GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

w32 blaster child-porn proxyserver worm

View previous topic View next topic Go down

w32 blaster child-porn proxyserver worm

Post by starwalker98 on Tue Feb 21, 2012 11:03 pm

HI guys, yes my sons pc has the w32 blaster child-porn proxyserver worm. he is running windows 7 and google chrome browser. it is a gaming pc with 8gb ram asus motherboard. this looks like a nasty one and any and all help would be greatly appreciated. he cant connect to the internet also

starwalker98
Novice
Novice

Status :
Online
Offline

Posts : 5
Joined : 2012-01-21
OS : vista
Points : 17807
# Likes : 0

View user profile

Back to top Go down

Re: w32 blaster child-porn proxyserver worm

Post by Gabethebabe on Wed Feb 22, 2012 7:40 am

Hi there starwalker98!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
  • Whilst Im helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. Im here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end. If your computer starts running better, doesnt mean it is clean yet!

====================

Hopefully you have access to a clean computer to download the tools we need and transfer them to the problem PC with a USB memory stick. If that is so, please proceed with the following:

Please download OTL by OldTimer from [You must be registered and logged in to see this link.] and save it to your desktop.
  • Close all windows and double click OTL.exe.
  • The Extra Registry setting should be Use Safelist
  • Copy and paste the following text into the Custom Scans/Fixes box:

Code:
%APPDATA%\Microsoft\*.*
%systemroot%\system32\config\systemprofile\*.dat /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\winn32\*.*
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%PROGRAMFILES%\Mozilla Firefox\*.exe
%ProgramFiles%\TinyProxy.
%systemroot%\system32\*.* /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.* /lockedfiles
%PROGRAMFILES%\*.
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
netlogon.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
disk.sys
explorer.exe
userinit.exe
winlogon.exe
/md5stop
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
  • Click the Run Scan button and allow it to run.
  • It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  • You may need multiple posts to get it all.

Gabethebabe
Top Dog
Top Dog

Status :
Online
Offline

Posts : 1568
Joined : 2010-03-07
Gender : Male
OS : Win7
Points : 38178
# Likes : 0

View user profile

Back to top Go down

Re: w32 blaster child-porn proxyserver worm

Post by starwalker98 on Wed Feb 22, 2012 9:21 am

thank you gabethebabe,
yes i have a clean pc. after i download oldtimer then click otl.exe. at which time in this process will i download this to the infected pc? thank you

starwalker98
Novice
Novice

Status :
Online
Offline

Posts : 5
Joined : 2012-01-21
OS : vista
Points : 17807
# Likes : 0

View user profile

Back to top Go down

Re: w32 blaster child-porn proxyserver worm

Post by Gabethebabe on Wed Feb 22, 2012 10:04 am

After you downloaded OTL.exe, move it with the USB stick and copy it to the desktop of the problem computer and run it. Copy the logs back to your USB drive, move them to the clean computer and post them here.

Might be a good idea to first immunize the USB drive that your are using before doing this, to make sure you dont infect your clean computer:

Please download Flash_Disinfector by sUBs from [You must be registered and logged in to see this link.] and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run the tool
  • When requested, insert the USB flash disk(s) you want to to immunize/disinfect
  • Hold down the Shift key when inserting the drive(s) until Windows detects the drive
  • Click OK to start the disinfection process
  • Repeat running Flash_Disinfector.exe for every flash drive you wish to immunize.
  • Reboot your computer when done.

Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that you choose to disinfect. Do not delete that folder!



Gabethebabe
Top Dog
Top Dog

Status :
Online
Offline

Posts : 1568
Joined : 2010-03-07
Gender : Male
OS : Win7
Points : 38178
# Likes : 0

View user profile

Back to top Go down

porn worm

Post by starwalker98 on Wed Feb 22, 2012 8:27 pm

Hi Gabe,
we decided to just reformat his pcas he said he has nothing on it, had i known that, i wouldnt have bothered you. thank you for your time, and sorry to bother you.

starwalker98
Novice
Novice

Status :
Online
Offline

Posts : 5
Joined : 2012-01-21
OS : vista
Points : 17807
# Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum