Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Tool Infection


  • This topic is locked This topic is locked
2 replies to this topic

#1 Chareles

Chareles

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:42 PM

Posted 24 April 2011 - 09:23 PM

I have gotten "System Tool 2011" on my computer. I had Combo Fix as a program and as I now understand it was one of the first things infected. I have since removed the program and with Malware Bytes, Super Anti spyware, and StopZilla, and Avira Antivir Personal have cleaned up my computer. To a Point. When I try to download Combo Fix all hell breaks loose and I end up having to clean my computer again. I think "HIDEC.Exe.3B166DB3.pf" has something to do with this issue. Currently I am running a search for this rascal and I have found 11 items so for. To Google this up I make no sense of the foreign language translated about this item. I posed a question about it to Bleeping Computer.com with no results found. If anyone has a good idea about this , I could sure use your input to remove this bug from my computer.

cmstep
Please change my name from "Chareles" to "Charles"

BC AdBot (Login to Remove)

 


#2 Chareles

Chareles
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:42 PM

Posted 25 April 2011 - 05:30 PM

Hi, I am Charles. ~~~ I would like to reply to my post that I did find out what the "hidec.exe" is. There is a folder in my computer (Windows XP, Home Edition). The folder is located in "C:\Windows\Prefetch..." Within this folder are 50 to 75 files that are supposed to aide Windows in accessing different sites , etc. The "hidec.exe3B166DB3.pf" is one of the files that was an infection located in that folder. I think the term "pf" is what these files are called. I would like to clear this issue up but, I still have the issue with something hiding in my computer that goes wild when I try to download "ComboFix". I have to my knowledge cleaned my computer up with the afore mentioned anti-virus and malware cleaners. I also have "StopZilla" an "iS3 Anti-Spyware" scan tool that I question. In the last two weeks that I have tried to download "ComboFix" it is supposed to have captured 59,942 infections to date.

Thanks
cmstep
Please change my name from "Chareles" to "Charles"

#3 hamluis

hamluis

    Moderator


  • Moderator
  • 56,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:42 PM

Posted 05 May 2011 - 08:58 AM

Rec'd following PM content today:

To hamluis ~~~It has been several days since you were in touch with me and redirected my post
to its proper place. I am asking you to do so again. As yet I have not heard from the BC Staff and at this writing I don't think it a necessity. I have cleaned my computer by reading and printing some of the BC Tutorials using the "Rkill" downloads. My first action was to use "Slow computer/browser? Check here first..." My computer checked out o.k. I tried the "Rkill" download twice in run mode and "StopZilla" jumped up with a window saying they were infected with "AntiVirus.Net". I feel that I can say they were fake as I uninstalled the entire works of "StopZilla". In safe mode I downloaded and scanned with two different "Rkill's" and scanned with Malware Bytes without closing the scans. The "rkill logs" really told me nothing. MBAM did find one infection "Trojan.FakeAll...", was quarantined and removed. I restarted the computer and removed the two "Rkill" files and returned to safe mode. Downloaded and scanned with three different "Rkill's",and closed them. The logs still did not appear to tell me nothing. Still in safe mode I did a MBAM scan and low and behold it found to infections at the tale end of the scan. They were quarantined and removed. The infection was one infection but located in two files. The Infection "Heuristics.Reserved.Word.Exploit". The files were ~~~\Desktop\explorer.exe and ~~~\Desktop\useRiniT.exe. My first experience with "System Tool" involved it wanting to sell me a Heuristics program to clear my computer up. Moving on I restarted my computer and made an attempt to download "ComboFix.exe" and by George it worked. It scanned through the whole program and it told me about removing something with "StopZilla" and was gone before I could understand what it was. In looking at the log I did not see any mention of the 'StopZilla" bit. Just being able to download "Combo" and run the scann with its action was what I wanted to accomplish. I did just that with the help of the BC tutorials and I thank them for the information. I am a BC member from now on. And I want to thank you again for your help, Thanks again, ~~~cmstep.



Based on above, I am closing this topic.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users