Infected by Trojan Blaster, need help

[dinows]

I bought a new computer and before I had a chance to call Comcast to put their virus program on, last night I picked up Trojan Blaster. It comes up on a program that you can log on to and download their software to fix it,at a price. I can run outlook express but can not get on the net. I tried safe mode but still cant get on the net. am running XP. Any help would be appreciated. I am obviously on a different computer

Thanks Dino

 

[johnb35]

Check your proxy settings. Open internet options in control panel and click on the connections tab, click on the lan settings button, make sure proxy server box is unchecked. This is what usually blocks you from using the internet. If you still can't use the internet after unchecking then do the following.

You will need to download this file to a usb flash drive and then run it on the infected computer.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.

• Download this file here :
  
  Combofix
  
  
• When the page loads click on the blue combofix download link next to the BleepingComputer Mirror.
• Save the file to your windows desktop. The combofix icon will look like this when it has downloaded to your desktop.
  
  
  
• We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:
  
  
• Close all open Windows including this one.
  
• Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found here.
  Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.
  
• Please click on I agree on the disclaimer window.
• ComboFix will now install itself on to your computer. When it is done, a blue screen will appear as shown below.
  
  
  
  
  
• ComboFix is now preparing to run. When it has finished ComboFix will automatically attempt to create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry as shown in the image below.
  
  
  
  
  
• Once the Windows Registry has finished being backed up, ComboFix will attempt to detect if you have the Windows Recovery Console installed. If you already have it installed, you can skip to this section and continue reading. Otherwise you will see the following message as shown below:
  
  
  
  
  
• At the above message box, please click on the Yes button in order for ComboFix to continue. Please follow the steps and instructions given by ComboFix in order to finish the installation of the Recovery Console.
  
• Please click on yes in the next window to continue scanning for malware.
  
• ComboFix will now disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
  
• ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
  
• While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan. An example of this can be seen below.
  
  
  
  
  
• When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
  
• This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
  
• When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically for you.
  
• Now you just click on the edit menu and click on select all, then click on the edit menu again and click on copy. Then come to the forum in your reply and right click on your mouse and click on paste.
  

In your next reply please post:

• The ComboFix log
• A fresh HiJackThis log
• An update on how your computer is running

 

[Binkstir]

I had the 2012 xp antivirus (virus).. I had webroot on my computer and it didn't help for some reason.
Might not work for everyone, but what I did was a system restore and that fixed it.
I went to, start, programs, accessories, system tools, then restored to a previous date. Of course, if you don't have any restore points set it won't help.
Good Luck,
lee

 

[dinows]

Well the combo fix didnt work, and I was finally able to run Norton from my ISP provider. It told me I had a problem with MRXSMB.sys and to reinstall windows. Windows would reinstall but when it got done you need to press f8 to finish and nothing happens. Tried installing it 5 times hitting escape got me out but f8 wouldnt work. I also get a message that I have a Blaster Worm. dont know if they are connected. Any ideas ? Thanks

 

[GaryCantley]

Are you re-installing or repairing your windows?

Sounds like you are repairing.

When installing/reinstalling, delete the partition that windows is on and then recreate it, you wont have any problems with virus activity (unless of course your installation disk has them).

 

[johnb35]

Agreed. And also don't access the internet without an active firewall installed. Windows firewall is sufficient.

 

[dinows]

Norton said to re-install, thats what i tried. I dont understand what "delete the partition that windows is on and then recreate it' means. can you help further ?

 

[dinows]

The instructions said to not hit the repair button

 

[GaryCantley]

Norton said to re-install, thats what i tried. I dont understand what "delete the partition that windows is on and then recreate it' means. can you help further ?

May I suggest you give your local PC guy a call? Sounds like you are out of your depth here and any future advice given may be interpreted wrongly.

 

[Pell]

Watch a video on youtube on how to reinstall windows xp then follow his every step and you should get it done, It is not hard. I am unsure if it will remove the virus but i think it will

 

[dinows]

I will watch the video, it cant hurt. Thank you. I normally will try to fix all my issues myself, thats the only way u learn, by doing !