Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Ran Windows Defender Offline, can't boot up computer. Help please!

23 Jan 2014   #31

Windows 7 Home Premium

Thanks, Slartybart!


Please run the ESET Online Scanner...

Since it is implemented as an ActiveX control, it is best run on Internet Explorer.
Right click the IE shortcut and select: Run as Administrator

Next, in IE, download >ESET Free Online Scanner :: Complete Malware Detection :: ESET

On the ESET website, click on: Run ESET Online Scanner
Click: Start

When asked, allow the add-on to be installed.
Again, click: Start

On the next prompt, Computer Scan Settings, do not check: Remove found threats

Next, click on: Advanced Settings
Make sure the following options are checked:
>Scan for potentially unwanted applications
>Scan for potentially unsafe applications
>Enable Anti-Stealth Technology

By Current Scan Targets, Operating memory, Local drives, press: Change
In Selection of scan targets, Local drives, select the drives in question.
Click: OK

Click: Start
Follow the prompts.

When the scan completes, if threats are found, in the Scan Results prompt, click on: List of threats found
Click on: Export to text file
Save to the Desktop and name it: ESET Scan Results
Click on: Back
Click on: Finish, and close the program.

If anything is found, please provide the ESET Scan Results in your reply to determine what further action is necessary.


My System SpecsSystem Spec
24 Jan 2014   #32

Windows 7 64 bit

Thanks for the further direction, cottonball. I only just saw this post and have to run out, but I'll run the scan this weekend and provide the scan results. Thank you again.
My System SpecsSystem Spec
27 Jan 2014   #33

Windows 7 64 bit

Yikes! Six threats found. Persistent little so-and-so's.

I have attached the scan report as requested.

Attached Files
File Type: txt ESET Scan Results.txt (618 Bytes, 3 views)
My System SpecsSystem Spec

27 Jan 2014   #34

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem

Ah, it's not that bad!
(1) in FRST quarantine - Ask toolbar
(2) in Dell Datasafe - both HiddenStart.A
(2) in TDSSKiller Quarantine - trojans
(1) in Downloads - another Ask toolbar

I don't know what Dell DataSafe is or hiddenStart.A is
The last one Ask toolbar get packaged with too many freeware apps.
>> if you run disk cleanup, it will be removed.
I'll wait for someone who knows about Dell DataSafe to add something.

I'd say your system looks fairly clean, but Cottonball has the final say.

That didn't hurt much, did it.
My System SpecsSystem Spec
27 Jan 2014   #35

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem

There some arguement on whether HiddenStart.A is part of Dell backup or not.
What's the use of HStart in Dell computers? - Productivity Software Forum - Software & Operating Systems - Dell Community

ESET picks up a some things it thinks might be a problem, but turn out to be false positives.

Again, Cottonball has the lead on this, I'm just adding comment on what I see in the log or found researching an unknown.

My System SpecsSystem Spec
27 Jan 2014   #36

Windows 7 64 bit

Thanks for the breakdown, Slartybart. Nah, didn't hurt too much. I just couldn't believe it that on the fourth or fifth pass it came up with 6 threats, so it's good to have a little perspective about what ESET actually came up with.
My System SpecsSystem Spec
27 Jan 2014   #37

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem

Glad it didn't hurt

Actually, I should clarify false positives. While still a true statement, ESET did find real threats in other scanner quarantines. I guess that's fair, ESET can't know if it's a real quantine of a nice place to hide. Knowing that you ran FRST and TDSSKiller makes it clear that the other scanners took care of the threats.

My System SpecsSystem Spec
27 Jan 2014   #38

Windows 7 Home Premium

1. C:\FRST\Quarantine\APNStub.exe a variant of Win32/Bundled.Toolbar.Ask application
2. C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application
3. C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application
4. C:\TDSSKiller_Quarantine\23.01.2014_10.51.18\tdlfs0000\tsk0002.dta Win64/Olmarik.AL trojan
5. C:\TDSSKiller_Quarantine\23.01.2014_10.51.18\tdlfs0000\tsk0003.dta a variant of Win32/Rootkit.Kryptik.NH trojan

6. C:\Users\POSTAL\Downloads\PFPortChecker.exe a variant of Win32/Bundled.Toolbar.Ask application
Entries 1, 4, and 5 are already contained. If 4 and 5 were still around, we would have something to worry about.

Entries 2 and 3, as you guys have found out, are Dell's.

Entry #6, Bundled.Toolbar.Ask application, unless you specifically installed it, you can use ADWCleaner to clean it up:

AdwCleaner (by Xplode) Download > AdwCleaner Download
Save to the Desktop.

Before running the program, please read the AdwCleaner Usage Instructions.
It alerts users of Antivir Webguard to the consequences of using this program.
Also, be aware the program resets search settings to the default Microsoft search, if changed by adware.

To proceed, right-click on AdwCleaner.exe and select: Run as Administrator

At the main window, press the [Scan] button.
The Scan function does not delete anything. It just lists elements.

Once AdwCleaner completes its scan, it shows a list of elements.
You can uncheck any item(s) you do not want to remove.

Next, click the [Clean] button.

A small window appears to inform that all programs will close.

AdwCleaner proceeds to delete all checked elements.

If a reboot is needed, a small window appears notifying of such. Please click: OK

When the AdwCleaner logfile appears, please provide it in your reply.

(The logfile is also saved in C:\AdwCleaner\AdwCleaner[R0].txt)

My System SpecsSystem Spec
27 Jan 2014   #39

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10

Now my 2 cents worth again I am wondering would a run with a bootable rescue disk be worth a try??

These are some and usually the Kaspersky is best IMHO.

5 Bootable AntiVirus Rescue CD for Windows: Free Download
My System SpecsSystem Spec
28 Jan 2014   #40

Windows 7 Home Premium


Thanks for the suggestion.

Quoting Kaspersky:

A Rescue Disk should be used in case of an infection that cannot be cured by means of antivirus software or disinfection utilities...running under operating system control.
bsever regained Operating System control, and there are several utilities that can get rid of the Bundled.Toolbar.Ask application...

...Not to worry. :)

My System SpecsSystem Spec

 Ran Windows Defender Offline, can't boot up computer. Help please!

Thread Tools

Similar help and support threads
Thread Forum
Computer won't boot after using Defender offline
Well, it seems this is a common problem. I'm mildly tech savvy, but this has me beat. Kid's college computer got Alureon, ran Defender Offline from a USB which appeared to work to remove the virus, but now it's in the start cycle of black and white Acer screen, a quick flash from a blue screen,...
System Security
Computer wont start after removing alureon virus with defender offline
I used windows defender offline to remove the Trojan alureon virus and now my computer will not start up. as it is attempting to start, blue screen will flash and the loop will start over.
System Security
Computer wont start after removing alureon virus with defender offline
From reading another thread, I found out that I needed to run frst64.exe. This seems to be a common problem but not a simple solution. I have no idea how to create the fixlist.txt file. frst.txt log attached I also searched for services.exe and search.txt log attached. I need to know how...
System Security
Boot Failure after Windows Defender Offline
Got the Alureon.a trojan/rootkit. Downloaded the Windows Defender Offline and ran it successfully, but now I can not get past the "Verifying DMI pool data....". I've read countless posts about doing F8 or F10 to go into Advanced Boot Options, but neither of those respond. So I can not change...
Hardware & Devices
Windows Defender Offline crashed computer
Microsoft Security Essentials said I needed to run Windows Defender Offline to remove a trojan. I made the disk and ran it and it said it removed the trojan and to restart the computer. Only problem is it only goes to the Windows Error Recovery Screen. It will not repair or start normally. I...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:46.
Twitter Facebook Google+