Solved W32 Blaster Worm

O

okeeffe1987

New member
Local time
10:38 PM
Messages
5
Hello,

My computer has caught this worm and is driving me crazy, it starts with the spyware protection software which tells me I have many viruses. Im aware its a scam but i cant seem to resolve the problem in safe mode using spybot & uniblue registry cleaner.

Please could someone help me,
Thank you
 

My Computer

OS
Windows 7 64 bit
First off, what is the name of this fake spyware protection software? There are various programs that target specific fake AV/Spyware programs available, in most instances.

Is there any chance you can roll back 2 or 3 points past the infection point?

Try d/l and running this:

Blaster Removal tool

W32.Blaster.Worm Removal Tool | Symantec

That's a start but depending on what you have, it'll probably require more in depth cleaning then that.

Other tools to consider running: MS Malicious software removal tool

http://www.microsoft.com/downloads/...495E-94E7-6349F4EFFC74&displaylang=en&pf=true

Norton Power Eraser

http://security.symantec.com/nbrt/npe.asp?lcid=1033

Malwarebytes

Malwarebytes

All these tools are free and if you cannot run them in regular mode, try running them in safe mode. You should do full system scans while disconnected from the internet as most malware tends to "call home for help" if it's trying to be deleted
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
I've downloaded blaster removal tool and ran it in safe mode but it couldnt find it, im using malwarebytes now and waiting for scan to end but I dont think it'll work.

The software comes up as defender spyware protection i think
 

My Computer

OS
Windows 7 64 bit
Malwarebytes' may be able to find and delete part of it. Post the .txt log when it's finished scanning.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Its found two problems which are

Rogue.Installer & Trojen.FakeAlert.Gen.

The saved log .txt is:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6287
Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385
06/04/2011 18:08:11
mbam-log-2011-04-06 (18-07-54).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 316000
Time elapsed: 21 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Spyware Protection (Trojan.FakeAlert.Gen) -> Value: Spyware Protection -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\LizzieO\AppData\LocalLow\Sun\Java\deployment\cache\6.0\32\7e5bde20-6c66ec05 (Rogue.Installer) -> No action taken.

Im goin to remove the problems now and see if that works
 

My Computer

OS
Windows 7 64 bit
Well it seems like that worked, alittle slower than I remember but that might just be me.

Thanks alot for your help :)
 

My Computer

OS
Windows 7 64 bit
Glad you got it sorted.

Your next step is to do a full system scan with an AV and with Malwarebytes just to be sure there are no traces left.

Many people in the forum run MSE.

Virus, Spyware & Malware Protection | Microsoft Security Essentials

Also, remember to update the malwarebytes definitions regularly (they release new ones daily) and scan on a regular basis.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
Did you go back into Malwarebytes' and
* Be sure that everything is checked, and click Remove Selected?
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Yes Jacee i scanned my computer 3 times after the removal and it seems to have cleared everything up!

Malwarebytes.org is the best site i have ever used. Thank you again this thread can be closed :)
 

My Computer

OS
Windows 7 64 bit
I had something like that, ended up giving it to my brother to sort out, and got myself a new laptop. After 6 months he has finally got around to sorting it out (he also fixes Amegias), so I am hoping to get that one back soon :).

Hope your rid of this evil worm!
 

My Computer

OS
Windows 7
Windows 7 - W32 Blaster Worm

I JUST got this worm on my laptop today and thank you for all the information you posted in this thread. I initially tried two other tools which were unsuccessful and then tried Malwarebytes-AntiMalware and that worked like a charm, plus I believe that it found some other things that I was unaware of. THANK YOU THANK YOU!!
 

My Computer

OS
Windows 7 32 and 64 bit

My Computer

Computer Manufacturer/Model Number
toshiba satellite c655 laptop
OS
win7 home x64
You must log in or register to reply here.
Back
Top