• Log InLog In
  • Register
Liquid`
Team Liquid Liquipedia
EDT 05:45
CEST 11:45
KST 18:45
  • Home
  • Forum
  • Calendar
  • Streams
  • Liquipedia
  • Features
  • Store
  • EPT
  • TL+
  • StarCraft 2
  • Brood War
  • Smash
  • Heroes
  • Counter-Strike
  • Overwatch
  • Liquibet
  • Fantasy StarCraft
  • TLPD
  • StarCraft 2
  • Brood War
  • Blogs
Forum Sidebar
Events/Features
News
Featured News
Serral wins Maestros of the Game 234ByuL, and the Limitations of Standard Play3Team Liquid Map Contest #22: Results and Winners7Code S Season 2 (2026): RO4 and Finals Preview12TL.net Map Contest #22 - Voting & Ladder Map Selection7
Community News
Weekly Cups (June 29-July 5): Solar Doubles0MC vs IdrA, Boxer vs Nal_rA to be Legacy Matches @ BlizzCon415.0.16 Hotfix (June 30) - Balance + Bug Fixes40Weekly Cups (June 22-28): Zergs thrive in new patch5[TLMC] Summer 2026 Ladder Map Rotation0
StarCraft 2
General
Most successful SC2 players of Q2 2026 Serral wins Maestros of the Game 2 Is the larve respawn broken? 5.0.16 patch for SC2 goes live (8 worker start) 5.0.16 Hotfix (June 30) - Balance + Bug Fixes
Tourneys
Sea Duckling Open (Global, Bronze-Diamond) Crank Gathers Season 4: BW vs SC2 Team League GSL CK #5 Race War HomeStory Cup 29 RSL Revival: Season 6 - Qualifiers and Main Event
Strategy
[G] Having the right mentality to improve
Custom Maps
New Map Maker - Looking for Advice - Love or Hate Work In Progress Melee Maps [D]RTS in all its shapes and glory <3
External Content
Mutation # 533 Die Together The PondCast: SC2 News & Results Mutation # 532 Nuclear Family Mutation # 531 Experimental Artillery
Brood War
General
Starcraft vs Retro Category on Twitch ASL 22 Proposed Map Pool 60% Keyboards Viable for Starcraft? Snow On New ASL S22 Map, Zerg Nerf BW General Discussion
Tourneys
Small VOD Thread 2.0 IPSL Spring 2026 Top 4! CSLAN 4 is Coming! Escore Tournament StarCraft Season 2
Strategy
Fighting Spirit mining rates Simple Questions, Simple Answers Creating a full chart of Zerg builds Relatively freeroll strategies
Other Games
General Games
Nintendo Switch Thread Dawn of War IV Stormgate/Frost Giant Megathread Summer Games Done Quick 2026! ZeroSpace at Steam NextFest - Last free demo
Dota 2
Looking for a Dota Mentor Official 'what is Dota anymore' discussion
League of Legends
Heroes of the Storm
Simple Questions, Simple Answers Heroes of the Storm 2.0
Hearthstone
Deck construction bug
TL Mafia
NeO.D_StephenKing vs This Guy From 1 Million Dance TL Mafia Community Thread TL Mafia Power Rank Vanilla Mini Mafia
Community
General
US Politics Mega-thread Russo-Ukrainian War Thread UK Politics Mega-thread YouTube Thread Canadian Politics Mega-thread
Fan Clubs
The HerO Fan Club!
Media & Entertainment
Anime Discussion Thread Movie Discussion! Series you have seen recently... [Req][Books] Good Fantasy/SciFi books [TV/BOOK] *SPOILERS* Game of Thrones Discussion
Sports
2024 - 2026 Football Thread McBoner: A hockey love story Tennis[sport] Formula 1 Discussion TeamLiquid Health and Fitness Initiative For 2023
World Cup 2022
Tech Support
FPS when play League Of Legend on laptop How to clean a TTe Thermaltake keyboard? Computer Build, Upgrade & Buying Resource Thread
TL Community
The Automated Ban List
Blogs
Major Shifts in the Gaming I…
TrAiDoS
An Exploration of th…
waywardstrategy
Gauntlet SC2: A Retrospectiv…
Ctone23
ramps on octagon
StaticNine
Funny Nicknames
LUCKY_NOOB
Evil Gacha Games and the…
ffswowsucks
Customize Sidebar...

