Greeting! IEXPLORE.exe, ad pop-ups, wave audio control goes to 0

Welcome to Major Geeks!



Your infection is in your Master Boot Record (MBR). We need to see the below log before creating a fix.

• Download bootkit_remover.rar
• Click the underlined DOWNLOAD text to download the file and save it to your Desktop.
• You then need to extract the remover.exe file from the RAR using a program capable of extracing RAR compressed files. If you don't have an extraction program, you can use 7-Zip
• After extracing remover.exe to your Desktop, double click the remover.exe file to run the program.
• Attach or post inline here, the output from remover.exe

NOTE: The Command Prompt window text can be copied to the clip board by right clicking on the top bar of the window and using the Edit commands to Mark, Copy, and Paste.


Also I need to ask some questions:

1. Do you have any drives that has a non-windows installation on them
2. Are all drives NTFS formatted
3. Do you have any non-standard or special MBRs which can occur from companies like Dell or HP who frequently install additional partitions used for recovery partitions in lieu of giving CD/DVDs.
4. Is any program like Grub ( see:http://www.gnu.org/software/grub/ ) being used
5. Is drive-encryption being used?
6. Are any drives external USB pen drives or external hard drives being used?
7. VERY IMPORTANT: Do you have all important data backed up? You really should do this before continuing since we will need to rewrite your MBR to fix this and while most times this can be done without any problem, these infections can react badly and that could result in a PC not being bootable. You really don't have much choice though since these infections are too dangerous to your security to leave on a PC.

Now follow the directions in the below link for running MGtools It also explains possible reasons for not being able to run MGtools

• Using MGtools

Attach the requested MGlogs.zip file.

 

Talk to Dell but it could be due to the Master Boot Record infection that you have.

You did not run the program I asked you to run. You ran their TDSS Remover tool. Let's use a different program which does a better job any way.



Please also download MBRCheck to your desktop

• Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
• It will show a Black screen with some information that will contain either the below line if no problem is found:
  • Done! Press ENTER to exit...
• Or you will see more information like below if a problem is found:
  • Found non-standard or infected MBR.
  • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
• Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
• MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
• Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )