Solved - Infected dwm.exe with BitCoinMiner.Gen - TechSpot ...

Can't turn on Firewall.

Gmail says I need to enable cookies but it's aready enabled. So it might have something to do with the firewall. Here's the hijack this.
Also I recently deleted the .exes of some virus named "bitcoin-miner". I'm not exactly sure if that's related with this one.
Anyone, help?
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:48:55 PM, on 12/28/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\VistaSwitcher\vswitch.exe C:\Program Files\DVDFab Virtual Drive\vdrive.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Adobe\Adobe InDesign CS6\InDesign.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskmgr.exe C:\Windows\System32\cttunesvr.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Guissmo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2801948 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = facultyproxy.upd.edu.ph:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH_.dll O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O2 - BHO: NCH EN - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH_.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH_.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [VistaSwitcher] "C:\Program Files\VistaSwitcher\vswitch.exe" /startup O4 - HKCU\..\Run: [Google Update] "C:\Users\Guissmo\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [DVDFab VDrive] "C:\Program Files\DVDFab Virtual Drive\vdrive.exe" O4 - HKCU\..\Run: [SugarSync] "C:\Program Files\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" O4 - HKUS\S-1-5-18\..\Run: [Google Update] C:\Windows\system32\config\systemprofile\AppData\Local\$GPATH\gupdate.exe /app 87D5BDC2BA6D83EA507102CE330A5F42 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Google Update] C:\Windows\system32\config\systemprofile\AppData\Local\$GPATH\gupdate.exe /app 87D5BDC2BA6D83EA507102CE330A5F42 (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Guissmo\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.sc200 O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{D899ECB6-12A8-49B8-8758-8DD51777D017}: NameServer = 202.126.40.5 222.127.143.5 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: niaxama - C:\Windows\system32\config\systemprofile\AppData\Local\niaxama.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe -- End of file - 13379 bytes 
submitted by guissmo to techsupport [link] [comments]

Bitcoin Miner 2020 update no fee %1000 - YouTube How To Mine Bitcoin Gold bitcoin miner exe Bitcoin Mega Miner 3 0 Public Version Demo - YouTube TheBitcoinMiner - YouTube

The application dwm.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. This is a malicious Bitcoin miner. Bitcoin-mining malware is designed to force computers to generate Bitcoins for cybercriminals' use and consumes computing power. dwm.exe(Trojan.BitcoinMiner) detected by Malwarebytes - posted in Virus, Trojan, Spyware, and Malware Removal Help: hi my computer has been infected by a malware called Trojan.BitcoinMiner. a ... After running Malwarebytes the antivirus popup warning related to infected file dwm.exe or BitCoinMiner.Gen have not appeared. I hope it might have removed it. Dwm.exe, bitcoin miner trojan « previous next » Print; Pages: [1] 2 Go Down. Author Topic: Dwm.exe, bitcoin miner trojan (Read 19718 times) 0 Members and 1 Guest are viewing this topic. carlosg. Newbie; Posts: 10; Dwm.exe, bitcoin miner trojan « on: July 10, 2013, 06:14:24 PM » Hey I've found that my computer has a trojan Dwm.exe, read about it and its a bitcoin miner. It is located here C ... Hi, Recently ive had problems with a Trojan.Bitcoin.Miner in a folder iswizard (C:\Users\Name\AppData\Local\Temp\iswizard\) its located in a .7z zip file: dwm.exe. When i remove it with Malwarebytes Anti-Malware it seems to relocate itself in that folder. Then Anti-Malware puts it back in Quarant...

[index] [27523] [27738] [48849] [39993] [10897] [12244] [10321] [13845] [2906] [655]

Bitcoin Miner 2020 update no fee %1000 - YouTube

Bitcoin mining explaned. What It Was Like MINING Cryptocurrency Full-Time For A Year Tails Health Update VoskCoin Rebrand - Duration: 23:44. VoskCoin Recommended for you How to manually remove these little performance ruining bastards. These things are becoming the new epidemic. Most anti viruses don't detect them because the... Learn how to use and setup a bitcoin miner to earn bitcoins , litecoins , dogeecoins etc. Download miner from https://easyminer.net/Downloads/ Buy Now :https://rocketr.net/buy/b4a2e0a2f136 _____ best miner 2018 Blockchain Multi Miner Computing power of ... DIY Bitcoin Mining: Hardware (part1) - Duration: 7:45. Fred Yen Recommended for you. 7:45. 4 GH/s Raspberry PI Bitcoin Miner - PiMiner - Duration: 1:01. Josh Hildebrand Recommended for you. 1:01 ...

#