Iexplorer.exe playing random music virus, spyware

I have a windows xp machine infected with some kind of virus.
at random times, I see iexplore.exe running with a long cmd prompt under the properties playing random music, or shows, etc....

I am running malwarebytes antimalware, supespyware, and I ran autoruns,exe and process explorer.exe from sys internals, and still can't put my finger on it.  Any help would be much appreciated.  I checked msconfig and there's nothing there either. it's possibly in the registry, but not sure exactly where to look at?  Also ran hijackthis, but nothing out of the ordinary was in there.
afactsNetwork EngineerAsked:
Who is Participating?
rpggamergirlConnect With a Mentor Commented:
Try ComboFix and post the log here.... you can also try TDSSKiller.

1.  Please download ComboFix by sUBs: 

STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Do not mouse-click combofix's window while it is running. That may cause it to stall.

ComboFix tutorial:

2. TDSSKiller: 
John HurstConnect With a Mentor Business Consultant (Owner)Commented:
Take a look in the hosts file (c:\windows\system32\drivers\etc and see if there are any entries in there besides comments (#). If so, remove.

The problem with this suggestion, however, is that the activity is random according to you.

See if you have any iexplorer.exe processes (not iexplore.exe) and see if those can be removed.

Unhappily, with all you have done, deeply embedded malware and rootkits can only be truly exterminated with a complete rebuild of the operating system, so be prepared for that. ... Thinkpads_User
afactsNetwork EngineerAuthor Commented:
nothing in the hosts file, just the localhost IP.
still scanning using different software, so I'll see tomorrow what happens.
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

afactsNetwork EngineerAuthor Commented:
i will give that a try
We also need to look at the combofix log because CF doesn't always auto-fix all bad files, that's why it has its script function to be used for any leftover files/reg entries.
afactsNetwork EngineerAuthor Commented:
Thanks everyone for your help, the combofix just froze on me, so I had no choice besides loosing time, and I've reformated the PC and am working on rebuilding it.  It will go fairly quick, as it's a quad core with 4 GB ram.

Thanks againf or your help!
John HurstBusiness Consultant (Owner)Commented:
Thanks for the update. I was pleased to assist. ... Thinkpads_User
Sometimes CF may looked like it hangs but as long as the disk's light is showing activity, CF is still going.
Anyway, sorry it didn't work.

Awesome PC btw, :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.