When I boot up my PC windows firewall ( Live OneCare) stops a program **exmodul32.exe from accessing the internet. No matter what I do to clear the exmodule32.exe file, it always comes back - no matter what anti-spy or virus software I seem to run.

Any help would be greatly appreciated.

Thanks.

Please post a Hijack This log so that the files associated with the virus/spyware/hijacker can be identified. You can download Hijack This at this link http://www.tomcoyote.org/hjt/ then place it into a folder of it's on, such as C:\HJT, so that back up copies can be made and not clutter your desktop or other folders and the backup copies of deleted items can be easily located if needed.

Once saved double click HijackThis.exe, and press "Scan". When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log, Ctrl-A to Select All, and copy its contents into the text editor at this forum.

Do not fix anything yet unless you know what you are doing. This is a powerful tool that can crash the computer if used improperly.

Run this free online scan from Kaspersky http://kaspersky.com/kos/english/kavwebscan.html
Click Accept
When the updates are finished downloading, click Next, Scan Settings
Under Scan using the following antivirus database:, select extended
Make sure the Scan Archives and Scan Mail Bases options are selected as well. Click OK
Click My Computer and wait for the scan to finish
Click Save Report As. Under Save as type:, select Text file. Save this log to your Desktop and post a copy of it here.

I would d/l the latest version of stinger and run it. Chances are it will pick up the worm and remove it

Hopefully my advice will help you...Please post back with your results....thanks

Hi Thanks for getting back to me. I have carried out the steps mentioned and have inserted the two doc's below:

Logfile of HijackThis v1.99.1
Scan saved at 11:44:42, on 30/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Eraser\eraser.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HHVcdV5Sys\VC5SecS.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\mpssvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpEng.exe
C:\PROGRA~1\MICROS~3\Office10\OUTLOOK.EXE
C:\Program Files\quark\QuarkXPress 6.0\QuarkXPress Passport.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\PROGRA~1\MICROS~3\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Adobe\Photoshop CS\Photoshop.exe
C:\Program Files\Microsoft Office\Office10\POWERPNT.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Intuit\QuickBooks Regular\qbw32.exe
C:\Program Files\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.savastore.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Watford Electronics
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: SavaStore - {4305B49F-01D9-46DD-9084-305D7B94008A} - "C:\Program Files\Internet Explorer\IEXPLORE.EXE" http://www.savastore.com (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.savastore.com
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/1.0.0971.20/WinSSWebAgent.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098489774421
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136131327339
O18 - Protocol: intu-res - {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - C:\Program Files\Common Files\Intuit\intu-res.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSMPSVC - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exe" -n 4 (file missing)
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - C:\Program Files\HHVcdV5Sys\VC5SecS.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe

---------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, May 30, 2006 2:39:15 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 30/05/2006
Kaspersky Anti-Virus database records: 197172
---------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

--------

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\

Scan Statistics:
Total number of scanned objects: 210399
Number of viruses found: 17
Number of infected objects: 234
Number of suspicious objects: 0
Duration of the scan process: 02:42:38