Website Feedback

Closed Threads



Active: 5251 users

Virus Busting PING.EXE

Blogs > Newbistic
Post a Reply
Normal
Newbistic
Profile Blog Joined August 2006
China2912 Posts
December 09 2011 22:17 GMT
#1
This morning my computer got struck by a virus. I spent about four hours fighting the damned thing. It was two viruses rolled into one, actually: a one-two punch consisting of the Windows 2012 Security Alert malware and the ping.exe virus.

[image loading]
Artist's rendition of what actually transpired inside the computer.

The Windows 2012 Security Alert thing was pretty easy to get rid of. I googled around and found the guide at

http://www.bleepingcomputer.com/virus-removal/remove-win-7-security-2012

Followed the instructions, killed the thing, rebooted my computer.

But wait, there's more! Fucking strange-assed popups, firefox redirects for no reason. In the good old days, when I got malware I would do a windows-F, search for all executable files created in the past two days or so, delete the files with strange names by strange companies (mircosoft, anyone?), and went on my merry way. This time however that didn't work. This was a smart virus. PING.EXE in all caps on the windows task manager. Couldn't end process or delete, and under properties it said the program was made by Microsoft with correct spelling and punctuation and everything. Malwarebytes, the program that removed the Windows 7 Security 2012 malware, couldn't detect anything wrong with PING.EXE.

I looked around some more on the internet but there was no easy to find universal solution for the damned thing. Some of the big tech forums wanted you to install programs just to create log files to paste on their forums so they can tell you what to do specifically for the system. Of course, being the seasoned virus buster, I couldn't be bothered (I'm actually a dumbass). I looked around for some other solutions. There are some shady assed sites out there with really weird walkthroughs on how to remove the virus. One walkthrough suggests letting the virus run its course and clicking "Scan" to let the bogus malware scan my computer because it would somehow "fool" the virus or w/e. There was also a powerful program called "Combofix" that could allegedly delete essential files on your computer if you didn't know what you were doing, and I didn't want to mess with that.

The solution that worked was downloading Avast anti-virus directly to my phone (using it as a USB drive of sorts) as well as WisePCDoctor (which itself sounds kind of shady). Installed the programs off the phone, did full scan + reboot scan to kill the virus. Which also killed my computer because it kept failing to boot after the scans completed (lol). System repair was also unable to fix the problem.

In the end I was able to do a system restore to yesterday morning, this seems to fix everything. PING.EXE isn't appearing on the task manager. I'm still not sure if it was Avast that killed the virus or if I could have just done a system restore from the start and solved the problem immediately.

TL;DR

Be fucking careful online, getting a virus isn't worth it. Also don't be cocky in thinking you can get rid of the virus easily. That shit can wreck your computer.

***
Logic is Overrated
arb
Profile Blog Joined April 2008
Noobville17922 Posts
December 09 2011 22:22 GMT
#2
fighting the life virus was the most retarded ass boss fight -_-;
Artillery spawned from the forges of Hell
actionbastrd
Profile Blog Joined September 2010
Congo598 Posts
December 09 2011 22:23 GMT
#3
oh man i had a friends comp get Ping.exe combined with tons of other crap - they have no virus protection. Spend hours on that one, never saw ping.exe like that before.

Programs i used, the one that killed Ping.exe is the last one on this list.

Spybot search and destroy
Malewarebytes
TDSSkiller
Kaspersky Virus Removal Tool

Last two are free at

http://support.kaspersky.com/viruses/utility

Hope this helps anyone else with this problem. What a pain! i feel for yeah. Kill it in processes over and over and over and over asap to have the cpu power to actually run this stuff too. =o Glad you got it working!
It rained today inside my head...
cmen15
Profile Blog Joined December 2010
United States1519 Posts
December 09 2011 22:23 GMT
#4
Haha good job man!!! Thank god i never have gotten anything to bad on any of my computers(knock on wood now plz). I like the pic lol, doing some big damage there : )
Greed leads to just about all losses.
Gnosis
Profile Joined December 2008
Scotland912 Posts
December 09 2011 22:27 GMT
#5
Sucks ;(

I learned a while ago that the best way to remove a virus, was to format.
"Reason is flawless, de jure, but reasoners are not, de facto." – Peter Kreeft
Ruffian
Profile Blog Joined August 2011
United States369 Posts
December 09 2011 22:39 GMT
#6
Oh wow, good job finally getting rid of the thing! Once my laptop got this massive virus and I couldn't figure it out so I took it to get fixed. The guy downloaded combofix on it actually he even said "This program is extremely powerful, only use it as a last resort!"

I'm afraid to even open it haha.
There's a class for this (ノ◕ヮ◕)ノ*:・゚✧
Fontong
Profile Blog Joined December 2007
United States6454 Posts
December 09 2011 22:39 GMT
#7
This guide by TL's resident wizard should help prevent you from getting any more viruses.

http://www.teamliquid.net/forum/viewmessage.php?topic_id=109597
[SECRET FONT] "Dragoon bunker"
DreamChaser
Profile Blog Joined February 2011
1649 Posts
December 09 2011 22:52 GMT
#8
I try not to get viruses because i do not know how to fight them lol...At least you computer let you go online one time i got a virus that didn't let me even use the net. My uncle just wiped the computer and called me a dumbass.
Plays against every MU with nexus first.
LaSt)ChAnCe
Profile Blog Joined June 2005
United States2179 Posts
Last Edited: 2011-12-09 22:58:28
December 09 2011 22:58 GMT
#9
sounds like you might have just booted into safe mode and killed it. worst comes to worst, a live boot disc and kill it from there

(point being to kill it when it's not loaded)
Newbistic
Profile Blog Joined August 2006
China2912 Posts
Last Edited: 2011-12-09 23:02:25
December 09 2011 22:59 GMT
#10
On December 10 2011 07:39 Fontong wrote:
This guide by TL's resident wizard should help prevent you from getting any more viruses.

http://www.teamliquid.net/forum/viewmessage.php?topic_id=109597


Yeah, the entire time I was thinking "what would r1ch do"

On December 10 2011 07:52 DreamChaser wrote:
I try not to get viruses because i do not know how to fight them lol...At least you computer let you go online one time i got a virus that didn't let me even use the net. My uncle just wiped the computer and called me a dumbass.


True, a lot of luck was involved. I think a good solution would be to dual-boot Ubuntu on the machine (which I did with my last laptop) so I could basically have two computers on the same computer in case something fucks up irreparably on the Windows OS.

On December 10 2011 07:58 LaSt)ChAnCe wrote:
sounds like you might have just booted into safe mode and killed it. worst comes to worst, a live boot disc and kill it from there

(point being to kill it when it's not loaded)


I actually did boot into safe mode, it seemed like (I'm not extremely computer savvy) certain aspects of the virus were still activated. An interesting thing that happened which I forgot to mention was that the first time I booted into safe mode the computer mysteriously restarted all by itself into normal mode, except certain functions such as Task Manager and Explorer.exe were disabled/faulty. I suspected this was actually a design on part of the virus and rebooted back into safe mode, which made Task Manager and Explorer.exe functional again. That made me tread even more carefully than before.
Logic is Overrated
Durak
Profile Blog Joined January 2008
Canada3685 Posts
December 09 2011 23:07 GMT
#11
I use most of the precautions that R1CH mentioned in his post. If I ever do get a virus anyway, I just reformat. It takes a couple hours either way so I might as well make sure I get everything.
Zariel
Profile Blog Joined December 2010
Australia1312 Posts
December 09 2011 23:11 GMT
#12
As a computer technician this is my usual course of action:

1) Safe mode - install and update malwarebytes, do a full scan
- if .exe files are being blocked, use the Tools > Folder options > View > untick 'hide extentions for known file types', then change the .exe to .com. Go to your program files > malwarebytes - antimalware folder, then rename mbam.exe to mbam.com to open it if this is the case
- alternative: there's a registry fix that restores your .exe pathing to a normal state
- if you cannot go on the internet since the virus blocking you, open command prompt under administrator privileges (if vista/7, xp no need) and type in 'netsh winsock reset' and restart your computer

2) Normal mode - run another full scan of malwarebytes, and run a full scan on each user account.

