Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Web Browser redirect


  • Please log in to reply
4 replies to this topic

#1 PhillyDude

PhillyDude

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 20 December 2011 - 08:51 AM

So I can see that I'm not the only one with this problem, but it seems the smart thing to do is to make my own topic for help. I'm running Windows 7 Ultimate, and I recently had the Windows 7 Antispyware virus which seemed easy to remove. I don't know if its related (though I expect that it is), but I'm now being redirected to "getanswersfast.com" when doing Google searches. I did find some removal instructions online. I ran a rootkit tool that I don't remember the name of (that I have since removed because it did nothing), I've run Malwarebytes and SuperAntispyware. When these came up with nothing I thought that it might be in the router, so I did a complete reset. That actually made it go away for several hours, and I thought I was in the clear, but this morning it started again (I did restart, so I'm assuming that's when it came back). Any help would be much appreciated. Thanks.

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:48 PM

Posted 25 December 2011 - 10:07 AM

Can you post the logs from those tools?

#3 PhillyDude

PhillyDude
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 27 December 2011 - 11:59 AM

Here you go. Sorry for the delay! I appreciate any help you can give.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/27/2011 at 11:35 AM

Application Version : 5.0.1142

Core Rules Database Version : 8087
Trace Rules Database Version: 5899

Scan type : Complete Scan
Total Scan Time : 01:29:55

Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 677
Memory threats detected : 0
Registry items scanned : 73595
Registry threats detected : 0
File items scanned : 120469
File threats detected : 0

and..

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8393

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/18/2011 7:59:14 PM
mbam-log-2011-12-18 (19-59-14).txt

Scan type: Full scan (C:\|)
Objects scanned: 441896
Time elapsed: 1 hour(s), 39 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:48 PM

Posted 27 December 2011 - 02:04 PM

Can you please update Malwarebytes and rerun the scan?

#5 PhillyDude

PhillyDude
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 27 December 2011 - 07:00 PM

Sorry about that. The updated Malwarebytes did find one thing and removed it, but I'm still being redirected.



Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 911122704

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/27/2011 6:16:48 PM
mbam-log-2011-12-27 (18-16-48).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 427310
Time elapsed: 1 hour(s), 1 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\assembly\temp\kwrd.dll (PUP.BitMiner) -> Quarantined and deleted successfully.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users