Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: W32/Blaster.worm please help

Jump to solution

This is an old thread.  Blaster worm should not be an issue in any machine that has current Microsoft updates as their monthly Malicious Software Removal Tool dealt with it ages ago, but I suppose variants could appear in the wild at any time.

Other remedies have been mentioned above.

If you are really concerned run Hijackthis and post its log on one of the following forums for expert advice.


Do not post Hijackthis logs here, we can't help you with those !

Post the logs at a specialist Forum:









Be sure to read all the sticky announcements/instructions at the top of each malware forum!


Message was edited by: Ex_Brit on 31/07/11 5:51:42 EDT PM
Level 11
Report Inappropriate Content
Message 12 of 15

Re: W32/Blaster.worm please help

Jump to solution

Peter is correct when saying “…I suppose variants could appear in the wild at any time.”

Ok, let's per share.

I guess the detection of W32/Blaster.worm has been made by your McAfee AV product, correct ? I’m asking it because there are myriad names for threats and each company, when they discover detection, gives a threat a name.  Often more than one company will "discover" the detection at about the same time, and a virus will get different names from different companies.  So what one company would detect something as may differ significantly from what another company will detect it as. 

You said you are using a McAfee Total Protection upgraded a month ago. Are your both Engine and DAT files up to date ? This is very important, as we have hundreds of new malware and malware variants daily. It is also extremely recommended that you have your system patched.

Regarding “Prefetch”, they are not directly executable files, and though they may be related to a virus or trojan file, they are not, on their own, malicious in nature. 

"Prefetch files are essentially a resource list. Any time a program is executed, Windows XP will attempt to find a pre-existing prefetch file, and if it's available, it will use it to make the application load up faster. The file will also be updated after it is accessed, so that the more an application is used, the bigger the drop in loading time (to a point). If the application doesn't already have an associated prefetch file, Windows XP will create one. Those files are stored in the \%windir%\prefetch directory."

Quote From

We recently detected a FakeAlert Trojan variant (FakeAlert-Rena) which also uses a filename “defender.exe” to infect its victims. You can read more about it .

Based on it, I would like to suggest you to run our standalone tool  - Stinger - available at

Our FakeAlert Stinger tool is available at

Hope this helps!


View solution in original post

Level 12
Report Inappropriate Content
Message 13 of 15

Re: W32/Blaster.worm please help

Jump to solution

Moving thread to top threats as this looks very much like a fake alert issue. Do let us know if the stinger works for you.



Level 12
Report Inappropriate Content
Message 14 of 15

Re: W32/Blaster.worm please help

Jump to solution

Locking this thread, if you need further assistance please start a new thread



Re: W32/Blaster.worm please help

Jump to solution

Unlocked to mark it as answered then locked again.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community