3) Rip out hard drive and do a virus scan on a second computer (if I suspect actual virus infection)

4) Install some anti virus software (eg: AVG/Avast/Avira etc)
sup
kamikami
Profile Joined November 2010
France1057 Posts
Last Edited: 2011-12-09 23:21:12
December 09 2011 23:20 GMT
#13
Why not just do a system recovery (to a previous state), then use anti-virus to scan the whole hard disk (work 95%)
If problem not solved, reinstall windows (work 100%)
Khassar de Templari
3Form
Profile Joined December 2009
United Kingdom389 Posts
December 09 2011 23:23 GMT
#14
I used to have a dual boot vista/XP, I got a virus once through entirely my own fault and luckily could boot off the other partition and sort things out.

Might consider having a dual boot on all my future PCs precisely for this reason, even though *touch wood* I hardly ever get viruses.
Ruffian
Profile Blog Joined August 2011
United States369 Posts
December 09 2011 23:28 GMT
#15
On December 10 2011 08:11 Zariel wrote:
4) Install some anti virus software (eg: AVG/Avast/Avira etc)


AVG? No way. Microsoft Security Essentials should be mentioned. Honestly, it's the best free anti-virus out there ^^ Not too sure of Avast and Avira though, never tried them.
There's a class for this (ノ◕ヮ◕)ノ*:・゚✧
Fontong
Profile Blog Joined December 2007
United States6454 Posts
December 09 2011 23:31 GMT
#16
On December 10 2011 08:07 Durak wrote:
I use most of the precautions that R1CH mentioned in his post. If I ever do get a virus anyway, I just reformat. It takes a couple hours either way so I might as well make sure I get everything.

Yup, reformatting is really nice anyway. It's like you just got a new computer
[SECRET FONT] "Dragoon bunker"
darkcloud8282
Profile Joined December 2010
Canada776 Posts
December 09 2011 23:41 GMT
#17
I had the same problem.. I also had NOD32 installed and it didn't do shit. Gonna pick up another anti virus instead..
Skilledblob
Profile Joined April 2011
Germany3392 Posts
December 09 2011 23:43 GMT
#18
Kaspersky is pretty much the strongest Antivir I ever saw. It's pretty awesome but can slow down your computer quite a bit.
Terrakin
Profile Blog Joined December 2009
United States1440 Posts
December 10 2011 01:37 GMT
#19
I got the same virus and from the looks of Day[9]'s earlier tweet he did as well.

I just cleaned out an absolutely brilliant virus that pretends to be Microsoft Security Essentials. Anyone else had this? It's SO clever!


Seems strange that so many people are getting it and recently too..
Fame was like a drug. But what was even more like a drug were the drugs.
PineapplePizza
Profile Joined June 2010
United States749 Posts
Last Edited: 2011-12-10 01:51:38
December 10 2011 01:50 GMT
#20
On December 10 2011 10:37 Terrakin wrote:
I got the same virus and from the looks of Day[9]'s earlier tweet he did as well.

Show nested quote +
I just cleaned out an absolutely brilliant virus that pretends to be Microsoft Security Essentials. Anyone else had this? It's SO clever!


Seems strange that so many people are getting it and recently too..


Two days ago, I had to kill this same virus (Home Security 2012 fake AV into ping.exe) using the malwarebytes / tdsskiller / kapersky rootkit killer combo.

It popped up while I was browsing TL.net O_o did anybody else have it happen here?
"There should be no tying a sharp, hard object to your cock like it has a mechanical arm and hitting it with the object or using your cockring to crack the egg. No cyborg penises allowed. 100% flesh only." - semioldguy
ThaZenith
Profile Blog Joined October 2010
Canada3116 Posts
December 10 2011 02:45 GMT
#21
I had that exact same thing before, seeing the PING.exe popping up in my processes was making me mad. I believe I forced a safe mode and then scanned/cleaned my computer, but it was a few months ago so I can't remember exactly.
Fontong
Profile Blog Joined December 2007
United States6454 Posts
December 10 2011 06:21 GMT
#22
Funny that this blog popped up. I just left school to visit my girlfriends house and, surprise, her dad got this virus. Now I'm being the nice boyfriend and fixing it... These pretend security viruses are just lulsy, and they are getting better and more difficult to remove.
[SECRET FONT] "Dragoon bunker"
Newbistic
Profile Blog Joined August 2006
China2912 Posts
December 10 2011 20:40 GMT
#23
Just an update... I got the same virus AGAIN this morning. Apparently the virus also disabled Windows Firewall in a way that couldn't be repaired, and re-installing it would be too complex.

