Google Redirection Problem

What is this drive:
298 GB \\.\PhysicalDrive1 MBR Code Faked!

Is it a second hard drive or an external hard drive?

 

I am assuming you don't have an installation disc. You can create a disc to access the Recovery Environment from here ( choose the one that corresponds with your system IE 64bit or 32bit):
http://digiex.net/downloads/downloa.../2660-windows-7-64-bit-x64-recovery-disc.html

http://digiex.net/downloads/downloa.../2659-windows-7-32-bit-x86-recovery-disc.html

You can use ImageBurn to create the disc.

Boot to the bios and change the boot order to cd/dvd as first boot device. Put in the disc and reboot. Once you are in the Recovery Environment, type this at the command prompt:
bootrec.exe /fixmbr \device\harddisk1

Then type exit and reboot to normal mode. Re-run MBRCheck and attach the new log.

 

* Run MBRCheck.exe
* Wait until you see the following lines:
o Enter 'Y' and hit ENTER for more options, or 'N' to exit:
o Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice:

* Please push the 'Y' key and then press Enter
* When the program asks you to Enter your choice: enter 2 to Restore the MBR and press the Enter key
* Now the program will ask you to "Enter the physical disk number to fix (0-99, -1 to cancel):"
o Enter 1 and press the Enter key.
* The program will show Available MBR codes as below

* You need to select your version of Windows from the list. For example, enter 0 or 1 for XP or enter 3 for Vista.....etc. and then press Enter.
* The program will prompt for confirmation. Type 'YES' and hit Enter.
* Left click on the title bar (where program name and path is written). From menu chose Edit -> Select All
* You will see all the text in the window get highlighted.
* Hit the Enter key on your keyboard to copy all of the text into the clipboard.
* Paste that text into Notepad, save it to your desktop as MBRfix.txt
* Restart your PC.
* Attach the MBRfix.txt file to your next message..

Now please re-run MBRCheck.exe and attach that log also.

 

That also did not work. About the only way to remove the infection is to repartition the drive. So save your data to another drive and use one of these tools to repartition the drive:

diskpart.exe - from the Windows Recovery Console
Examples of using Windows diskpart.exe >> http://support.microsoft.com/kb/300415

GParted - http://gparted.sourceforge.net/livecd.php - MGs link: GParted Live

Parted Magic - http://partedmagic.com/doku.php

Partition Logic -http://partitionlogic.org.uk/

Cute Partition Manage - http://www.cutepm.com/

 

Please post in the software forum for assistance with running that program and or assistance with repartitioning the drive. This is not really under the purview of the malware forum.