted Solution

by:
hulsebosch earned 500 total points
ID: 40491693
one last shot, what would happen when you change the extention for the file ? (regsvr)
Have you tried booting from usb (winpe or Linux) and scan the pc? Some virusses are very good at hiding themselves on a running OS.
Check Kaspersky for bootable software to scan your machine.
0
 

Author Comment

by:etronics6
ID: 40491778
its multiple popups with multiple files... not just the regsvr file...

I haven't used those tools before... thanks for all ur help!!  

I appreciate your fast responses too!
0
 
LVL 9

Expert Comment

by:davidanders
ID: 40493128
There are google results for the IP Address
https://www.google.com/search?q=88.214.193.212
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
#Citrix #Internet Explorer #Enterprise Mode #IE 11 #IE 8
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question