Outlook express very slow sending emails

January 27, 2015 at 05:32:24
Specs: Windows XP, 1gb ram
My outlook express 6 seems healthy but email sending is way too slow. I took just too long to send emails, in my notebook, I experienced sending same emails in my netbook and it's pretty much faster, even when they are similar in hardware.

Tried all suggestions posted in this forum with no positive results.

Hosts file: didn't help
Compacting: didn't help


See More: Outlook express very slow sending emails

Report •


#1
January 27, 2015 at 06:09:52
Is XP fully updated? SP3, IE8, & all other updates & security fixes? Which anti-virus are you running? Have you run a full scan for viruses & malware?

Report •

#2
January 28, 2015 at 07:40:15
Yes it is, and no virus or malware. Notebook has a decent performance really. I'm running avast 2015 free, and scanning of outgoing emails disabled. I'm also running same antivirus in a netbook with xp, and emails go out like charm there...

Report •

#3
January 28, 2015 at 14:40:51
"I'm also running same antivirus in a netbook with xp, and emails go out like charm there..."
Compare the email settings.

Lets have a look at this side of things.

Run AdwCleaner
http://www.softpedia.com/get/Antivi...
http://www.raymond.cc/blog/adwclean...
http://www.bleepingcomputer.com/dow...
Author's site
http://general-changelog-team.fr/en...
Tutorial
http://general-changelog-team.fr/en...
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Clean.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please Copy & Paste the contents of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.


Report •

Related Solutions

#4
January 29, 2015 at 07:52:37
I download it and just doesnt run, in fact doesnt do anything at all on clicking or pressing enter on it.

But I downloaded RogueKiller, no infections.
Malware bytes alread installed, no infections

BTW settings are all the same in both pcs

message edited by silverbytes


Report •

#5
January 29, 2015 at 12:41:31
"I download it and just doesnt run, in fact doesnt do anything at all on clicking or pressing enter on it"
Not a good sign.

Run Junkware Removal Tool
http://www.softpedia.com/get/Securi...
http://www.bleepingcomputer.com/dow...
http://thisisudax.blogspot.com.au/2...
Download Junkware Removal Tool onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
Warning! Once the scan is complete JRT will shut down your browser with NO warning.
Shut down your protection software now to avoid potential conflicts.
Temporarily disable your antivirus and any antispyware real time protection before performing a scan.
Click this link to see a list of security programs that should be disabled and how to disable them.
http://www.bleepingcomputer.com/for...
http://www.techsupportforum.com/for...
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7/8, right-click JRT and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved onto your Desktop and will automatically open.
Copy and Paste the contents of the JRT.txt log please.


Report •

#6
January 30, 2015 at 14:18:39
JRT didnt run either.
Ran rkill, then tried JRT, and didnt run either.
But ran malwarebytes antirootkit, found nothing.

If useful,

rkill log is this one:

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/for...

Program started at: 01/30/2015 07:08:48 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* Your %Temp% folder is set to C:\Windows\Temp, which can be dangerous. Skipping termination for this folder.
* C:\WINDOWS\system32\acs.exe (PID: 576) [WD-HEUR]
* C:\WINDOWS\system32\msdtc.exe (PID: 4896) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Reparse Point/Junctions Found (Most likely legitimate)!

* C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
* C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

* Automatic Updates (wuauserv) is not Running.
Startup Type set to: Manual

* Alerter [Missing ImagePath]

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\comres.dll : 847.360 : 04/14/2008 07:48 AM : bc40a2de9fb2c8a551a240f2359c8f30 [NoSig]
+-> C:\WINDOWS\ServicePackFiles\i386\comres.dll : 847.360 : 04/14/2008 07:48 AM : bc40a2de9fb2c8a551a240f2359c8f30 [Pos Repl]
+-> C:\WINDOWS\XPize Darkside\Backup\comres.dll : 837.120 : 04/14/2008 07:48 AM : 93f4e612c695e81512110956454e6e25 [Pos Repl]

* C:\WINDOWS\System32\mspmsnsv.dll : 27.136 : 05/11/2008 03:28 PM : c51b4a5c05a5475708e3c81c7765b71d [NoSig]

* C:\WINDOWS\System32\setupapi.dll : 1.436.672 : 04/14/2008 07:48 AM : b31e39edf8b9926ff013bb85c1ddbad2 [NoSig]
+-> C:\WINDOWS\ServicePackFiles\i386\setupapi.dll : 1.436.672 : 04/14/2008 07:48 AM : b31e39edf8b9926ff013bb85c1ddbad2 [Pos Repl]
+-> C:\WINDOWS\XPize Darkside\Backup\setupapi.dll : 1.000.960 : 04/14/2008 07:48 AM : 7fbd75db6aeb0768c41299da7034c249 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/30/2015 07:10:01 PM
Execution time: 0 hours(s), 1 minute(s), and 12 seconds(s)


Report •

#7
January 30, 2015 at 15:14:05
Keep Rkill active & run Roguekiller.

Rkill does not delete files - it merely helps to temporarily disable the infections, allowing us to start the cleansing process.
Do NOT reboot your machine. Each time you reboot, Rkill is disabled and you would have to run it again in order for it to be effective.

Run RogueKiller
http://www.softpedia.com/get/Securi...
http://majorgeeks.com/RogueKiller_d...
http://www.geekstogo.com/forum/file...
http://tigzy.geekstogo.com/roguekil...
http://www.sur-la-toile.com/RogueKi...
User Guide
http://www.adlice.com/softwares/rog...
Official tutorial
http://www.adlice.com/softwares/rog...
How to Temporarily Disable your Anti-virus
http://www.bleepingcomputer.com/for...
http://www.techsupportforum.com/for...
If RogueKiller won't run, open IE & turn off SmartScreen Filter.
http://windows.microsoft.com/en-AU/...
Download & SAVE to your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
Quit all programs that you may have started.
Shutdown your antivirus to avoid any conflicts.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7/8, right-click and select "Run as Administrator to start"

For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
Click on "Delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and Copy & Paste the content of the Notepad into your next reply.
The log should be found in RKreport[1].txt on your Desktop.
Exit/Close RogueKiller.
When completed make sure to re-enable your antivirus.


Report •

#8
January 30, 2015 at 16:24:07
Rogue found nothing, I'm clean I guess, 3 oranges in antirootkit, guess all good this far. The gbiehcef are legit

RogueKiller V10.2.0.0 [Jan 19 2015] by Adlice Software
correo : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Sitio web : http://www.adlice.com/softwares/rog...
Blog : http://www.adlice.com

Sistema Operativo : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Iniciado en : Modo Normal
Usuario : Administrador [Administrador]
Modo : Escanear -- Fecha : 01/30/2015 21:12:39

¤¤¤ Procesos : 0 ¤¤¤

¤¤¤ Registro : 0 ¤¤¤

¤¤¤ Tareas : 0 ¤¤¤

¤¤¤ Archivos : 0 ¤¤¤

¤¤¤ Archivo de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 3 (Driver: Cargado) ¤¤¤
[Filter(Kernel.Filter)] \Driver\Disk @ Unknown : \Driver\DozeHDD @ \Device\DozeHDD0 (DozeHDD.sys)
[IAT:Inl(Hook.IEAT)] (explorer.exe) RPCRT4.dll - IUnknown_QueryInterface_Proxy : C:\Archivos de programa\GbPlugin\gbiehcef.dll @ 0x1d59d01 (jmp dword near [0x7189001e]|jmp 0x6|jmp 0xffffffff904b9ccb)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ole32.dll - CoUnmarshalInterface : C:\Archivos de programa\GbPlugin\gbiehcef.dll @ 0x1d5c166 (jmp dword near [0x718c001e]|jmp 0x6|jmp 0xffffffff9048c130)

¤¤¤ Navegadores Web : 0 ¤¤¤

¤¤¤ Chequeo MBR : ¤¤¤
+++++ PhysicalDrive0: ST9160314AS +++++
--- User ---
[MBR] c9c6a0e1162579b4be65ceec3fe30ada
[BSP] 3c15d9d59edc009f4ecb74994add6e23 : Lenovo MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 152624 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK


Report •

#9
January 30, 2015 at 16:28:27
If it is alright with you, I would like to eliminate any possibility of malware as a first step. Something wierd is going on & as it is malwares job to stop things working, I have to look in all it's hiding places & then if found, uncover it layer by layer.

Best you print or write the instructions & check the steps off as you do them.

Download ComboFix onto your Desktop & then run. If your default download location is not the Desktop, drag it out of it's location onto the Desktop. Copy & Paste the contents of the log in your next post please. ComboFix's log should be located at C:\COMBOFIX.TXT.
http://www.bleepingcomputer.com/dow...
http://download.bleepingcomputer.co...
http://www.forospyware.com/sUBs/Com...
A guide and tutorial on using ComboFix
http://www.bleepingcomputer.com/com...
http://www.winhelp.us/index.php/gen...
Manually restoring the Internet connection
http://www.bleepingcomputer.com/com...
There are circumstances ComboFix will hang, crash or stall at various stages due to malware interference, failure to disable other real-time protection tools or the presence of CD Emulators (Daemon Tools, Alchohol 120%, Astroburn, AnyDVD) so that it does not complete successfully. Also, depending on how badly a system is infected, ComboFix may take longer to complete its routine than it normally does or fail to run properly. While that is not normal behavior, it is not unusual"
If you think it's frozen, look at the computer clock.
If it's running, Combofix is still working.
NOTE: Do not mouseclick combofix's window while it is running. That may cause it to stall.
NOTE: ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
**Please Note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
Allow ComboFix to download the Recovery Console.
Accept the End-User License Agreement.
The Recovery Console will be installed.
You will then get this next prompt that asks if you want to continue the malware scan, select yes.
If after running Combofix you discover none of your programs will open up, and you recieve the following error: "Illegal operation attempted on a registry key that has been marked for deletion". Then the answer is to REBOOT the machine, and all will be corrected.
Can't Install an Antivirus - Windows Security Center still detects previous AV
http://www.experts-exchange.com/Vir...
We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:
* Close all open Windows including this one.
* Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found in this topic.
http://www.bleepingcomputer.com/for...
http://www.techsupportforum.com/for...
Once these two steps have been completed, double-click on the ComboFix icon found on your Desktop.
Please Note: Once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.


