Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

polymorphic infections?


  • This topic is locked This topic is locked
7 replies to this topic

#1 serene2

serene2

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 03 June 2012 - 02:20 PM

Hi, I was told by LogMeInRescue support that my other laptop has polymorphic infections. I gave them temporary remote control so they could find out the status of my word processor. While they were looking around they found polymorphic infections. They offered to remove them for 300.00 but I can't afford that. They did finally drop the price to a one time removal for 50.00 but I still can't afford it. I was wondering if Combofix could find and remove them? If not, is there any other tool or would someone recommend a complete system reset to factory defaults, or would that even work? The computer is a Toshiba Satellite with Windows 7 OS. I wouldn't mind resetting it to factory default if that would work. I have nothing on it that I worry about losing. I bought it as a back-up and have only used it about 10 times. It was in a pawnshop for a couple of months and that's how I figure it picked up infections b/c I only used it to go to POGO internet game site and Tune-In online radio.
Any advice?
Thanks.

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:45 AM

Posted 03 June 2012 - 07:24 PM

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:45 PM

Posted 08 June 2012 - 10:27 AM

Hi,
I'm nasdaq

Please follow the instructions on the previous post.

Copy and post the results of you scan for my review.

#4 serene2

serene2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 12 June 2012 - 12:12 PM

Hi,
I downloaded the defogger but it never prompted me to reboot the computer. I then downloaded the DDS utility after disabling the script blocker in Avast but the black DDS window disappeared without writing a log in notepad. Is there something else that could be blocking it? I have Spywareblaster, Malwarebytes, Spybot and Windows Defender. The firewall I'm using is the one that comes with Windows 7.
Please let me know what to do next.
Thanks.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:45 PM

Posted 12 June 2012 - 12:51 PM

Step 1. Download TDSSKiller.exe <- go to step 2 if you still have the program
http://support.kaspersky.com/downloads/utils/tdsskiller.exe

Step 2. Place TDSSKiller.exe in Malwarebytes Chameleon folder.
C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

Step 3. Install the Chameleon driver by doing the following:
Press the Windows key + R and in the Run box, copy and paste the following command then press Enter.

"C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" /o <- include the quotes.

A black DOS prompt will appear with a prompt to press any key to continue, please do.

Step 4. Execute TDSSKiller.exe by doubleclicking on it.
On a Windows Vista or 7 Right click the .exe and run as an Administrator.
Press Start Scan
If Malicious objects are found, ensure Cure is selected (it should be by default)
Click Continue then click Reboot now
Once complete, a log will be produced at the root drive which is typically C:\
For example, C:\TDSSKiller.version_date_time_log.txt

Attach that log, please.

#6 serene2

serene2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 14 June 2012 - 04:51 PM

Step 1. Download TDSSKiller.exe <- go to step 2 if you still have the program
http://support.kaspersky.com/downloads/utils/tdsskiller.exe

Step 2. Place TDSSKiller.exe in Malwarebytes Chameleon folder.
C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

Step 3. Install the Chameleon driver by doing the following:
Press the Windows key + R and in the Run box, copy and paste the following command then press Enter.

"C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" /o <- include the quotes.

A black DOS prompt will appear with a prompt to press any key to continue, please do.

Step 4. Execute TDSSKiller.exe by doubleclicking on it.
On a Windows Vista or 7 Right click the .exe and run as an Administrator.
Press Start Scan
If Malicious objects are found, ensure Cure is selected (it should be by default)
Click Continue then click Reboot now
Once complete, a log will be produced at the root drive which is typically C:\
For example, C:\TDSSKiller.version_date_time_log.txt

Attach that log, please.


I don't know how to put the TDSSKiller in the Malwarebytes Chameleon folder. The download didn't give me the option to put it in a folder. I looked in the Malwarebytes program for the Chameleon thinking I might be able to drag it or snag it somehow but I couldn't even find anything labeled "Chameleon".

I'm sorry to be such a pain. I'm not familiar with Windows 7 and there seems to be some differences from Vista when it comes to saving downloads.

I wonder, does the team ever just take remote control to fix a problem if the person asking for help doesn't have enough skill to do what they need done?

In any case, I'll try to follow your instructions as best I can. Please let me know what to do next.

Thanks

#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:45 PM

Posted 15 June 2012 - 09:14 AM

I have changed my speech to include the path of the Chameleon folder.
If your system is a 64 bit you should be able to find it and run it.

Step 1. Download TDSSKiller.exe
http://support.kaspersky.com/downloads/utils/tdsskiller.exe

Step 2. Place TDSSKiller.exe in Malwarebytes Chameleon folder.
C:\Program Files\Malwarebytes' Anti-Malware\Chameleon
or on 64 bit system.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon

Step 3. Install the Chameleon driver by doing the following:
Press the Windows key + R and in the Run box, copy and paste the following command then press Enter.

"C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" /o <- include the quotes.
or on a 64 bit system.
C:\Program Files (x86)\\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" /o[/b]

A black DOS prompt will appear with a prompt to press any key to continue, please do.

Step 4. Execute TDSSKiller.exe by doubleclicking on it.
On a Windows Vista or 7 Right click the .exe and run as an Administrator.
Press Start Scan
If Malicious objects are found, ensure Cure is selected (it should be by default)
Click Continue then click Reboot now
Once complete, a log will be produced at the root drive which is typically C:\
For example, C:\TDSSKiller.version_date_time_log.txt

Attach that log, please.
===

I'm sorry to be such a pain. I'm not familiar with Windows 7 and there seems to be some differences from Vista when it comes to saving downloads.

The download location is managed by Internet Explorer or Firefox.

Open the help file in Internet Explorer and search for DOWNLOAD FOLDER.
You will find how IE is set to manage the downloads.


In firefox, Click the Tools menu > Options > General Tab.
Under the Download Section click the Save file to button
Click the Browse button and navigate the download folder of your choice.
You can select the same folder as Internet Explorer or create a new folder.

I have created on my computer a Download folder in my C:\ drive and named it Download
This is the folder I use to download all my files.

When you want to copy the downloaded file to an other folder Right Click on the File select Copy
Navigate to the folder of your choice and right click on the folder and select paste.
The file will be copied in that folder.

If all is well then you can delete the file from the Download folder.
===

I wonder, does the team ever just take remote control to fix a problem if the person asking for help doesn't have enough skill to do what they need done?

We are all helpers here and do this in our spare time. But the cost is free.

At any time you need help please ask. I'm here for that.

#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:45 PM

Posted 21 June 2012 - 08:26 AM

Are you still with me?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users