How I got rid of the IEXPLORE.exe malware

I actually wanted to write this message as a reply to any of the currently existing threads about this malicious new pest that so many others are suffering from, but for some reason I get a message telling me I don't have sufficient rights to reply to those threads.

Well anyway, I had the same symptoms as everyone else:
- IEXPLORE.exe starts in the background as soon as I boot into Windows XP
- I get random sound-ads playing in the background. These ads stop when I open the task manager and stop the IEXPLORE.exe process. However, the IEXPLORE.exe process re-appears just seconds later.
- I hear occasional clicking sounds in the background (the sound is that of clicking a link in Internet Explorer)
- My wave control is muted every few minutes, sometimes seconds. I'm guessing this is done so I don't hear the clicking sounds made in the background
- Occasionally an Internet Explorer window would open with an ad ("Someone has a crush on you, click here to find out who", "Keep track of your friend's position. Enter their mobile phone numbers here and click search", "Click here to test how good you are in bed", etc...)


Like many others, the problem was not detected by my Anti Virus program (Avira AntiVir), and the problem was not solved using:
- Spybot Search & Destroy
- SUPERAntiSpyware
- Combofix
- Windows Malware scan
- Malwarebytes' Anti-Malware


Through google search I eventually found my way to this forum, and what eventually got rid of the malware was the advice provided by TimW in THIS post.

I had rebooted after every step and every Anti-Malware software I had used, so I can say with almost certainty that what eventually got rid of the problem was the Bootkit Remover version 1.0.0.3.

This does NOT mean that should skip the steps prior to that. I know it may be tempting to skip all other steps, especially since this particular malware is probably the most annoying and nerve-wrecking malware you have come across and you want to get rid of it as soon as possible (at least that's how I felt about it), but really... the other steps are mentioned for a reason.


A little Warning: Using the Bootkit Remover is not 100% risk-free, and in case you use a boot-loader (such as GNU Grub) because you have several operating systems running on your computer, some (fixable) problems might occur.

A little advice: If you use Mozilla Firefox instead of Internet Explorer, then you might want to consider blocking Internet Explorer from opening any content. To do this, just go to your Internet Options in Internet Explorer and select that you want to use a proxy. As proxy, just enter 0.0.0.0 + port 80. This will not solve your problem, and it will not stop your issues concerning the volume control, but at least it stops Internet Explorer from opening sites in the background. You will still be able to browse with Firefox, but maybe not with Chrome.


Thank you to TimW and the other people helping in this forum. And sorry for starting a new thread, but I was eager to share my experience about getting rid of this thing.

Greetings,
ct