Report •

#10
February 2, 2015 at 14:38:44
ComboFix 14-11-17.01 - Administrador 02/02/2015 19:14:12.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.54.3082.18.2014.1231 [GMT -3:00]
Running from: c:\documents and settings\Administrador\Escritorio\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
[i] ADS - drivers: deleted 212 bytes in 1 streams. [/i]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\archivos de programa\mbar-1.08.3.1004.exe
c:\documents and settings\All Users\Datos de programa\TEMP
c:\windows\system32\ctfmon_old.exe
.
.
((((((((((((((((((((((((( Files Created from 2015-01-02 to 2015-02-02 )))))))))))))))))))))))))))))))
.
.
2015-02-02 21:20 . 2015-02-02 21:20 -------- d-----w- c:\windows\SHELLNEW
2015-02-02 21:20 . 2015-02-02 21:20 -------- d-----w- c:\archivos de programa\Microsoft Analysis Services
2015-02-02 21:15 . 2012-06-02 18:18 275696 ----a-w- c:\windows\system32\mucltui.dll
2015-02-02 21:15 . 2012-06-02 18:18 214256 ----a-w- c:\windows\system32\muweb.dll
2015-02-02 21:15 . 2015-02-02 21:15 -------- d-----w- c:\windows\LastGood.Tmp
2015-02-02 21:04 . 2015-02-02 21:04 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2015-02-02 20:56 . 2015-02-02 20:56 -------- d-----w- c:\archivos de programa\Microsoft Synchronization Services
2015-02-02 20:56 . 2015-02-02 20:56 -------- d-----w- c:\documents and settings\All Users\Microsoft
2015-02-02 20:56 . 2015-02-02 20:56 -------- d-----w- c:\archivos de programa\Microsoft SQL Server Compact Edition
2015-02-02 20:51 . 2015-02-02 20:51 -------- d-----w- c:\documents and settings\Administrador\Configuración local\Datos de programa\Microsoft Help
2015-02-02 20:50 . 2015-02-02 21:22 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Microsoft Help
2015-02-02 20:49 . 2015-02-02 20:49 -------- d-----r- C:\MSOCache
2015-01-30 23:30 . 2015-01-30 23:30 15431256 ----a-w- c:\archivos de programa\RogueKiller.exe
2015-01-30 21:25 . 2015-01-30 21:25 1943800 ----a-w- c:\archivos de programa\rkill.exe
2015-01-29 15:45 . 2015-01-30 23:35 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-01-29 15:45 . 2015-01-29 15:45 -------- d-----w- c:\documents and settings\All Users\Datos de programa\RogueKiller
2015-01-28 16:26 . 2015-01-28 16:26 -------- d-----w- c:\documents and settings\All Users\Datos de programa\F-Secure
2015-01-16 19:28 . 2015-01-16 19:30 -------- d-----w- C:\log
2015-01-16 19:28 . 2015-01-29 12:56 -------- d-----w- C:\Scid vs PC-4.13
2015-01-15 17:15 . 2015-01-15 17:16 -------- d-----w- c:\archivos de programa\Engines
2015-01-05 20:13 . 2015-02-02 20:36 -------- d-----w- C:\sync linux
2015-01-04 22:52 . 2015-01-04 22:52 -------- d-----w- c:\archivos de programa\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-30 22:15 . 2014-09-23 18:49 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-30 22:14 . 2014-09-23 18:49 108632 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-26 12:11 . 2014-09-18 15:29 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-26 12:11 . 2014-09-18 15:29 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-11 17:19 . 2014-09-03 17:49 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-11 17:19 . 2014-09-03 17:49 146432 ----a-w- c:\windows\system32\javacpl.cpl
2014-11-21 23:05 . 2013-09-16 18:57 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-21 23:05 . 2013-09-16 18:57 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-21 23:05 . 2013-09-16 18:57 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-11-21 23:05 . 2013-09-16 18:57 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-21 23:05 . 2014-05-29 01:15 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-21 23:05 . 2013-09-16 18:57 55240 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-11-21 23:05 . 2013-09-16 18:57 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-21 23:05 . 2013-09-16 18:57 70384 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-11-21 23:05 . 2014-11-21 23:05 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-21 23:05 . 2014-11-21 23:05 43152 ----a-w- c:\windows\avastSS.scr
2014-11-21 09:14 . 2014-09-23 18:49 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-30 19:55 . 2014-09-30 19:55 388608 ----a-w- c:\archivos de programa\HijackThis.exe
2011-11-29 17:22 . 2013-09-16 21:14 1920512 ----a-w- c:\archivos de programa\jpegger.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 10:48 . BC40A2DE9FB2C8A551A240F2359C8F30 . 847360 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 10:48 . BC40A2DE9FB2C8A551A240F2359C8F30 . 847360 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[7] 2008-04-14 10:48 . 93F4E612C695E81512110956454E6E25 . 837120 . . [2001.12.4414.700] . . c:\windows\XPize Darkside\Backup\comres.dll
