Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Can't open IE or any malware removal programs...W32blaster.worm?

  • This topic is locked This topic is locked




  • Member
  • PipPip
  • 19 posts
My wifes laptop has been infected, no programs will open at all.
She was surfing a celebrity gossip site & suddenly a warning box poped up saying she is infected.
A fake malware removal came up which shows many viruses then tells her to purchase the program to remove.
A small ballon box pops up @ bottom stating TCrdMain.exe can not start is infected by W32/Blaster.worm.
Another warning bow pops up stating firewall warning hidden file transfer to remote host detected.
The laptop is a Toshiba windows vista, she uses firefox to surf.
Geekstogo has helped me in the past & I hope the results with this situation will be as wonderful as previously.
Thankyou in advance
  • 0




    Trusted Helper

  • Malware Removal
  • 2,949 posts
:unsure: . I'm Michael and I'm going to help you fix your computer :yes:

Note: Before we start the process you should:
  • POST your logs, don't attach them, as it makes it harder to read. Also please don't edit any log in any case
  • Disable ANY programs that offer real-time protection features while executing my instructions. That includes your antivirus, antispyware, windows defender or any other program that offers protection. When you're clean or waiting for my next set of instructions, re-enable them .If you need any help disabling them, ask.
  • Topics that are idle for 4 days after I post instructions will be closed, unless I'm notified of the delay.
  • Last, as most of the tools we use here need administrative rights in order to function properly, I expect that you will be running them from an administrator account.

I'd suggest you keep this computer disconnected from the Internet as far as possible, to prevent further re-infections.
If you are going to disconnect the computer from the internet, you can use another clean computer to transfer your programs to the infected one.

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

Also in Desktop there should be a file called MBR.dat after that, zip it and then attach it here :)


Posted Image OTL Custom Scan
  • Download OTL to your Desktop
  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
  • Select Scan all users
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scans/Fixes box copy and paste this in:

    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs

  • Click the Posted Image button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt in Notepad window.
  • Please copy (Edit->Select All, Edit->Copy) the content of this file and post it with your next reply.

  • 0




  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi Michael, thanks for the reply my daughters boyfriend resolved the issue w/ the laptop.
You can close this post, thanks again.
  • 0



    Trusted Helper

  • Malware Removal
  • 2,949 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP