Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I keep getting redirected to different sites in Internet Explorer


  • This topic is locked This topic is locked

#16
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK its good - once you have run the fixmbr command again reboot to windows and run aswMBR.
If it still reports the TDL4 infection then from the recovery disc command prompt run the following command :

Bootrec.exe /FixBoot

Reboot and retry aswMBR
  • 0

Advertisements


#17
Matt A

Matt A

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Tried the second option - no good. Still picking up the TDL4 in the rootkit. See log attached.

Any other ideas?

Thanks

Attached Files


  • 0

#18
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I will use aswMBR to cure it, but sometimes with this it kills it but then fails to reinstate the MBR

If that should happen then use the recovery disc and the fixmbr option as we tried at first


Re-Run aswMBR

Click Scan

On completion of the scanClick the Fix Button


Posted Image

Save the log as before and post in your next reply
  • 0

#19
Matt A

Matt A

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hi Essexboy,

I think this has worked. I have attached the logs so you can confirm. If you let me know what you think, that would be great. Do you know if this malware has caused any damage or lasting issues with the PC?

- aswMBR4.txt is the before log
- aswMBR5.txt is the after log

All went well during the scan and fix. No need to boot from the CD.

I have had a quick look from Yahoo! and haven't been redirected to strange websites. So far so good.

Is there anything I can do to restore my shortcuts and folders on the Start Menu? These were affected by the malware.

On another note, can you suggest any software that might best prtect me from this happening again?

Thanks
Matt

Attached Files


  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yep does look good, GMER must have updated the aswMBR :)

For the shortcuts and the ilk follow the steps on this page and then let me know of any remaining problems please

Also could you check that windows updates works and there are no other anomolies
  • 0

#21
Matt A

Matt A

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hi Essexboy,

Thanks for all your help. It is getting a little late here, so I will check the rest of these items tomorrow evening after work.

Thanks heaps for your help. I will post an update tomorrow.

Thanks,
Matt
  • 0

#22
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No probs - sleep tight :)
  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP