Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Malwarebytes Malicious Site Blocked PopUp

Posted on 2014-12-09
11
Medium Priority
?
562 Views
Last Modified: 2014-12-10
I have a system I am working on...

Malwarebytes Malicious Site Blocked / Outbound pop up keeps coming up... port 49583...
  gives a site.. different ones.. search net.blinkxcore.com   Outbound ...

I ran a couple of cleanup utilities...
Malwarebytes
SuperAntiSpyWare
Iobit Malware Fighter
AdwCleaner
Junkware Removal Tool JRT
CCleaner
Eset Nod32 - Ran scan

NONE of these programs are finding anything, accept AdwCleaner did some cleanup

I need help, I don't know what to do from here?

It also is attacking Internet Options - Disables Downloads.. not sure what else, but that is getting turned off...

Hope someone can help.

Thanks!  :-)
0
Comment
Question by:etronics6
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 4

Expert Comment

by:hulsebosch
ID: 40488355
Give Hitmanpro a chance.
It's freeware and contains a coctail of software.
No waranty, but it has helped me out several times.
http://www.surfright.nl/en
0
 
LVL 24

Expert Comment

by:Eirman
ID: 40488527
A technicality hulsebosch
Hitmanpro is not freeware - You can get a free one month trial, (and it is really excellent).
0
 
LVL 4

Expert Comment

by:hulsebosch
ID: 40488606
Your right Eirman, it has become trial software.
Still, fully functional during this one month period. (which gives you more then enough time to fix the issue)
Thanks for correcting me.
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 

Author Comment

by:etronics6
ID: 40489171
Tried HMPro.. Still popping up

Tried Norton PEraser
Microsoft Malware scanner msert...

Still have popups.. Multiple Outbound websites... Different files in system32 & WOWsys (I think that's the folder)...

Any other suggestions??
0
 
LVL 4

Expert Comment

by:hulsebosch
ID: 40490112
You can follow the instructions on this website  :http://malwaretips.com/blogs/remove-adware-popup-ads/
You will find info about pop up adds, but also other malware.

Hope this will help you out.
For, if none of the software mentioned helps, probably something has been installed in a sneeky way.
(These a**holes get better and better in hiding this kind of stuff.)
0
 

Author Comment

by:etronics6
ID: 40490538
Here is the MalwareBytes graphic of "one of the pop-ups".. but there are many different ones that popup...

Let me know if that helps... any other ideas pleaseeeee :-)

mwb
0
 
LVL 4

Expert Comment

by:hulsebosch
ID: 40490572
See if sfc /scannow from the command prompt finds any system files that were tampered with.
Did you try using system restore to put your system files to a state before this issue started?
0
 

Author Comment

by:etronics6
ID: 40491570
Hi,

I tried all above..

Do you all agree that there is something (malware) somewhere that I am not getting to?  With this graphic I think there is malware of sorts still in system & NOT CLEAN, right?  Something is embedded in the system...

My client sounds like we will REPLACE system... I think that is the route we will go... If I give back like this.. I feel its still infected somehow that I just can't get... ONLY fix is to without reformat & rebuild... Correct?

Do you guys agree??

Thanks for all your help... please respond your thoughts on above...
0
 
LVL 4

Accepted Solution

by:
hulsebosch earned 2000 total points
ID: 40491693
one last shot, what would happen when you change the extention for the file ? (regsvr)
Have you tried booting from usb (winpe or Linux) and scan the pc? Some virusses are very good at hiding themselves on a running OS.
Check Kaspersky for bootable software to scan your machine.
0
 

Author Comment

by:etronics6
ID: 40491778
its multiple popups with multiple files... not just the regsvr file...

I haven't used those tools before... thanks for all ur help!!  

I appreciate your fast responses too!
0
 
LVL 10

Expert Comment

by:davidanders
ID: 40493128
There are google results for the IP Address
https://www.google.com/search?q=88.214.193.212
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question