Jump to content

infestted by w32/blaster and Windefender, Please help??

Recommended Posts

Hello i am new here, and i am in need of some help. I found this site because there was a post that described down to the letter what is going on with my computer so i will just copy and paste it for ease of description.

"My computer seems to be infected with the windefender virus. A dialog box suddenly appeared, saying windefender was downloaded, and asked me to press "finish" or "cancel". I pressed the "close"-button in the top right corner. The WinDefender Control Panel then opened up. Again, I pressed the close-button. Firefox then closed, and I got a message saying it could not start because it was infected with "W32/Blaster.worm". This message soon affected tons of other programs. I tried running Malwarebytes Anti-Malware, but the same message prevented me from running it. It also prevented me from running Hijack This, Task Manager(closes immediately) or system recovery. I am writing this on a different computer.

Any ideas...?

Also, there seems to be a new (fake, I think) anti-virus program installed called "Spyware Protection". "

one note here is that i am not able to open any internet applications to download anything, what should I do? i am on a different computer so should i try to dl somehting to a flash drive or what is the best course of action?

Thank you for the help in advance

Link to post
Share on other sites


I went ahead and booted in safe mode and was able to run a scan (just to see if it would even work in safe mode) and It actually caught 2 infections, I posted the log below. Once the scan was over I removed the infected files, and restarted in normal mode. Which this time I was able to use all my programs as usual. I updated my definitions database and ran another scan, and it came back and said my computer was clean and everything is working fine. Is my computer indeed fine, or is this problem a little harder to solve than that?

Malwarebytes' Anti-Malware 1.46


Database version: 5150

Windows 5.1.2600 Service Pack 3 (Safe Mode)

Internet Explorer 7.0.5730.11

12/19/2010 7:01:59 PM

mbam-log-2010-12-19 (19-01-59).txt

Scan type: Quick scan

Objects scanned: 186557

Time elapsed: 44 minute(s), 35 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spyware protection (Rogue.SecurityCentral) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Owner\Application Data\defender.exe (Rogue.SecurityCentral) -> Quarantined and deleted successfully.

Again I'm just wondering if this simple fix was enough or if there are further steps i need to take to ensure the security of my system. Thank you in advance.

Link to post
Share on other sites

  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.