Google redirects , Olmarik.tdl4 and Sirefef.ch trojans
Posted 21 November 2011 - 06:23 AM
Posted 21 November 2011 - 06:38 AM
This malware tends to disable you whole system and let you with nothing. Please backup your date.
Posted 21 November 2011 - 06:42 AM
Posted 21 November 2011 - 06:47 AM
Looks like you have latest TDL4 infection and there is one method we can try. Please confirm that you didn't do anything with Recovery disk jet.
Posted 21 November 2011 - 07:02 AM
Do the following:
- Click on the Start button and then choose Control Panel.
- Click on the System and Security link.
Note: If you're viewing the Large icons or Small icons view of Control Panel, you won't see this link so just click on the Administrative Tools icon and skip to Step 4.
- In the System and Security window, click on the Administrative Tools heading located near the bottom of the window.
- In the Administrative Tools window, double-click on the Computer Management icon.
- When Computer Management opens, click on Disk Management on the left side of the window, located under Storage.
After a brief loading period, Disk Management should now appear on the right side of the Computer Management window.
Note: If you don't see Disk Management listed, you may need to click on the |> icon to the left of the Storage icon.
To do print screen follow these steps:
- Press Alt and Print Screen button on your keyboard
- Open Paint program
- From the menu choose Edit then Paste
- Now save the picture and attach it here for me.
Posted 21 November 2011 - 07:21 AM
Posted 21 November 2011 - 07:30 AM
I thought that so i edited the previous post
Can you please post one more print screen but please adjust columns so I can see all disks size. I don't see size for the first no-name disk.
Posted 21 November 2011 - 07:37 AM
Posted 21 November 2011 - 07:41 AM
I also have to go so dont hurry
I need to go now but I'll post next step as soon as possible. Stay tunned .
Posted 21 November 2011 - 10:41 AM
Download FreeISOBurner to desktop
Download gparted-live-0.10.0-3.iso (115.1 MB) to desktop
Download Windows 7 32-Bit (x86) Recovery Environment
Create a bootable CD, 1 for Gparted and 1 for the Windows 7 Recovery Enviroment, from the ISO images. We will use FreeISOBurner you downloaded to do this.
- Insert blank CD into CD burner
- Start FreeISOBurner
- Click Open button and load gparted file
- Select burn speed 16x or less
- Press Burn button
- Having made the bootable CD set your system to boot from CD (Instructions)
- Do this again and burn Windows 7 Recovery Environment on another blank CD
You should be here...
By default, "do not touch keymap" is highlighted. Leave this setting alone and just press ENTER.
Choose your language and press ENTER. English is default 
Once again, at this prompt, press ENTER
You will now be taken to the main GUI screen below
According to your logs, the partition that you want to delete is 2 MB (PLEASE CHECK THIS TWO TIMES!)
Click the trash can icon to delete and then click Apply.
You should now be here confirming your actions:
Now you should be here:
Is "boot" next to your OS drive?
If "boot" is not next to your OS drive under "Flags", right-mouse click the OS drive while in Gparted and select Manage Flags
In the menu that pops up, place a checkmark in boot like the picture below:
Now double-click the button.
You should receive a small pop up like this:
Choose reboot and then press OK.
Time for second disk
Now reboot and boot Windows 7 Recovery Environment CD and execute the following commands:
- bootrec /FixMbr
- bootrec /FixBoot
Your system will boot now in Windows.
Download MBRCheck.exe to your desktop.
- Be sure to disable your security programs
- Double click on the file to run it (Confirm the UAC prompt)
- A window will open on your desktop
- if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
- If nothing unusual is found just press Enter
- A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
- Attach that file.
Posted 22 November 2011 - 08:17 AM
Everythink goes fine with gparted i deleted 2mb think checked everythink then i double clicked
the exit button reboot**** ok,after a short time it eject automaticly the cd so i just putted
the windows 7 when it eject my cd , last sentence was i think press enter to continuou well i put the cd and wanted to execute what you said i typed the 1st one and pressed enter its just restarted my pc and after a wil it say Press any key to boot from Cd or DVD well thats normal but then below that there was
BOOTMGR is missing
Press Ctrl+Alt+Del to restart
this was happening even without the cd in . What i have done ;s
Edited by Psydream, 22 November 2011 - 08:18 AM.
Posted 22 November 2011 - 08:32 AM
Please press any button to boot this CD before you get
BOOTMGR is missing Press Ctrl+Alt+Del to restart
Posted 22 November 2011 - 08:41 AM
Edited by Psydream, 22 November 2011 - 09:04 AM.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users