Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


This is wrecking my computer. Help needed!

  • Please log in to reply
1 reply to this topic

#1 Ted12110


  • Members
  • 24 posts
  • Local time:03:31 PM

Posted 25 December 2011 - 04:55 AM

I need help getting rid of a very annoying virus. It redirects me when I click links, and tonight I had a "fake virus scan" pop up. I'm no expert when it comes to this stuff, so any and all help will be greatly appreciated.

I've used TDSSKiller, but it said no threats were found. Here is a quick log from malwarebytes -

Malwarebytes' Anti-Malware

Database version: 911122501

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/25/2011 6:32:21 AM
mbam-log-2011-12-25 (06-32-13).txt

Scan type: Full scan (C:\|)
Objects scanned: 504259
Time elapsed: 2 hour(s), 13 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\assembly\temp\kwrd.dll (PUP.BitMiner) -> No action taken.

Edited by Ted12110, 25 December 2011 - 06:33 AM.

BC AdBot (Login to Remove)


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • Gender:Female
  • Local time:11:31 PM

Posted 30 December 2011 - 12:12 PM

Hello and welcome to BleepingComputer! :)

I am Blind Faith and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are destined to idetifying the possible threats present on your system so I will analyze the results they produce.

As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that step. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us.

If you will encounter a delay of over 2 days from me, please don't hesitate and private message me.
Do not forget to check your topic periodically and subscribe to the topic so that you can receive notifications regarding my replies.

Please generate another DDS log (download it from here if you haven't already) and post it in your next reply along with other changes that may have occured since you last posted.
Also download and run GMER from this link: GMER download link.

Thank you very much for your patience.


Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro

If I haven't replied in 48 hours, please feel free to send me a PM.

Posted Image

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users