Jump to content

dowjonesBR123

Members
  • Content Count

    1
  • Joined

  • Last visited

About dowjonesBR123

  • Rank
    New Member
  1. Good afternoon I downloaded an Internet program and at the time of installation entered a trojan with the name of hijack.exefile I already ran the scan with the malware and every time I restart the computer it back would like help and support to solve my program is bought and I already downloaded the dds.src and already did the scan I would like to Pulb what appears in the TXT of the DDS hugs from Brazil Note: My programs only open when I open as ADM DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 Run by Usuario at 13:10:48 on 2017-11-13 Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.16285.13055 [GMT -2:00] . AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B} SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\DAODx.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe F:\Program Files (x86)\Steam\Steam.exe F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll uRun: [Spotify Web Helper] C:\Users\Usuario\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart uRun: [uTorrent] "C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 TCP: NameServer = 192.168.0.1 TCP: Interfaces\{E532C053-0A6C-4C55-B342-8A9C6715F8A2} : DHCPNameServer = 192.168.0.1 SSODL: WebCheck - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-SSODL: WebCheck - <orphaned> x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\x3xoe7yl.default\ FF - plugin: C:\Program Files\VideoLAN\VLC\npvlc.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2017-9-20 83656] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2017-9-20 43720] R0 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MbamChameleon.sys [2017-11-12 192952] R0 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\mbamswissarmy.sys [2017-11-12 252232] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2017-9-24 283064] R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2017-9-25 77440] R1 wsddntf;Diebold Network Monitor;C:\Windows\System32\drivers\wsddntf.sys [2017-10-29 36984] R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-9-20 817760] R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-9-26 2257016] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2017-9-20 246272] R2 Focusrite Control Server;Focusrite Control Server;C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [2017-9-22 1313792] R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-9-25 6058960] R2 TeamViewer;TeamViewer 12;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-9-21 10803440] R2 Warsaw Technology;Warsaw Technology;C:\Program Files\Diebold\Warsaw\core.exe [2017-10-29 1056304] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2013-8-16 140032] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2013-8-16 424192] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2017-9-20 95760] R3 FocusriteUSB;Focusrite USB;C:\Windows\System32\drivers\FocusriteUSB.sys [2017-9-22 87056] R3 FocusriteUSBAudio;Focusrite USB Audio;C:\Windows\System32\drivers\FocusriteUSBAudio.sys [2017-9-22 45072] R3 FocusriteUSBMidi;Focusrite USB MIDI;C:\Windows\System32\drivers\FocusriteUSBMidi.sys [2017-9-22 36880] R3 FocusriteUSBSwRoot;USB Audio Root;C:\Windows\System32\drivers\FocusriteUSBSwRoot.sys [2017-9-22 88592] R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2017-11-12 110016] R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2017-11-12 45504] R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2017-11-12 84256] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2017-9-20 943832] S1 wsddfac;wsddfac;C:\Windows\System32\drivers\wsddfac.sys [2017-10-29 28376] S1 wsddpp;Warsaw - Driver (PP);C:\Windows\System32\drivers\wsddpp.sys [2017-10-29 25184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-4-21 107656] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-4-21 128648] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-7-18 358880] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 iobit_monitor_server;iobit_monitor_server;C:\PROGRA~2\IObit\ADVANC~1\drivers\Monitor_win7_x64.sys [2017-11-12 14680] S3 StorSvc;Serviço de Armazenamento;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 wsddprm;Warsaw - Driver (PRM);C:\Windows\System32\drivers\wsddprm.sys [2017-10-29 25184] . =============== Created Last 30 ================ . 2017-11-12 19:36:42 -------- d-----w- C:\ProgramData\ProductData 2017-11-12 19:36:24 -------- d-----w- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A} 2017-11-12 19:36:23 -------- d-----w- C:\Program Files (x86)\Common Files\IObit 2017-11-12 19:36:14 -------- d-----w- C:\Users\Usuario\AppData\Roaming\IObit 2017-11-12 19:36:14 -------- d-----w- C:\Program Files (x86)\IObit 2017-11-12 19:35:57 -------- d-----w- C:\ProgramData\IObit 2017-11-12 19:20:51 -------- d-----w- C:\Users\Usuario\AppData\Local\ElevatedDiagnostics 2017-11-12 16:10:26 192952 ----a-w- C:\Windows\System32\drivers\MbamChameleon.sys 2017-11-12 16:10:24 84256 ----a-w- C:\Windows\System32\drivers\mwac.sys 2017-11-12 16:10:24 45504 ----a-w- C:\Windows\System32\drivers\mbam.sys 2017-11-12 16:10:24 252232 ----a-w- C:\Windows\System32\drivers\mbamswissarmy.sys 2017-11-12 16:10:24 110016 ----a-w- C:\Windows\System32\drivers\farflt.sys 2017-11-12 11:17:02 0 ----a-w- C:\Windows\directx.sys 2017-11-12 00:18:40 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2017-11-09 20:49:24 -------- d-sh--w- C:\ProgramData\SecuROM 2017-11-09 20:43:48 -------- d-----w- C:\Windows\SysWow64\xlive 2017-11-09 20:43:48 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2017-11-09 20:41:24 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll 2017-10-29 21:46:57 36984 ----a-w- C:\Windows\System32\drivers\wsddntf.sys 2017-10-29 21:46:57 28376 ----a-w- C:\Windows\System32\drivers\wsddfac.sys 2017-10-29 21:46:57 25184 ------w- C:\Windows\System32\drivers\wsddprm.sys 2017-10-29 21:46:57 25184 ------w- C:\Windows\System32\drivers\wsddpp.sys 2017-10-29 21:46:55 -------- d--h--w- C:\Program Files (x86)\GAS Tecnologia 2017-10-29 21:46:55 -------- d--h--w- C:\Program Files (x86)\Diebold 2017-10-29 21:46:34 -------- d-----w- C:\Program Files\Diebold 2017-10-29 21:45:47 -------- d-----w- C:\Users\Usuario\AppData\Local\Aplicativo Itau 2017-10-25 21:03:31 -------- d-----w- C:\Users\Usuario\aTubeCatcher 2017-10-23 18:51:38 -------- d-----w- C:\Users\Usuario\AppData\Roaming\Cycling '74 . ==================== Find3M ==================== . 2017-11-11 16:27:12 16 ----a-w- C:\Windows\System32\msvcsv60.dll 2017-11-11 16:27:12 16 ----a-w- C:\Users\Usuario\AppData\Roaming\msregsvv.dll 2017-10-29 21:48:42 1856 ----a-w- C:\Windows\Fonts\Warsaw Bold.ttf 2017-10-09 16:16:04 77440 ----a-w- C:\Windows\System32\drivers\mbae64.sys 2017-09-25 18:30:17 7649280 ----a-w- C:\Program Files (x86)\GUT3C93.tmp 2017-09-24 19:20:49 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2017-09-24 19:20:49 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll 2017-09-24 19:20:49 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll 2017-09-24 15:27:59 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2017-09-20 21:24:00 1864 ----a-w- C:\Windows\Fonts\dbldwrsw.ttf 2017-09-20 20:48:12 0 ----a-w- C:\Windows\ativpsrm.bin . ============= FINISH: 13:11:00,68 ===============
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.