Solved Win32/Blaster Worm Affected !!

[joe08]

Hi everyone..my system is Win 7 32 bit Ultimate edition..

A new virus? named Win32/BlasterWorm is affecti my laptop now since the past 3 days...
I am not able to open any Files or Flders nor open Ie nor firefox..i had avg home edition installed n y laptop but whenever i try it open it the win32/Blaster worm pops up again..

i am sorry that i cant put Screenshot of these viruses coz i am am even unable to do that too..

Please Do help me out Guys !!! thankyouu very much..

shld i go for a Format of my system or..?

 

[Golden]

Hi Joe,

Download, install, update and run the FREE version of Malwarebytes.

Post the log file here once the scan is completed.

Forget AVG, their reputation is not what it once was - uninstall it completely and replace it with Microsoft Security Essentials, once this other bit of malware has been removed.

Regards,
Golden

 

[joe08]

ok ..I will do it now..will let u know whts hapening.thnks a ton.

 

[Golden]

Joe,

If you are having problems running Malwarebytes when you boot your PC normally, then reboot it in SAFE MODE (hit F8 continuously during reboot) and then run Malwarebytes.

Post back here if you are having problems with that or you need more help.

Regards,
Golden

 

[Borg 386]

Symantec has a free removal tool for Blaster:

W32.Blaster.Worm Removal Tool | Symantec

This tool is designed to remove the infections of:

W32.Blaster.Worm
W32.Blaster.B.Worm
W32.Blaster.C.Worm
W32.Blaster.D.Worm
W32.Blaster.E.Worm
W32.Blaster.F.Worm

Important:
W32.Blaster.Worm exploits the DCOM RPC vulnerability. This is described in Microsoft Security Bulletin MS03-026, and a patch is available there. You must download and install the patch. In many cases, you will need to do this before continuing with the removal instructions. If you are not able to remove the infection or prevent re-infection using the following instructions, first download and install the patch.

 

[joe08]

hi GOLDEN Thankyou Once Again !!!
what I did --
Ran my System in Safe mode with networking..it gave the results and i clicked on "remove all the infections"..it then asked for a reboot and i did it..
( Downloaded Malwarebytes from my frds laptop, saved to a flash drive and then put my system in safe mod and ran the malware frm the flash drive)

Now the annoying pop windows dont appear !! i am now able to open all the files and folders !!! So happy !!!!

The only problem now is when i m tryi to connect to the internet with my friends wifi connection Firefox(version 5.0) it says " The Proxy server is Refusing Connections. Firefox is configured to use a proxy server that is refusing connections..
Internet explorer also tells " Internet Explorer cannot display the webpage..

 

[nitroman84]

Some malware tampers with the Hosts File. Take a look at this tutorial to see more info on that.

 

[joe08]

Hi NITROMAN
i read it but i am unable to fix up the internet coonection Still....nw bac n my my own home i get the SAME Message from Firefox & IE, when i m try to connect to my secure wifi connection here..:huh:

Shld I remove the Malwarebytes from my system..?

 

[Golden]

Hi,

Please copy & paste this information into a batch file and save as flush.bat on your desktop:

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Right-click on flush.bat and choose run as administrator. Try to connect to the internet after you have done this.

You should keep Malwarebytes on your system, and update and scan with that regularly.

Regards,
Golden

 

[nitroman84]

I agree with Golden on his post, those commands in a batch file should fix you up if it has been corrupted.

 

[joe08]

Hi Goldman..

I copied and pasted te command on the desktop as flush.bat file..

When i tried clicking on it as an administrator, a new window popped up but then suddenly it said that " windows is going to shut down in a minute "..

i tried to copy te details into a ms word format so that i cld mail u but before that it automatically got shut down..
nw i m try it again..

Again the same result : after 1 minute dispalyi te results when rightclicked as administrator a message pops up --windows going to shut down in a minute--and also the Bat File Disappears from the desktop too..

And for Firefox (version 5.0) still I get the same message that "Firefox is configured to use a proxy server that is refusing connections & The proxy server is refusing connections."
As for IE (ver 9) it says " Internet explorer cannot display the webpage" ..

:-(confused:

 

[theog]

Run this tool:
http://www.sevenforums.com/tutorials/166445-microsoft-standalone-system-sweeper.html?ltr=M

 

[joe08]

"No Operation can be perfomed on its local media connection when its media is disconnected" --Gets this message after clicking on the flash.bat file as an administrator..and finally within a short time windows get shut down....

trying for the 6 th time now..

 

[Golden]

Hi,

Its supposed to shut down after its run, so just run the bat file.

Regards,
Golden

 

[joe08]

Hi GOLDEN

yeah..

I am doing the same thing quite for a couple of times but STill whenver i am tryi to get connected to the internet both IE & Firefox gives te same message..

 

[joe08]

no replies.??

 

[theog]

Run this tool:
http://www.sevenforums.com/tutorials/166445-microsoft-standalone-system-sweeper.html?ltr=M

Have run this CD?

 

[Golden]

Joe,

I have asked Jacee or Corinne (our security experts) to have a look at this for you.

Regards,
Golden

 

[Mercurial]

Check your browser proxy settings and clear it all,

hmm what else? dns has been flushed ...

try to ping google.com if you can reach it,.

post back for the results

 

[joe08]

Joe,

I have asked Jacee or Corinne (our security experts) to have a look at this for you.

Regards,
Golden

Hi GOLDEN

thankyou very much..