Did a reformat, which ironically took less time than all those anti-virus scanning. Now re-installing a ton of shit, which is a pain in the ass. But at least I can safely take new precautions.
Logic is Overrated
Swede
Profile Joined June 2010
New Zealand853 Posts
December 10 2011 22:17 GMT
#24
On December 11 2011 05:40 Newbistic wrote:
Just an update... I got the same virus AGAIN this morning. Apparently the virus also disabled Windows Firewall in a way that couldn't be repaired, and re-installing it would be too complex.

Did a reformat, which ironically took less time than all those anti-virus scanning. Now re-installing a ton of shit, which is a pain in the ass. But at least I can safely take new precautions.


You should make a Windows XP bootable pendrive. If I ever end up with a virus that is difficult to beat in my actual Windows I can just boot to the pendrive and delete it there. SO much easier than trying to do it from the infected Windows installation.
Deception-35
Profile Joined February 2011
United States113 Posts
December 16 2011 20:23 GMT
#25
same thing is happening to my computer but i have no idea what to do and i dont have my windows vista disk anymore so i cant reinstall my windows.
vnlegend
Profile Blog Joined December 2006
United States1389 Posts
December 16 2011 20:34 GMT
#26
You can safe-mode boot and delete or do it in command-line before Windows loads. All you really need is HijackThis and Windows Security Essentials.
Marines > everything
Fontong
Profile Blog Joined December 2007
United States6454 Posts
December 16 2011 21:34 GMT
#27
^^You can't, really. Unless you know of a way to repair windows firewall after this virus breaks it. When I was working on a computer that had it, I searched a lot about ways to fix it and came up totally dry.

Seems like you get this thing through your browser, so just make sure you have DEP on for your browser, as well as the Enhanced Mitigation Experience Toolkit on forcing extra security measures for whatever browsers you have installed.
[SECRET FONT] "Dragoon bunker"
Newbistic
Profile Blog Joined August 2006
China2912 Posts
December 16 2011 21:59 GMT
#28
On December 17 2011 05:23 Deception-35 wrote:
same thing is happening to my computer but i have no idea what to do and i dont have my windows vista disk anymore so i cant reinstall my windows.


If you bought your computer whole, you probably have a recovery partition somewhere on your computer. Look in the manual that came with your computer to see how to restore your computer to factory condition.

Be sure to back up all important files before you use recovery though. Once you've recovered you can google online, there should be a way to create your own Vista DVD directly from your C drive. I created an XP disc a long time ago for an XP laptop I had.
Logic is Overrated
GeneralZap
Profile Joined January 2008
United States172 Posts
December 17 2011 07:57 GMT
#29
Now I'm scared paranoid. Funnily enough I think I got the virus from a Chinese IP. *Prays to God and hopes it was not you hacking my computer and now your asking how to perfect the virus(*es)...

I hope I can take some of these steps and get rid of this.

I've tried McAffee, Malwarebytes, Spybot S&D, Trend-Micro's botkiller or whatever, TLDRSS (or whatever the name is), and manual searches and manual deletions of files/registries I knew to be malicious. VERY annoying virus!


Death has lost its sting.
Newbistic
Profile Blog Joined August 2006
China2912 Posts
December 17 2011 09:09 GMT
#30
You got me, I sent the virus as part of my new career in cyber crime.

