HelloRoko Posted November 27, 2011 ID:498689 Share Posted November 27, 2011 I've ran numerous scans with both malwarebytes and super anti-spyware but, as of yet, to no avail. Continuously it informs me that it's been locked away, but that doesn't seem to be the case at all for my browser is continuously hi-jacked whenever i try to click any search results on google. I've tried this on for different browsers, but the problem persists on my search results being redirected to some foreign site providing a myriad of links that seem to be bogus in their own rights. I fear it's only further infecting my system because I occasionally come up with new system threats.i can't seem to come to terms with what this exactly is, but even in safe mode i've come to no benign result with it. I'm starting to fear i might just have to re-install windows and cross my fingers. Is there anything I can do to specifically remedy my system of this formidable threat? Assistance would be appreciated! Link to post Share on other sites More sharing options...
HelloRoko Posted November 27, 2011 Author ID:498691 Share Posted November 27, 2011 Malwarebytes' Anti-Malware 1.51.2.1300www.malwarebytes.orgDatabase version: 8241Windows 6.1.7600Internet Explorer 8.0.7600.1638511/27/2011 12:45:57 PMmbam-log-2011-11-27 (12-45-57).txtScan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)Objects scanned: 279136Time elapsed: 39 minute(s), 16 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:c:\Windows\assembly\temp\kwrd.dll (PUP.BitMiner) -> Quarantined and deleted successfully. Link to post Share on other sites More sharing options...
HelloRoko Posted November 27, 2011 Author ID:498698 Share Posted November 27, 2011 Malwarebytes' Anti-Malware 1.51.2.1300www.malwarebytes.orgDatabase version: 8241Windows 6.1.7600Internet Explorer 8.0.7600.1638511/27/2011 12:45:57 PMmbam-log-2011-11-27 (12-45-57).txtScan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)Objects scanned: 279136Time elapsed: 39 minute(s), 16 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:c:\Windows\assembly\temp\kwrd.dll (PUP.BitMiner) -> Quarantined and deleted successfully.Document.rtfAttach.zip Link to post Share on other sites More sharing options...
HelloRoko Posted November 27, 2011 Author ID:498703 Share Posted November 27, 2011 for some reason some other file ended up being selected. idk why my brother didn't delete that. i'll attach the actual thing now.DDS.txt Link to post Share on other sites More sharing options...
Staff screen317 Posted December 3, 2011 Staff ID:500947 Share Posted December 3, 2011 Hi and welcome to Malwarebytes. In the future, please post all logs directly into your reply instead of attaching them unless otherwise indicated. With that said, please update MBAM, run a Quick Scan, and post its log. Next, run DDS again and post DDS.txt directly in your reply. Link to post Share on other sites More sharing options...
Staff screen317 Posted December 12, 2011 Staff ID:503876 Share Posted December 12, 2011 Are you still with us? This topic will be closed in a few days if we do not hear back from you. Link to post Share on other sites More sharing options...
Staff screen317 Posted December 22, 2011 Staff ID:508163 Share Posted December 22, 2011 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts