[Essexboy]

OK I will use OTL to move it to quarantine

When the system reboots from this a notepad will popup, could you post that

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  

:Files
C:\Windows\System32\dropbox.exe

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

[Advertisements]

to add the chrome.exe do I just put it like this:

:Files
C:\Windows\System32\dropbox.exe
C:\Windows\System32\chrome.exe

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[Galtama]

to add the chrome.exe do I just put it like this:

:Files
C:\Windows\System32\dropbox.exe
C:\Windows\System32\chrome.exe

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[Essexboy]

Yes

[Galtama]

I'm sorry but I just noticed that when I click properties on the "chrome.exe" that appears it will open "properties of system32" and not "properties of chrome.exe" with the path of "system32/chrome.exe". I don't know if that changes anything...
I'm adding some images to clarify what I mean. They are numbered in "chronological" order. Also, "propriedades" means properties (=P).

Attached Thumbnails

• 
• 
• 

[Essexboy]

I only use IE so am not 100% sure about chrome

However, as you are running 64 bit windows a lot of programmes will use system32 as they are not true 64 bit

Are you still seeing a lot of traffic ?

[Galtama]

what do you mean by traffic? you mean RAM usage? In that case no, my RAM usage is normal now.

[Essexboy]

What problems do you currently have ?

[Galtama]

Sorry, I couldn't answer in the last few days, anyways, the problem I have only shows up when I start the computer. I can't use the internet for a few minutes and in the meanwhile a program runs in the background (usually with the name chrome.exe but sometimes with the name dropbox.exe). I hope this is what you asked me.

Sorry to be a bother.

[Essexboy]

Do you have a USB handy ?

Create an emergency repair USB drive:
Download Dr Web Live USB to your desktop

• Connect a USB flash drive to the computer. Registering the plugging in event takes no more than 10 seconds.
• Launch drwebliveusb.exe.
• The program will detect available USB-devices automatically and prompt you to choose the one you’d like to use as an emergency repair drive. You can format the device if you like (a warning will be displayed before you proceed with formatting). In order to read the License agreement, follow a corresponding link found in the program window (the page containing the license agreement text will be loaded in your default browser).
  
• To create a bootable USB flash drive, press the Create Dr.Web LiveUSB button.
• Files will be copied automatically.
• Once the copying process is completed, press the Exit button to close the application.
• Reboot the infected computer with the USB in the drive
• Ensure that the first boot device is USB - If you are not sure about that then see this page for instructions
• As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.
  
  
  
• Use arrow keys to select DrWeb-LiveCD (Default)
  
• When the system is loaded, check the disks or folders you want to scan, and click on ?Start?.
  
  
  
• The programme will now scan for and cure/delete any malware that it finds. Allow it to do so
• Once completed reboot to normal windows
• No log is produced so once in normal windows run a fresh OTL scan and let me know if the problems persist

[Essexboy]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.