another Iexplore.exe wave mute/popups malware

Yes you can edit posts but only within a 5 minute time limit. Sorry but every post is actually a bump intentional or not.




We need to ask some questions:

1. Do you have any drives that has a non-windows installation on them
2. Are all drives NTFS formatted
3. Do you have any non-standard or special MBRs which can occur from companies like Dell or HP who frequently install additional partitions used for recovery partitions in lieu of giving CD/DVDs.
4. Is any program like Grub ( see:http://www.gnu.org/software/grub/ ) being used
5. Is drive-encryption being used?
6. Are any drives external USB pen drives or external hard drives being used?
7. VERY IMPORTANT: Do you have all important data backed up? You really should do this before continuing since we will need to rewrite your MBR to fix this and while most times this can be done without any problem, these infections can react badly and that could result in a PC not being bootable. You really don't have much choice though since these infections are too dangerous to your security to leave on a PC.

Based on your logs I see you do have a Dell PC and have 1 physical hard disk with the below 4 partitions. Which thus looks like you have a multi-boot type system since your Windows boot drive is on 28.78 GB and is almost out of free space too!!!!! What are you running on the other partitions? I''m guessing that the 478.50 MB one is a Dell Restore partition.

 

Still inadequate for proper operation of Windows.



Now if you have important data backup up and understand the above warning - please do the following:

• Click Start, Run then copy and paste the below into the Run box and click OK.

"%userprofile%\Desktop\remover.exe" fix \\.\PhysicalDrive0

• Now reboot your PC and after reboot continue with the below instructions.
• Disable System Restore on all drives.
• Look for the below folder and if if it sill exists, delete it.
  • C:\System Volume Information\Microsoft
• If you don't see this Microsoft folder or are denied access to the System Volume Information folder, just continue on
• Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).
  Then attach the below logs:
  • C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You always want to have about 4 GB available to avoid performance issues. As soon as you reenable System Restore it will create a restore point which will use a large amount of disk space and at each reboot another restore point will be made. Also when you do Windows updates and certain other software installations, they will also create restore points. You need more disk space for your Windows partition or you need to delete a bunch of stuff you have there. 29 GB for a Windows partition is rather small unless you plan on not installing or doing too much with it.

You should post about crashes in the Software Forum and provide exact word for word error messages.




If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
3. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
9. Re-enable System Restore
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

You're welcome. Surf safely!