iexplore.exe (I did research already.. still need help)

Hey guys,

So I thought this was a software problem but it turns out to be a malware issue. I have this iexplore.exe thing. I have all of the symptoms that I have researched. What can I do to get rid of this thing!? It makes my computer soo slow!

 

also.. I have been reading about running TDSSKILLER.EXE. It will not run! Just an update. Looking forward to hearing from you guys.

 

Ok so I figured I would run a MGTools log.. see attached!

 

The version of MGtools you ran is outdated, but I am not seeing any malware in these logs.

If you would like for me to check for malware please go through this thread and attach all new updated logs: READ & RUN ME FIRST Malware Removal Guide

 

Ok, I will do what you say, but my computer is def. messed up! I also am having Google redirection problems and have tried everything in the READ section but my TDSSKILLER won't work.

I will try and get all of this done soon and update the logs.

Thank you.

 

Ok, I downloaded the new MGTOOLS and attached my log.

Thank you.

 

Can you attach the rest of the logs?

• RootRepeal
• ComboFix
• SUPERAntiSpyware
• MalwareBytes' Anti Malware

 

Ok.. I attached all logs that you needed. ComboFix took 2 hours! I don't know why, but I'm glad it finished. I have had it just freeze up on me before.

 

The instructions in the link provided request a Complete Scan when you run SUPERAntiSpyware // and not to scan Cookies. Please do this now.

 

Shouldn't have been run from here. The instructions request that you run it directly from your desktop.

MGtools.exe was supposed to be run from the root of C:

Please try to follow directions already outlined in the READ and RUN ME FIRST thread.

 

After you attach a Complete Scan log from SAS, please complete the following:

Please download MBRCheck by GeeksToGo to your desktop.
See the download links under this icon

• Double click MBRCheck.exe to run (Vista and Win7 right click and select Run as Administrator)
• It will show a Black screen with some information that will contain either the below line if no problem is found:
  • Done! Press ENTER to exit...
• Or you will see more information like below if a problem is found:
  • Found non-standard or infected MBR.
  • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
• Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
• MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
• Attach this log to your next message. (How to attach items to your post)

 

I did a complete scan for Super and MBR Check as requested. Attached are the logs.

Also, I'm sorry I just saw that you said to not check the cookies? I made the mistake and just hit complete scan. I hope that is ok.

Thank you for your help.

 

YOU HAVE AN INFECTED MASTER BOOT RECORD (MBR)!​

_________________________________________________________________​

WARNING​

MBR infections are only worsening and sometimes (rarely) make the computer unbootable after attempting to correct it. We recommend that you back up your data before hand. Then continue with the below if you wish to attempt to remove this infection:
_________________________________________________________________​

Do you have your Windows XP CD? We need it to restore a clean MBR.
If you do not have your Windows XP CD, you can create one with the Recovery Console (which is really all we need), here: Download Windows XP Recovery Console

Then see if you can boot from this CD and get into the Recovery Console. See the second section in the below link where it says "How to use the Recovery Console"

http://support.microsoft.com/kb/307654

If you can get to the command prompt of the Recovery Console, type fixmbr and hit enter. After it finishes type exit to reboot and remove the CD to allow Windows to boot normally.

If you were able to run fixmbr, rerun MBRCheck and attach a new log. Also tell me how things are working.

 

Ok, so you have officially scared me haha.

I do not have the cd anymore. So are you asking me to download this Recovery Console and burn it to a cd?

If I follow the steps that you have given me, does it erase everything on my computer? How should I back up all of the data if so?

 

Yes, but burn it as an image otherwise you will not be able to boot from it.
You can use ImgBurn do this.

No! We are only attempting to restore a clean copy of the MBR.

You should ask in Software for help with this.

 

Ok.. so I will burn what you told me to a disc as an image with the program you told me to download. Then go through the steps.

Since I won't lose any data I will back up just a few things that I def. can't afford to lose and hope all else goes well.

I will let you know how it goes.

Thank you.

 

Ok so I did everything you said, but maybe not correctly. My computer has been starting up fine recently (although just last week I couldn't get it past the blue screen).. Anyway, here is what I did...

1- I burned the .rar file (Recovery Console) as an image onto the cd from the image burner program you told me to use.
2- I restarted my computer and when it did an option for 'Windows Recovery Console' came up. I typed in the number 1 according to the link you told me to use. Is that right?
3- I typed in fixmbr
4- It said do you want to correct the MBR or something like that and I said YES
5- It said it was successful
6- I restarted my computer with the CD taken out and then ran an MBR

So that is what I did. I also ran an MBR Check just before I tried all of this so I am posting 2 logs. One before and one after.

Looking forward to hearing your response.

Thank you!

 

Looks like you did it correctly. Latest MBRCheck log is clean except looks like you plugged in another device the second time around.

Since it's been a while since your last post, please complete the following:

Now download the latest MGtools.exe to the root of your c: drive.

• Replace your existing MGtools.exe with this one.
• Now run this new MGtools.exe by double-clicking it. (Vista/7 right-click and select Run as Administrator)
• When it is finished, attach c:\MGlogs.zip to your next message. (How to attach)

 

Thank you. Sorry for such a last response.

I attached the log.

 

From Add/Remove Programs (via Control Panel), please uninstall the below:

• Java(TM) 6 Update 26

Please download Disable/Remove Windows Messenger to your desktop.

• Double-click MessengerDisable.exe to run it.
• Place checkmarks in "Uninstall Windows Messenger" and "Hide Messenger from Outlook Express"
• Click Apply
• Click Exit

Now install the current version of Sun Java from: jre-7u2-windows-i586.exe

After you complete the above, let me know what malware problems you are having (if any).