.
[-] 2008-04-14 . C8F12B2102B5A9F9AB87E23C6EDFA021 . 429056 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . C8F12B2102B5A9F9AB87E23C6EDFA021 . 429056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[7] 2008-04-14 . F4B9F9AA2F72FAD20D09C3E3FF2BE224 . 152064 . . [5.1.2600.5512] . . c:\windows\XPize Darkside\Backup\regedit.exe
.
[-] 2008-05-11 18:28 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-21 23:04 723976 ----a-w- c:\archivos de programa\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 13:34 579400 ----a-w- c:\archivos de programa\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 13:34 579400 ----a-w- c:\archivos de programa\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 13:34 579400 ----a-w- c:\archivos de programa\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 13:34 579400 ----a-w- c:\archivos de programa\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 13:34 579400 ----a-w- c:\archivos de programa\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"com.codeode.cactusspamfilter"="c:\archivos de programa\Cactus Spam Filter 3.01\cactusspamfilter.exe" [2010-09-08 1059840]
"Breevy"="c:\archivos de programa\Breevy\Breevy.exe" [2014-10-10 1076184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\archivos de programa\Synaptics\SynTP\SynTPLpr.exe" [2003-06-24 126976]
"SynTPEnh"="c:\archivos de programa\Synaptics\SynTP\SynTPEnh.exe" [2003-06-24 561152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-14 13549568]
"cssauth"="c:\archivos de programa\Lenovo\Client Security Solution\cssauth.exe" [2007-08-03 2630968]
"ClipX"="c:\archivos de programa\ClipX\clipx.exe" [2005-11-30 68608]
"AvastUI.exe"="c:\archivos de programa\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
"IntelZeroConfig"="c:\archivos de programa\Intel\WiFi\bin\ZCfgSvc.exe" [2010-10-19 1400832]
"IntelWireless"="c:\archivos de programa\Archivos comunes\Intel\WirelessCommon\iFrmewrk.exe" [2010-10-19 1206544]
"SoundMAXPnP"="c:\archivos de programa\Analog Devices\Core\smax4pnp.exe" [2007-12-19 1044480]
"BCSSync"="c:\archivos de programa\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMMyPictures"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):58,50,69,7a,65,5f,4c,6f,67,6f,6e,2e,65,78,65,00
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2014-08-12 18:20 1736008 ----a-w- c:\archivos de programa\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2012-09-27 12:27 100712 ----a-w- c:\archivos de programa\ThinkVantage Fingerprint Software\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\archivos de programa\ThinkVantage Fingerprint Software\psqlpwd.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Digital Line Detect.lnk.disabled]
path=c:\documents and settings\All Users\Menú Inicio\Programas\Inicio\Digital Line Detect.lnk.disabled
backup=c:\windows\pss\Digital Line Detect.lnk.disabledCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AwaySch]
2006-11-07 22:51 91688 ----a-w- c:\archivos de programa\Lenovo\AwayTask\AwaySch.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GUDelayStartup]
2014-09-29 06:53 37152 ----a-w- c:\archivos de programa\Glary Utilities 5\StartupManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRMGRTR]
2013-01-11 08:20 3713832 ------w- c:\archiv~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2014-01-17 19:24 421888 ----a-w- c:\archivos de programa\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-10-07 18:39 507776 ----a-w- c:\archivos de programa\Archivos comunes\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SDWSCService"=2 (0x2)
"SDUpdateService"=2 (0x2)
"SDScannerService"=2 (0x2)
"NovaPdfServer"=2 (0x2)
"SkypeUpdate"=3 (0x3)
"JavaQuickStarterService"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=3 (0x3)
"Cisvc"=3 (0x3)
"TVT Scheduler"=2 (0x2)
"McAfee SiteAdvisor Service"=2 (0x2)
"0041461416511828mcinstcleanup"=2 (0x2)
"wuauserv"=2 (0x2)
"SUService"=2 (0x2)
"btwdins"=2 (0x2)
"mnmsrvc"=2 (0x2)
"MozillaMaintenance"=3 (0x3)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SUPERAntiSpyware"=c:\archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe
"Advanced SystemCare Ultimate"="c:\archivos de programa\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
"CyberGhost"="c:\archivos de programa\CyberGhost 5\CyberGhost.EXE" /autostart /min
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Ad-Aware Browsing Protection"="c:\documents and settings\All Users\Datos de programa\Ad-Aware Browsing Protection\adawarebp.exe"
"SDTray"="c:\archivos de programa\Spybot - Search & Destroy 2\SDTray.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /installquiet /keeploaded /nodetect
"APSDaemon"="c:\archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="c:\archivos de programa\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\archivos de programa\Archivos comunes\Java\Java Update\jusched.exe"
"TVT Scheduler Proxy"=c:\archivos de programa\Archivos comunes\Lenovo\Scheduler\scheduler_proxy.exe
"LPManager"=c:\archiv~1\THINKV~2\PrdCtr\LPMGR.exe
"LPMailChecker"=c:\archiv~1\THINKV~2\PrdCtr\LPMLCHK.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Archivos de programa\\XtenNetworksInc\\eyeBeam\\eyeBeam.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Archivos de programa\\Skype\\Phone\\Skype.exe"=
"c:\\Archivos de programa\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe"=
"c:\\Archivos de programa\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Archivos de programa\\Mozilla Firefox\\firefox.exe"=
"c:\\Archivos de programa\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 0 (0x0)
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [16/09/2013 03:57 p.m. 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [16/09/2013 03:57 p.m. 206248]
R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [04/07/2014 08:09 p.m. 24264]
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [16/09/2014 03:17 p.m. 47192]
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [16/09/2013 03:23 p.m. 13560]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/09/2013 05:29 p.m. 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [16/09/2013 03:57 p.m. 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [16/09/2013 03:57 p.m. 423784]
R1 GUBootStartup;GUBootStartup;c:\windows\system32\drivers\GUBootStartup.sys [07/10/2014 03:45 p.m. 17472]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [04/07/2014 08:08 p.m. 13680]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [09/05/2008 05:50 a.m. 46144]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [28/05/2014 10:15 p.m. 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [16/09/2013 03:57 p.m. 70384]
R2 DozeSvc;Lenovo Doze Mode Service;c:\archivos de programa\ThinkPad\Utilities\DOZESVC.EXE [04/07/2014 08:09 p.m. 280640]
R2 GbpSv;Gbp Service;c:\archiv~1\GbPlugin\GbpSv.exe [16/09/2014 03:16 p.m. 546104]
R2 PwmEWSvc;Cisco EnergyWise Enabler;c:\archivos de programa\ThinkPad\Utilities\PWMEWSVC.exe [04/07/2014 08:09 p.m. 1663272]
R2 smihlp;SMI Helper Driver (smihlp);c:\archivos de programa\ThinkVantage Fingerprint Software\smihlp.sys [30/05/2011 01:21 p.m. 11976]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\archivos de programa\Lenovo\Rescue and Recovery\rrpservice.exe [14/05/2008 04:25 p.m. 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\archivos de programa\Lenovo\Rescue and Recovery\UpdateMonitor.exe [09/05/2008 05:50 a.m. 253952]
R3 LenovoRd;LenovoRd;c:\windows\system32\drivers\LenovoRd.sys [04/07/2014 06:38 p.m. 81280]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\drivers\gbpndisrdn.sys [16/09/2014 03:19 p.m. 31448]
R3 NETwLx32; Controlador del adaptador Intel(R) Wireless WiFi Link para Windows XP de 32 bits;c:\windows\system32\drivers\NETwLx32.sys [16/09/2013 08:48 a.m. 6609920]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22/05/2007 03:59 p.m. 37312]
S0 PRSBDRVR;Nemesis Link;\SystemRoot\\SystemRoot\system32\drivers\PRSBDRVR.SYS --> \SystemRoot\\SystemRoot\system32\drivers\PRSBDRVR.SYS [?]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys --> c:\windows\system32\drivers\SBREDrv.sys [?]
S3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\drivers\aswTap.sys [25/12/2013 05:02 p.m. 35272]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [26/11/2013 08:37 p.m. 100736]
S3 Nbdrv;NetBalancer Service;c:\windows\system32\DRIVERS\nbdrv.sys --> c:\windows\system32\DRIVERS\nbdrv.sys [?]
S3 Ndisrd;GAS Tecnologia Service;c:\windows\system32\drivers\gbpndisrdn.sys [16/09/2014 03:19 p.m. 31448]
S4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\archiv~1\mcafee\SITEAD~1\mcsacore.exe [16/09/2013 04:38 p.m. 133696]
S4 NovaPdfServer;novaPDF Server;c:\archivos de programa\Softland\novaPDF 8\Server\novapdfs.exe [01/08/2014 11:38 a.m. 204576]
