Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Ran Windows Defender Offline, can't boot up computer. Help please!

23 Jan 2014   #31
cottonball

Windows 7 Home Premium
 
 

Thanks, Slartybart!

bsever,

Please run the ESET Online Scanner...

Since it is implemented as an ActiveX control, it is best run on Internet Explorer.
Right click the IE shortcut and select: Run as Administrator

Next, in IE, download >ESET Free Online Scanner :: Complete Malware Detection :: ESET

On the ESET website, click on: Run ESET Online Scanner
Click: Start

When asked, allow the add-on to be installed.
Again, click: Start

On the next prompt, Computer Scan Settings, do not check: Remove found threats

Next, click on: Advanced Settings
Make sure the following options are checked:
>Scan for potentially unwanted applications
>Scan for potentially unsafe applications
>Enable Anti-Stealth Technology

By Current Scan Targets, Operating memory, Local drives, press: Change
In Selection of scan targets, Local drives, select the drives in question.
Click: OK

Click: Start
Follow the prompts.

When the scan completes, if threats are found, in the Scan Results prompt, click on: List of threats found
Click on: Export to text file
Save to the Desktop and name it: ESET Scan Results
Click on: Back
Click on: Finish, and close the program.

If anything is found, please provide the ESET Scan Results in your reply to determine what further action is necessary.


.


My System SpecsSystem Spec
.
24 Jan 2014   #32
bsever

Windows 7 64 bit
 
 

Thanks for the further direction, cottonball. I only just saw this post and have to run out, but I'll run the scan this weekend and provide the scan results. Thank you again.
My System SpecsSystem Spec
27 Jan 2014   #33
bsever

Windows 7 64 bit
 
 

Yikes! Six threats found. Persistent little so-and-so's.

I have attached the scan report as requested.


Attached Files
File Type: txt ESET Scan Results.txt (618 Bytes, 3 views)
My System SpecsSystem Spec
.

27 Jan 2014   #34
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Ah, it's not that bad!
(1) in FRST quarantine - Ask toolbar
(2) in Dell Datasafe - both HiddenStart.A
(2) in TDSSKiller Quarantine - trojans
(1) in Downloads - another Ask toolbar

I don't know what Dell DataSafe is or hiddenStart.A is
The last one Ask toolbar get packaged with too many freeware apps.
>> if you run disk cleanup, it will be removed.
I'll wait for someone who knows about Dell DataSafe to add something.

I'd say your system looks fairly clean, but Cottonball has the final say.

That didn't hurt much, did it.
My System SpecsSystem Spec
27 Jan 2014   #35
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

There some arguement on whether HiddenStart.A is part of Dell backup or not.
What's the use of HStart in Dell computers? - Productivity Software Forum - Software & Operating Systems - Dell Community

ESET picks up a some things it thinks might be a problem, but turn out to be false positives.

Again, Cottonball has the lead on this, I'm just adding comment on what I see in the log or found researching an unknown.

Bill
My System SpecsSystem Spec
27 Jan 2014   #36
bsever

Windows 7 64 bit
 
 

Thanks for the breakdown, Slartybart. Nah, didn't hurt too much. I just couldn't believe it that on the fourth or fifth pass it came up with 6 threats, so it's good to have a little perspective about what ESET actually came up with.
My System SpecsSystem Spec
27 Jan 2014   #37
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Glad it didn't hurt

Actually, I should clarify false positives. While still a true statement, ESET did find real threats in other scanner quarantines. I guess that's fair, ESET can't know if it's a real quantine of a nice place to hide. Knowing that you ran FRST and TDSSKiller makes it clear that the other scanners took care of the threats.

Bill
My System SpecsSystem Spec
27 Jan 2014   #38
cottonball

Windows 7 Home Premium
 
 

Quote:
1. C:\FRST\Quarantine\APNStub.exe a variant of Win32/Bundled.Toolbar.Ask application
2. C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application
3. C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application
4. C:\TDSSKiller_Quarantine\23.01.2014_10.51.18\tdlfs0000\tsk0002.dta Win64/Olmarik.AL trojan
5. C:\TDSSKiller_Quarantine\23.01.2014_10.51.18\tdlfs0000\tsk0003.dta a variant of Win32/Rootkit.Kryptik.NH trojan

6. C:\Users\POSTAL\Downloads\PFPortChecker.exe a variant of Win32/Bundled.Toolbar.Ask application
Entries 1, 4, and 5 are already contained. If 4 and 5 were still around, we would have something to worry about.

Entries 2 and 3, as you guys have found out, are Dell's.

Entry #6, Bundled.Toolbar.Ask application, unless you specifically installed it, you can use ADWCleaner to clean it up:

AdwCleaner (by Xplode) Download > AdwCleaner Download
Save to the Desktop.

Before running the program, please read the AdwCleaner Usage Instructions.
It alerts users of Antivir Webguard to the consequences of using this program.
Also, be aware the program resets search settings to the default Microsoft search, if changed by adware.

To proceed, right-click on AdwCleaner.exe and select: Run as Administrator

At the main window, press the [Scan] button.
The Scan function does not delete anything. It just lists elements.

Once AdwCleaner completes its scan, it shows a list of elements.
You can uncheck any item(s) you do not want to remove.

Next, click the [Clean] button.

A small window appears to inform that all programs will close.

AdwCleaner proceeds to delete all checked elements.

If a reboot is needed, a small window appears notifying of such. Please click: OK

When the AdwCleaner logfile appears, please provide it in your reply.

(The logfile is also saved in C:\AdwCleaner\AdwCleaner[R0].txt)



.
My System SpecsSystem Spec
27 Jan 2014   #39
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Now my 2 cents worth again I am wondering would a run with a bootable rescue disk be worth a try??

These are some and usually the Kaspersky is best IMHO.


5 Bootable AntiVirus Rescue CD for Windows: Free Download
My System SpecsSystem Spec
28 Jan 2014   #40
cottonball

Windows 7 Home Premium
 
 

ICit2lol,

Thanks for the suggestion.

Quoting Kaspersky:

Quote:
A Rescue Disk should be used in case of an infection that cannot be cured by means of antivirus software or disinfection utilities...running under operating system control.
bsever regained Operating System control, and there are several utilities that can get rid of the Bundled.Toolbar.Ask application...

...Not to worry.


.
My System SpecsSystem Spec
Reply

 Ran Windows Defender Offline, can't boot up computer. Help please!




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Computer wont start after removing alureon virus with defender offline
I used windows defender offline to remove the Trojan alureon virus and now my computer will not start up. as it is attempting to start, blue screen will flash and the loop will start over.
System Security
Computer won't boot after using Defender offline
Well, it seems this is a common problem. I'm mildly tech savvy, but this has me beat. Kid's college computer got Alureon, ran Defender Offline from a USB which appeared to work to remove the virus, but now it's in the start cycle of black and white Acer screen, a quick flash from a blue screen,...
System Security
Boot Failure after Windows Defender Offline
Got the Alureon.a trojan/rootkit. Downloaded the Windows Defender Offline and ran it successfully, but now I can not get past the "Verifying DMI pool data....". I've read countless posts about doing F8 or F10 to go into Advanced Boot Options, but neither of those respond. So I can not change...
Hardware & Devices
Windows Defender Offline crashed computer
Microsoft Security Essentials said I needed to run Windows Defender Offline to remove a trojan. I made the disk and ran it and it said it removed the trojan and to restart the computer. Only problem is it only goes to the Windows Error Recovery Screen. It will not repair or start normally. I...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 14:05.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App