Help
This topic is locked
k. got the java update..
eset scanner found 2.
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
.
thoughts?
thankyou again for this help.. would be very lost without it.
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient. DO NOT RUN ComboFix unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Request for semi urgent help.
Back to top
#17
- Bleepin' gnawing at it!
-
- Group: Malware Response Team
- Posts: 1,794
- Joined: 14-September 10
- Gender:Male
- Location:Scotland
Posted 26 February 2012 - 07:03 AM
Hello Computer Attempter,
These are false positives. I'd like you to restore these files..
Use Method ll in how to Restore from ESET
=================================================================================
Good work - your computer is clean
Just a couple of housekeeping tasks now.
We need to delete ComboFix:
Please rename ComboFix.exe (right click ComboFix and select Rename) to Uninstall.exe and double click on it.
====================================================================================
Except for Malwarebytes, you can simply delete all other tools we used as they don't un-install.
Things to do to stay safe:
Happy and safe surfing!
Can you reply to say whether you have any more issues or not. If not we can close this topic.
Quote
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
Use Method ll in how to Restore from ESET
=================================================================================
Good work - your computer is clean
Just a couple of housekeeping tasks now.
We need to delete ComboFix:
Please rename ComboFix.exe (right click ComboFix and select Rename) to Uninstall.exe and double click on it.
====================================================================================
Except for Malwarebytes, you can simply delete all other tools we used as they don't un-install.
Things to do to stay safe:
- Make sure Windows Updates (including Internet Explorer) are current. Follow instructions here
- Run Malwarebytes "Quick scan" once in a week to assure safety of your computer.
- Download and install Secunia Personal Software Inspector (PSI): The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
- When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
- ReadHow did I get infected?, With steps so it does not happen again!
Happy and safe surfing!
Can you reply to say whether you have any more issues or not. If not we can close this topic.
regards, ratman
a proud member of:
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
If I have helped and you would like to show your appreciation you may
to the cause.
a proud member of:
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
If I have helped and you would like to show your appreciation you may
to the cause.
#18
- Member
-
- Group: Members
- Posts: 19
- Joined: 13-February 12
Posted 27 February 2012 - 01:43 AM
Epic, well done ratman. greatly appreciate the help.
#19
- Member
-
- Group: Members
- Posts: 19
- Joined: 13-February 12
Posted 27 February 2012 - 01:46 AM
aside the fact when i rename combofix to uninstall..
notice from internet security telling me this is a known trojan???
hopefully just the way combofix works...
notice from internet security telling me this is a known trojan???
hopefully just the way combofix works...
#20
- Bleepin' gnawing at it!
-
- Group: Malware Response Team
- Posts: 1,794
- Joined: 14-September 10
- Gender:Male
- Location:Scotland
Posted 27 February 2012 - 09:04 AM
You're welcome.
Yes, just carry on with uninstall.
Let me know if all is ok and I'll close this thread.
Yes, just carry on with uninstall.
Let me know if all is ok and I'll close this thread.
regards, ratman
a proud member of:
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
If I have helped and you would like to show your appreciation you may to the cause.
a proud member of:
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
If I have helped and you would like to show your appreciation you may
to the cause.
#21
- Member
-
- Group: Members
- Posts: 19
- Joined: 13-February 12
Posted 28 February 2012 - 12:07 AM
removed combmofix to AVG's vault..
gonna leave it there i think. otherwise everything is well..
thread close ok.
thankyou heaps
gonna leave it there i think. otherwise everything is well..
thread close ok.
thankyou heaps
#22
- Bleepin' gnawing at it!
-
- Group: Malware Response Team
- Posts: 1,794
- Joined: 14-September 10
- Gender:Male
- Location:Scotland
Posted 28 February 2012 - 06:37 AM
Hi,
Uninstalling ComboFix will implement some cleanup procedures as well as reset System Restore points:
Please try the following:
Can you tell me if this worked ok?
Uninstalling ComboFix will implement some cleanup procedures as well as reset System Restore points:
Please try the following:
- Press the Windows logo key+ R
- Copy/paste the following bolded text into the Run box and click OK
Can you tell me if this worked ok?
regards, ratman
a proud member of:
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
If I have helped and you would like to show your appreciation you may to the cause.
a proud member of:
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
If I have helped and you would like to show your appreciation you may
to the cause.
#23
- Member
-
- Group: Members
- Posts: 19
- Joined: 13-February 12
Posted 01 March 2012 - 06:51 AM
k. restored from vault, uninstalled. got the dialogue box 'combofix is uninstalled'
everything should be fine from now.
once again thanks for the assist.
everything should be fine from now.
once again thanks for the assist.
#24
- Bleepin' gnawing at it!
-
- Group: Malware Response Team
- Posts: 1,794
- Joined: 14-September 10
- Gender:Male
- Location:Scotland
Posted 01 March 2012 - 08:02 AM
You are welcome 
regards, ratman
a proud member of:
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
If I have helped and you would like to show your appreciation you may to the cause.
a proud member of:
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
If I have helped and you would like to show your appreciation you may
to the cause.
#25
- Bleepin' Blonde
-
- Group: Malware Study Hall Admin
- Posts: 39,026
- Joined: 05-October 07
- Gender:Female
- Location:Romania
Posted 01 March 2012 - 08:40 AM
It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