S4 SkypeUpdate;Skype Updater;c:\archivos de programa\Skype\Updater\Updater.exe [03/04/2014 08:21 p.m. 315008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 16:40 1087816 ----a-w- c:\archivos de programa\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-02-02 c:\windows\Tasks\avast! Emergency Update.job
- c:\archivos de programa\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-21 23:04]
.
2015-02-02 c:\windows\Tasks\GlaryInitialize 5.job
- c:\archivos de programa\Glary Utilities 5\Initialize.exe [2014-09-29 06:52]
.
2014-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2013-09-16 18:18]
.
2014-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2013-09-16 18:18]
.
2015-02-02 c:\windows\Tasks\Notificación de inicio de sesión de fin de servicio de Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-11-20 23:28]
.
2015-01-08 c:\windows\Tasks\Notificación mensual de fin de servicio de Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-11-20 23:28]
.
.
------- Supplementary Scan -------
.
uStart Page = www.InfoSpyware.com
mStart Page = hxxp://www.infospyware.com
uInternet Settings,ProxyServer = localhost:8080
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Enviar a &Bluetooth - c:\archivos de programa\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar a Bluetooth - c:\archivos de programa\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 192.168.100.1 198.41.0.4
FF - ProfilePath - c:\documents and settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\9qugspfp.default\
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Adobe ARM - c:\archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-02-02 19:29
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-329068152-1004336348-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,bb,b2,16,f8,18,6a,a6,48,b7,7b,4a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,c7,ee,19,c6,60,e3,44,89,0e,88,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1128)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\archivos de programa\GbPlugin\gbiehcef.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\homefus2.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\infql2.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\homepass.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\bio.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\qlbase.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\ps2css.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1184)
c:\windows\system32\setupapi.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\homefus2.dll
c:\archivos de programa\ThinkVantage Fingerprint Software\infql2.dll
.
- - - - - - - > 'explorer.exe'(5980)
c:\windows\system32\WININET.dll
c:\archivos de programa\Google\Drive\googledrivesync32.dll
c:\windows\System32\cscui.dll
c:\archivos de programa\GbPlugin\gbiehcef.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\archivos de programa\Intel\WiFi\bin\EvtEng.exe
c:\archivos de programa\Intel\WiFi\bin\S24EvMon.exe
c:\archivos de programa\Intel\WiFi\bin\WLKeeper.exe
c:\archivos de programa\AVAST Software\Avast\AvastSvc.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\netdde.exe
c:\windows\system32\IPSSVC.EXE
c:\archivos de programa\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\acs.exe
c:\windows\system32\wbem\unsecapp.exe
c:\archivos de programa\ThinkPad\ConnectUtilities\AcSvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\windows\system32\msiexec.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\sessmgr.exe
c:\archivos de programa\Archivos comunes\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\dllhost.exe
c:\archivos de programa\Archivos comunes\Lenovo\tvt_reg_monitor_svc.exe
c:\archivos de programa\Lenovo\Client Security Solution\tvttcsd.exe
c:\archivos de programa\Lenovo\Rescue and Recovery\rrservice.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\archivos de programa\Windows Media Player\WMPNetwk.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\msdtc.exe
c:\archivos de programa\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
.
**************************************************************************
.
Completion time: 2015-02-02 19:31:41 - machine was rebooted
ComboFix-quarantined-files.txt 2015-02-02 22:31
ComboFix2.txt 2014-11-19 18:57
ComboFix3.txt 2013-10-25 06:24
.
Pre-Run: 99.752.513.536 bytes libres
Post-Run: 99.870.404.608 bytes libres
.
- - End Of File - - 7E88F3DFED3065553A7BABB6F792ED0F
0AA30D50B2B80AF6012FE6F0AD8F06D8

Report •

#11
February 2, 2015 at 15:06:01
Run ESET Online Scanner, Copy and Paste the contents of the log in your reply please. This scan may take a very long while, so please be patient. Maybe start it before going to work or bed.
http://www.eset.com/us/online-scann...
http://www.eset.com/home/products/o...
If your comp is unbootable, or won't let you download, you will have to download ESET from a good computer, put it on a flash/thumb/pen/usb drive & run it from there.
Create a ESET SysRescue CD or USB drive
http://kb.eset.com/esetkb/index?pag...
How do I use my ESET SysRescue CD or USB flash drive to scan and clean my system?
http://kb.eset.com/esetkb/index?pag...
Configure ESET this way & disable your AV.
http://i.imgur.com/3U7YC.gif
How to Temporarily Disable your Anti-virus
http://www.bleepingcomputer.com/for...
http://www.techsupportforum.com/for...
Which web browsers are compatible with ESET Online Scanner?
http://www.nod32.fi/eset-online-sca...
http://kb.eset.com/esetkb/index?pag...
Online Scanner not working
http://kb.eset.com/esetkb/index?pag...
Why Would I Ever Need an Online Virus Scanner? I already have an antivirus program installed, isn't that enough?
http://www.squidoo.com/the-best-fre...
Once onto a machine, malware can disable antivirus programs, prevent antimalware programs from downloading updates, or prevent a user from running antivirus scans or installing new antivirus software or malware removal tools. At this point even though you are aware the computer is infected, removal is very difficult.
5: Why does the ESET Online Scanner run slowly on my computer?
If you have other antivirus, antispyware or anti-malware programs running on your computer, they may intercept the scan being performed by the ESET Online Scanner and hinder performance. You may wish to disable the real-time protection components of your other security software before running the ESET Online Scanner. Remember to turn them back on after you are finished.
17: How can I view the log file from ESET Online Scanner?
http://kb.eset.com/esetkb/index?pag...
http://www.eset.com/home/products/o...
The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. The path to the log file is "C:\Program Files\EsetOnlineScanner\log.txt". You can view this file by navigating to the directory and double-clicking on it in Windows Explorer, or by copying and pasting the path specification above (including the quotation marks) into the Start ? Run dialog box from the Start Menu on the Desktop.
If no threats are found, you will simply see an information window that no threats were found.
http://www.trishtech.com/security/s...

Report •

#12
February 3, 2015 at 05:13:24
Ok I'll come back later with that. BTW I'm seeing an update service pack 3 installing over and over again and again (tried everything, but keeps installing

Report •

#13
February 3, 2015 at 05:27:12
" BTW I'm seeing an update service pack 3 installing"

Turn off automatic updating.

Click Start, click Control Panel and then double-click System.
Click the Automatic Updates tab, and then click Turn off automatic updating. I want to update my computer manually.


Report •

#14
February 3, 2015 at 12:26:03
Ya lo pase, y no se han encontrado amenazas.

Report •

#15
February 3, 2015 at 12:42:44
"Ya lo pase, y no se han encontrado amenazas"
http://translate.google.com.au/tran...

Run HitmanPro Kickstart. Note: You will need a USB flash/thumb/pen drive to use this method.
http://www.surfright.nl/en/kickstart
Create a HitmanPro.Kickstart USB flash drive on a good comp, then insert the flash drive in the faulty comp.
Boot & go into the bios & change the boot order to the thumb drive first. F10 to Save & Exit.
HitmanPro.Kickstart user manual / guide
http://antimalwaresoftware.nl/handl...
The logs are large, upload them using this, or upload to a site of your choosing. No account needed. Give us the links please.
http://www.zippyshare.com/
Instructions on how to use ZippyShare.
http://i.imgur.com/naG6t2T.gif
http://i.imgur.com/Vi9ZdIh.gif
http://i.imgur.com/1IZu5kP.gif
Download 32-bit HitmanPro 3.7 with Kickstart
http://dl.surfright.nl/HitmanPro.exe
HitmanPro.Kickstart - User Manual
http://dl.surfright.nl/Kickstart-Us...
FAQ
http://dl.surfright.nl/Kickstart-Be...


Report •

Ask Question