+ Show Spoiler +
I actually live in the States
Logic is Overrated
jmamike
Profile Joined December 2011
1 Post
December 26 2011 06:29 GMT
#31
I suffered from the same problem. I also had Avg installed but it didn't work. This blog: how to remove ping.exe virus introduced avast antivirus instead.
TheAntZ
Profile Blog Joined January 2009
Israel6248 Posts
December 26 2011 09:45 GMT
#32
megaman.exe reference? 5/5
43084 | Honeybadger: "So july, you're in the GSL finals. How do you feel?!" ~ July: "HUNGRY."
Normal
Please log in or register to reply.
Live Events Refresh
Next event in 15m
[ Submit Event ]
Live Streams
Refresh
StarCraft: Brood War
BeSt 857
actioN 552
Hyuk 519
Zeus 276
Soma 143
Larva 111
Dewaltoss 100
ZerO 90
Light 88
Mind 86
[ Show more ]
Rush 74
Soulkey 44
Hm[arnc] 39
Sharp 36
ggaemo 28
soO 27
ToSsGirL 21
hero 19
Bale 15
Noble 15
Sacsri 10
sorry 9
ajuk12(nOOB) 9
HiyA 9
Dota 2
Gorgc2489
League of Legends
Doublelift3226
JimRising 566
Counter-Strike
olofmeister1403
Sick195
markeloff5
Super Smash Bros
Mew2King49
Other Games
Hui .147
RuFF_SC232
ZerO(Twitch)8
Organizations
Other Games
gamesdonequick9141
StarCraft: Brood War
UltimateBattle 34
StarCraft 2
Blizzard YouTube
StarCraft: Brood War
BSLTrovo
[ Show 12 non-featured ]
StarCraft 2
• AfreecaTV YouTube
• intothetv
• Kozan
• IndyKCrew
• LaughNgamezSOOP
• Migwel
• sooper7s
StarCraft: Brood War
• BSLYoutube
• STPLYoutube
• ZZZeroYoutube
Dota 2
• lizZardDota274
League of Legends
• Jankos3750
Upcoming Events
Replay Cast
15m
CranKy Ducklings0
CrankTV Team League
1h 15m
OSC
3h 15m
Big Brain Bouts
6h 15m
Replay Cast
14h 15m
RSL Revival
23h 15m
Serral vs Bunny
ByuN vs GgMaChine
CranKy Ducklings
1d
Afreeca Starleague
1d
Snow vs Jaedong
YSC vs hero
IPSL
1d 6h
Dragon vs Ret
RSL Revival
1d 23h
Solar vs Rogue
Maru vs NightMare
[ Show More ]
Sparkling Tuna Cup
2 days
IPSL
2 days
Bonyth vs Hawk
GSL
3 days
Replay Cast
3 days
WardiTV Weekly
4 days
The PondCast
5 days
Replay Cast
5 days
CrankTV Team League
6 days
Replay Cast
6 days
Liquipedia Results

Completed

CSL Season 21: Qualifier 2
HSC XXIX
Eternal Conflict S2 E1

Ongoing

IPSL Spring 2026
Acropolis #4
YSL S3
CSL 2026 Summer (S21)
Escore Tournament S3: W2
CranK Gathers Season 4: BW vs SC2 Team League
SCTL 2026 Spring
Heroes Pulsing #3
XSE Pro League 2026
IEM Cologne Major 2026
Stake Ranked Episode 2
CS Asia Championships 2026
Asian Champions League 2026
IEM Atlanta 2026
PGL Astana 2026
BLAST Rivals Spring 2026

Upcoming

ASL Season 22: Wild Card Qualifier
CSLAN 4
Blizzard Classic Cup 2026
SC4ALL II: StarCraft II
Kung Fu Cup 2026 Grand Finals
RSL Revival: Season 6
Light Tournament 2026
Eternal Conflict S2 Finale
Eternal Conflict S2 E3
Eternal Conflict S2 E2
Logitech G Connect 2026
StarSeries Fall 2026
FISSURE Playground #5
BLAST Open Fall 2026
Esports World Cup 2026
BLAST Bounty Summer 2026
BLAST Bounty Summer Qual
Stake Ranked Episode 3
TLPD

1. ByuN
2. TY
3. Dark
4. Solar
5. Stats
6. Nerchio
7. sOs
8. soO
9. INnoVation
10. Elazer
1. Rain
2. Flash
3. EffOrt
4. Last
5. Bisu
6. Soulkey
7. Mini
8. Sharp
Sidebar Settings...

Advertising | Privacy Policy | Terms Of Use | Contact Us

Original banner artwork: Jim Warren
The contents of this webpage are copyright © 2026 TLnet. All Rights Reserved.