W32/Blasterworm warning

Symantec has a removal tool for blaster.

W32.Blaster.Worm Removal Tool | Symantec

Probably most of the problems are being caused my McFubar (McAffee) itself. It would be a wise move to remove it & go with another AV. Many posts in here have shown nothing but trouble using McAffee.

Another option if you prefer, is to run Windows Defender Offline. This is a boot AV which will examine the entire PC & weed out any viruses. Be sure to make this on an clean, uninfected PC.

It would be a good idea to run both programs, as viruses tend to invite other viruses onto a PC & you may, at this point, have more then just blasterworm.

Windows Defender Offline

Teleclast,

Internet Security 2013 is a computer infection.

You may need to download the following to a clean USB pendrive, and the move them to the infected PC.

Also, on the infeted PC, you could try to download the programs in Safe Mode with Networking;

1. Restart the computer, and tap the F8 key while it is restarting.
2. After your computer displays the hardware information and runs the memory test, the Advanced Boot Options menu appears.
3. Use the arrow keys to select Safe Mode with Networking and press ENTER

Please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement:
Select the version with the x64.
Click the dark-blue button to download.
Save to the Desktop.

Close all windows and browsers.

Right-click and select: Run as Administrator

At the program console, wait for the prescan to finish. (Under Status, it says: Prescan finished.)

Press: SCAN

When done, a report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply.





Also download the Farbar Recovery Scan Tool
Select the 64-bit version.


Save it to your Desktop.

• Double-click the downloaded file to run it.
• When the tool opens click Yes to disclaimer.
• Press the Scan button.
• FRST64 makes a log (FRST.txt) in the same directory from which the tool is run (Desktop).

Please provide the FRST.txt in your reply. <<---


The first time the tool is run, it also makes another log: Addition.txt
Also post the Addition.txt in your reply. <<---

Teleclast,

The warning that Blaster is in the system is bogus, and part of the Internet Security 2013 fake notifications. There is nothing for Symantec to find.

Two steps follow. You may still need to download the following to a clean USB pendrive, and then move them to the infected PC, or, try to download the programs in Safe Mode with Networking.

Let's press on with RogueKiller...

•Please quit all programs
•Right-click the RogueKiller file and select 'Run as Administrator'
•Wait until the Prescan finishes
•Press: Scan
•Once the scan is done, press the [Delete] button.
Please post the new RKreport (Mode: Delete) in your reply.
(It is created on the Desktop.)



Follow with Malwarebytes' Anti-Malware:
http://www.malwarebytes.org/mbam-download-exe.php
Save to the Desktop.

MBAM may make changes to the Registry as part of its disinfection routine.
If using other security programs that detect Registry changes, they may interfere or alert you.
Temporarily disable such programs as shown, or permit them to allow the changes:
http://www.bleepingcomputer.com/forums/topic114351.html

Right-click the MBAM file, and select: Run as Administrator
When the installation begins, follow the prompts.

Make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Click: Finish

MBAM automatically starts and you are asked to update the program.
If an update is found, the program will automatically update itself.
Press the OK button to close that box and continue.

On the Scanner tab:
Make sure the Perform Full Scan option is selected.
Then click on the Scan button.

If asked to select the drives to scan, leave all the drives selected.
Click on the Start Scan button.

The scan may take some time to complete, so please be patient.

When the scan is finished, a message box shows The scan completed successfully. Click 'Show Results' to display all objects found
Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:
Click on the Show Results button to see a list of any malware found.
Make sure everything is checked, and click: Remove Selected

When removal is completed, a report opens in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab.

Please copy/paste the entire contents of the MBAM report in your reply.
Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you are asked to reboot the computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately.
Failure to reboot normally (not into safe mode) prevents MBAM from removing all the malware.

-->> When done, please give an update of how it is going.

Also, please press on with Downloading Farbar Service Scanner


Save to the Desktop.
Make sure the following options are checked:

• Internet Services
• Windows Firewall
• System Restore
• Security Center
• Windows Update
• Windows DefenderPress: Scan
• FSS creates a log, FSS.txt, on the Desktop.

Please provide the FSS.txt in your reply

When done with MBAM and FSS, please run RogueKiller once again, do a Scan, and post its new RKreport (Mode Scan).