W32 blaster Also

View previous topic View next topic Go down

W32 blaster Also

Post by otnot2000 on Fri 11 Nov 2011, 9:31 pm

My daughter's hp is also infected with this rougeware W32 blaster worm and I have went on and on with at&t about fixing , their connect tech fix is reformat after we try and get os and driver cd's from hp . is there any help or do we have to reformat as she has no way to access internet except through my putter.

otnot2000

Unborn
Unborn

Posts : 1
Joined : 2011-11-11
Operating System : XP Vista

View user profile

Back to top Go down

Re: W32 blaster Also

Post by Gabethebabe on Fri 11 Nov 2011, 10:05 pm

Hi there otnot2000 and welcome to GeekPolice!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
  • Whilst Im helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. Im here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end. If your computer starts running better, doesnt mean it is clean yet!

====================

We can probably solve your problems if you have a clean PC that you can use to download tools and a USB drive to transfer them to the infected PC.

if you have that, please follow these instructions:

Please download RKill by Grinler from Download Mirror #1 and save it to your desktop (of your infected PC).
Download Mirror #1 (rkill.exe)
Download Mirror #2 (rkill.scr)
Download Mirror #3 (rkill.com)
Download Mirror #4 (WiNlOgOn.exe)
Download Mirror #5 (uSeRiNiT.exe)
Download Mirror #6 (iExplore.exe)
Download Mirror #7 (eXplorer.exe)

  • Double click the RKill desktop icon (rightclick > Run as Administrator for Vista/WIN7).
  • A black screen will briefly flash indicating a successful run.
  • If this does not occur please delete that application and try using Mirror #2
  • Continue process until the tool runs.
  • Important: RKill only temporarily disables the malware. If you reboot the computer, it will be active again. So do not reboot until we kill the infection.

====================

Please download OTL by OldTimer from here and save it to your desktop.
  • Close all windows and double click OTL.exe.
  • The Extra Registry setting should be Use Safelist
  • Copy and paste the following text into the Custom Scans/Fixes box:

Code:
%APPDATA%\Microsoft\*.*
%systemroot%\system32\config\systemprofile\*.dat /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\winn32\*.*
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%PROGRAMFILES%\Mozilla Firefox\*.exe
%ProgramFiles%\TinyProxy.
%systemroot%\system32\*.* /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.* /lockedfiles
%PROGRAMFILES%\*.
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
netlogon.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
disk.sys
explorer.exe
userinit.exe
winlogon.exe
/md5stop
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
  • Click the Run Scan button and allow it to run.
  • It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  • You may need multiple posts to get it all.



Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: W32 blaster Also

Post by ashaw on Fri 06 Apr 2012, 1:17 pm

What should I do if none of the Rkill functions won't run after I tried to run them on the infected computer?


ashaw

Unborn
Unborn

Posts : 1
Joined : 2012-04-06
Operating System : windows 7

View user profile

Back to top Go down

Re: W32 blaster Also

Post by Gabethebabe on Sat 14 Apr 2012, 12:01 am

ashaw wrote:What should I do if none of the Rkill functions won't run after I tried to run them on the infected computer?

If you have a malware problem, please open a new thread and dont post in the thread of another case.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: W32 blaster Also

Post by Sponsored content Today at 12:51 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum