Iexplore.exe virus, audio ads/high cpu usage/computer crashes & lag

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by GetShrekt, Jul 30, 2015.

  1. GetShrekt

    GetShrekt Private E-2

    Hey all,
    So for the past week I have had a computer virus which takes on the name iexplore.exe in processes. Just to be clear, I never use internet explorer or have it open.

    Symptoms are multiple instances of iexplore.exe being created with different process IDs which respawn when ended, however rogue killer does seem to be able to shut them down for a short while (~30 minutes intervals). High cpu usage only occurs when the multiple iexplore processes are up and are taking up large chunks of cpu, however when they are all temporarily dead from rogue killer and cpu percentage is normal, the computer runs markedly more sluggish especially in games, streams, with the occasional computer hard shutdown despite low core temperatures. Also, audio ad snippets will occasionally play for like 5s, this also coincides with when the iexplore.exe processes have begun spawning again and need to be temporarily terminated by rogue killer.

    Upon research it seems like other people have similar viruses involving iexplore.exe process and audio ad snippets, however mine does not seem to be getting picked up with any of these malware scans. Definately in need of some help getting rid of this nasty virus, hoping windows reinstall/new harddrive is not needed.

    P.S. I don't have a system restore point before the virus
     

    Attached Files:

    GetShrekt, Jul 30, 2015
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Re run Malware Bytes and let it quarantine anything it may find.

    Re run Hitman Pro and also let it fix everything it finds.

    Delete this:
    C:\Program Files (x86)\ActiveDeals


    Please also download MBRCheck to your desktop
    • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
    • It will show a Black screen with some information that will contain either the below line if no problem is found:
      • Done! Press ENTER to exit...
    • Or you will see more information like below if a problem is found:
      • Found non-standard or infected MBR.
      • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    • Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
    • MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
    • Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )


    Run this.

    How is the machine behaving?
     
    Kestrel13!, Jul 31, 2015
    #2
  3. GetShrekt

    GetShrekt Private E-2

    Hi, I am still experiencing the iexplore.exe problems, the only difference being that my computer hasn't crashed for a few days now.

    Malwarebytes and HitmanPro only turned up a few unsubstantial looking PuPs which were removed.

    The avg bootkit removal only scanned one object, the Master Boot record, not sure if this is correct.
     

    Attached Files:

    GetShrekt, Jul 31, 2015
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You are still hearing the audio ads?
    This is why I checked the status of the Master Boot Record because there is an infection which plays the audio ads and corrupts the MBR.
     
    Kestrel13!, Aug 1, 2015
    #4
  5. GetShrekt

    GetShrekt Private E-2

    Yes the audio ads are still running, in fact one ran as I was writing this post which is rare since its usually one every ~4hrs. After hearing this I ran roguekiller prescan which found a couple rogue iexplore.exe's and killed them, whereas when I ran roguekiller prescan ~8minutes earlier on computer startup it found nothing (perhaps suggesting iexplore.exe and the audio ads coincide?)

    Ran AVG MBR check again and it said ok again
     
    GetShrekt, Aug 1, 2015
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

    Note: Make sure you download the correct version for your PC. Only the correct version will work.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your next reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
     
    Kestrel13!, Aug 1, 2015
    #6
  7. GetShrekt

    GetShrekt Private E-2

    Having a bit less lag and no crashes, still iexplore's pop up every few hours and audio ads every few hours ofcourse
     

    Attached Files:

    GetShrekt, Aug 1, 2015
    #7
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    The tool you just run has only done a scan so far, so nothing will have changed yet...reviewing the logs now...
     
    Kestrel13!, Aug 2, 2015
    #8
  9. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    • I'm not seeing anything. When you hear the audio ads is it when you have a browser open or not?
    • Which browser are you using when you are hearing the ads?


    Please download Combofix to your desktop. Please refer to these instructions prior to running. Attach log once done.
     
    Kestrel13!, Aug 2, 2015
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds