IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Redirect still exists after tds cure Virus.Win32.Rloader.a
seanfamily65
post 26.03.2012 22:46
Post #1


Newbie
*

Group: Members
Posts: 2
Joined: 26.03.2012




Hi,

Thankyou for your help TDSkiller found Virus.Win32.Rloader.a when I ran it on win/xp sp2 laptop computer.I chose to cure when tdskiller asked me too. TDSkiller said it completed succesfully and had me reboot however the same google redirect nightmare still exists. When I ran TDSkiller again it now shows no infections and finds nothing? I have no .log file from TDS kiler all it has generated is these .DTA files which I am pasting the content of below.

[InfectedObject]
Verdict: Virus.Win32.Rloader.a

[InfectedObject]
Type: Service
Name: ACPI
Type: Kernel driver (0x1)
Start: Boot (0x0)
ImagePath: system32\DRIVERS\ACPI.sys
Suspicious states: Forged file;


[InfectedFile]
Type: Raw image
Src: C:\WINDOWS\system32\DRIVERS\ACPI.sys
md5: 3b67b435fddf777c595f0ec736b03c37


[InfectedFile]
Type: Api image
Src: C:\WINDOWS\system32\DRIVERS\ACPI.sys
md5: a10c7534f7223f4a73a948967d00e69b

That is the content of the four .dta files. I am at a loss as to what to do here since now it no longer finds the virus/malware yet the redirect still continues?

Thanks for your help
Go to the top of the page
 
+Quote Post
richbuff
post 27.03.2012 00:58
Post #2


Oldtimer
****************

Group: Moderators
Posts: 47388
Joined: 14.06.2007




welcome. Kaspersky Lab Forum > English User Forum > Virus-related issues > the first Important topic > instructions for two preliminary are located there.

Please double check for the Tdsskiller log. Please follow this Tech Article to run tdsskiller: http://support.kaspersky.com/viruses/solutions?qid=208280684
Please attach the tdsskiller log. Located at: C:\TDSSKiller.~~~~~log.txt

Please see the small print that is located at the bottom of this message.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
seanfamily65
post 27.03.2012 03:36
Post #3


Newbie
*

Group: Members
Posts: 2
Joined: 26.03.2012




HI,
Thank you for helping me, oddly the log file has been output to my C:\ root directory instead of c:\tdsskiller directory nonetheless I have found two log files one is the first one when I ran tdsskiller and it found the Virus.Win32.Rloader.a and the second log file is when I re ran TDSSKiller and it now finds no infections yet the google redirect is still occurring. The log file seems to indicate it replaced acpi.sys file with a "backup" that it found. I've attached the files thanks for your help.



QUOTE(richbuff @ 26.03.2012 13:58) *
welcome. Kaspersky Lab Forum > English User Forum > Virus-related issues > the first Important topic > instructions for two preliminary are located there.

Please double check for the Tdsskiller log. Please follow this Tech Article to run tdsskiller: http://support.kaspersky.com/viruses/solutions?qid=208280684
Please attach the tdsskiller log. Located at: C:\TDSSKiller.~~~~~log.txt

Please see the small print that is located at the bottom of this message.


Attached File(s)
Attached File  TDSSKiller.2.7.23.0_26.03.2012_10.51.32_log.txt ( 80.52K ) Number of downloads: 4
Attached File  TDSSKiller.2.7.23.0_26.03.2012_11.14.29_log.txt ( 79.43K ) Number of downloads: 3
 
Go to the top of the page
 
+Quote Post
richbuff
post 27.03.2012 04:46
Post #4


Oldtimer
****************

Group: Moderators
Posts: 47388
Joined: 14.06.2007




Your current tdsskiller log has no detections, so please review the first and third portions of my previous post.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 20.04.2014 14:47