I've been trying to assist a relative of mine via phone over the last 24 hours to rid his pc (running XP) of what I worked out to be a 'bug' relating to iexplorer.exe. This process is appearing x2 in Task Manager, and any efforts to end it results in it starting back up again after a few seconds. Also, his system sound cuts out, and he gets bombarded with Internet Explorer popups, even though he uses Firefox as his browser.
This is what I've got him to do thus far:
Avast! Antivirus scan - No infected files reported.
MalwareBytes Anti Malware scan - No infected files reported.
SuperAnti Spyware scan - No infected files reported.
Simply Super Software Trojan Remover scan - No infected files reported.
ComboFix - "MBR is infected with the Whistler Bootkit !!"
I tried to use the following thread as a guide, but hit a wall when I reached the section on using the Microsoft Windows Recovery Console to 'fixmbr'. http://www.bleepingcomputer.com/forums/t/331577/infected-with-bootkit-whistler/
My relative told me a warning box appeared saying something to the effect of 'Proceed at your own risk. If you screw this up, it could have catastrophic consequences', at which point I advised him to cancel and let me seek advice from the BleepingComputer community.
So, How do we proceed from here?
I can post a copy of the ComboFix log file if required.
Any assistance would be very much appreciated.
EDIT: Apologies for having started my thread in the wrong section. Thanks to the mods for moving it accordingly.
Edited by alias10, 25 July 2010 - 08:15 AM.
Moved from XP to Am I Infected forum ~ Hamluis.