Hi, it seems i am infected with something that opens internet explorer popups in the background without me being able to see them. The process is called iexplore.exe i think. I saw another thread with this problem and followed it. I have already scanned with superanti spyware and malwarebytes.
The thread i read told me to download bootkit remover so i did and this is what came up
Bootkit Remover
(c) 2009 eSage Lab

Program version:
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: 053cceb28da3cbbc8bf81f9870cc697a

Size Device Name MBR Status
37 GB \\.\PhysicalDrive0 Unknown boot code

Unknown boot code has been found on some of your physical disks.
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>

Press any key to quit...

I then made a command in notepad and saved it as a .bat file, ran it and it seems to have fixed the physicaldrive0.
Do you think that this will have removed the virus for good?

7 Years
Discussion Span
Last Post by jholland1964

Update and rerun Malwarebytes' Anti-Malware. Do the full scan. Have it remove anything found. REBOOT the computer, VERY IMPORTANT.

Also do the following:
Please Run the ESET Online Scanner and attach the ScanLog with your post for assistance.
You will need to use Internet Explorer to to complete this scan.
You will need to temporarily Disable your current Anti-virus program.

Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.tx

Download and run a System Scan with HiJackThis version 2.0.4. Save the log.

Post back here with all logs, even if they show clean.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.