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Documents\install.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\Documents and Settings\Zest Communications\Local Settings\Application Data\Shareaza\Incomplete\b57be951f4361997489140c9663e0cd5 quickbooks pro 2006 key.zip/1.wmv Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\Zest Communications\Local Settings\Application Data\Shareaza\Incomplete\b57be951f4361997489140c9663e0cd5 quickbooks pro 2006 key.zip/quickbooks pro 2006 key/1.wmv Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\Zest Communications\Local Settings\Application Data\Shareaza\Incomplete\b57be951f4361997489140c9663e0cd5 quickbooks pro 2006 key.zip ZIP: infected - 2 skipped
C:\Documents and Settings\Zest Communications\Local Settings\Application Data\Shareaza\Incomplete\bede19bbdc8700a2e740ba5933146fc8 Quickbooks Pro 2006 Key.zip/1.wmv Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\Zest Communications\Local Settings\Application Data\Shareaza\Incomplete\bede19bbdc8700a2e740ba5933146fc8 Quickbooks Pro 2006 Key.zip/quickbooks pro 2006 key/1.wmv Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\Zest Communications\Local Settings\Application Data\Shareaza\Incomplete\bede19bbdc8700a2e740ba5933146fc8 Quickbooks Pro 2006 Key.zip ZIP: infected - 2 skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\0exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\10exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ai skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\11exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\11exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\12exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\13exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\14exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ax skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\14exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\15exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\17exmodul32.exe Infected: Trojan-Downloader.Win32.Agent.amc skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\17exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\18exmodul32.exe Infected: Trojan.Win32.Agent.qp skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\19exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\19exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\19exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\1exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\21exmodul32.exe Infected: Trojan-Downloader.Win32.Agent.amc skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\21exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\21exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\22exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\22exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\23exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\23exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\25exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\26exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\27exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\27exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\28exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\28exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\29exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ax skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\29exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\29exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\2exmodul32.exe Infected: Backdoor.Win32.IRCBot.nw skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\2exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\30exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ax skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\30exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\31exmodul32.exe Infected: Backdoor.Win32.IRCBot.nw skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\33exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\34exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\35exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\36exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\37exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\38exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\3exmodul32.exe Infected: Trojan.Win32.Agent.qp skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\3exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\40exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\41exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\42exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ai skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\42exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\43exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\43exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\44exmodul32.exe Infected: Trojan.Win32.Agent.qp skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\44exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\45exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\46exmodul32.exe Infected: Trojan.Win32.Agent.qp skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\47exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\49exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\4exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\4exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\50exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ax skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\51exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\51exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\52exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\53exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ai skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\53exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\54exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\56exmodul32.exe Infected: Trojan-Downloader.Win32.Agent.amc skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\56exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\58exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ai skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\58exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\5exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\5exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\60exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.as skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\60exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\61exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ax skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\62exmodul32.exe Infected: Trojan-Downloader.Win32.Agent.amc skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\62exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\63exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\66exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\67exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ax skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\67exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\68exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\68exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\69exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\69exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\70exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\70exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\72exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\73exmodul32.exe Infected: Trojan-Downloader.Win32.Agent.amc skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\73exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\73exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\74exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\75exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ax skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\75exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\77exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\78exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\79exmodul32.exe Infected: Trojan.Win32.Agent.qp skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\7exmodul32.exe Infected: Trojan.Win32.Agent.qp skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\80exmodul32.exe Infected: Backdoor.Win32.IRCBot.nw skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\80exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\80exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\81exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.as skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\82exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\82exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\83exmodul32.exe Infected: Trojan.Win32.Agent.qp skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\83exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\83exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\84exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ax skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\84exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\84exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\86exmodul32.exe Infected: Backdoor.Win32.IRCBot.nw skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\86exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\87exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\88exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.as skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\88exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\89exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\89exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\8exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\90exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\91exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\92exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\92exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\94exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\95exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\97exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\97exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\98exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.be skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\98exmscfgl.exe Infected: Trojan-Dropper.Win32.Agent.ans skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\98exssd32a.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\99exmodul32.exe Infected: Trojan-Proxy.Win32.Horst.ai skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\install.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\Documents and Settings\Zest Communications\Local Settings\Temp\tmp1.tmp Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\Documents and Settings\Zest Communications\My Documents\Downloads\IsoBuster.v1.6.Final.All.Languages.Incl.Keygen-ROR.zip/keygen.exe Infected: Trojan-Clicker.Win32.NoName.a skipped
C:\Documents and Settings\Zest Communications\My Documents\Downloads\IsoBuster.v1.6.Final.All.Languages.Incl.Keygen-ROR.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Zest Communications\My Documents\Downloads\Winimage 6.1, Cdmage, Winiso 5.3, Ultraiso E Isobuster.zip/IsoBuster.v1.6.Final.All.Languages.Incl.Keygen-ROR.zip/keygen.exe Infected: Trojan-Clicker.Win32.NoName.a skipped
C:\Documents and Settings\Zest Communications\My Documents\Downloads\Winimage 6.1, Cdmage, Winiso 5.3, Ultraiso E Isobuster.zip/IsoBuster.v1.6.Final.All.Languages.Incl.Keygen-ROR.zip Infected: Trojan-Clicker.Win32.NoName.a skipped
C:\Documents and Settings\Zest Communications\My Documents\Downloads\Winimage 6.1, Cdmage, Winiso 5.3, Ultraiso E Isobuster.zip ZIP: infected - 2 skipped
C:\Program Files\Netscape\Netscape Browser\NSUninst.exe/data0004 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Program Files\Netscape\Netscape Browser\NSUninst.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP144\A0024576.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP155\A0025718.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP155\A0026490.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP155\A0026498.exe Infected: Trojan-Downloader.Win32.Agent.aht skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP155\A0027490.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP155\A0028490.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP155\A0029490.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP156\A0029499.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP156\A0029643.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP157\A0029706.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP160\A0029791.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP161\A0029824.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP162\A0029848.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP162\A0030849.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP163\A0030852.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP165\A0030867.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP165\A0030887.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP166\A0030889.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP166\A0030971.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP168\A0030984.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP168\A0032039.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP171\A0032113.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP171\A0032182.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP173\A0032186.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP174\A0032193.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP175\A0032300.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP175\A0032301.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP176\A0032305.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP176\A0032313.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP177\A0032315.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP177\A0032319.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP178\A0032321.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP178\A0032324.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP179\A0032328.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP179\A0032332.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP180\A0032341.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP181\A0032345.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP182\A0032346.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP183\A0032356.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP184\A0032385.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP185\A0032393.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP186\A0032396.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP186\A0032404.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP187\A0032406.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP187\A0032413.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP188\A0032415.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP188\A0032477.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP189\A0032480.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP190\A0032523.exe Infected: Backdoor.Win32.Medbot.ag skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP191\A0032543.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP192\A0032558.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP192\A0032569.exe Infected: Backdoor.Win32.Medbot.ag skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP193\A0032571.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP193\A0032578.exe Infected: Backdoor.Win32.Medbot.ag skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP194\A0032581.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP196\A0032606.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP197\A0032626.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP199\A0033160.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP199\A0033179.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP199\A0033186.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP200\A0033196.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP201\A0033205.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP201\A0033213.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP202\A0033215.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP203\A0033217.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP203\A0033219.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP204\A0033227.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP205\A0033280.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP205\A0033282.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP206\A0033297.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP208\A0033306.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP210\A0033323.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP210\A0033327.exe Infected: Trojan-Proxy.Win32.Horst.av skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP211\A0033329.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP218\A0033444.dll Infected: not-a-virus:AdWare.Win32.MyBird.a skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035843.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035844.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035845.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035846.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035847.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035848.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035849.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035850.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035851.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\System Volume Information\_restore{094ED2EF-B4C2-48FA-B681-1FACB529B5DF}\RP222\A0035852.exe Infected: Trojan-Downloader.Win32.Agent.ajd skipped
C:\WINDOWS\system\smss.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\WINDOWS\system32\nvsvcd.exe Infected: Trojan-Proxy.Win32.Horst.aj skipped
C:\WINDOWS\system32\spool\drivers\install.exe Infected: Trojan-Proxy.Win32.Horst.av skipped

Scan process completed.

Please download ATF-Cleaner to your desktop from this link
http://www.atribune.org/content/view/19/2/ We will need it later in safe mode

Download Ewido Security Suite then set it up this way Ewido Setup Instructions We will need this later in safe mode

Be sure to update Ewide.

Download killbox to your desktop from this link Killbox We will need it later in safe mode

Next, please reboot your computer in Safe Mode by doing the following :

Restart your computer

After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;

Instead of Windows loading as normal, a menu with options should appear;

Select the first option, to run Windows in Safe Mode, then press "Enter".

Choose your usual account.

Run Hijack This from safe mode, close all windows except ZHT, place a check to the left of the following items and press "fis checked":

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present (delete unless you set this)

Exit Hijack This

Run Ewido from safe mode and let it delete all that it finds.

Run ATF-Cleaner from safe mode.Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Run Killbox from ssafe mode. Double-click on Killbox.exe to run it.
Put a tick by Standard File Kill.
In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time.

C:\Documents and Settings\All Users\Documents\install.exe

C:\WINDOWS\system\smss.exe

C:\WINDOWS\system32\nvsvcd.exe

C:\WINDOWS\system32\spool\drivers\install.exe

Click on the button that has the red circle with the X in the middle after you enter each file.
It will ask for confimation to delete the file.
Click Yes.
Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.

Next, empty the restore folder. Go to start>control panel>system>system restore tab>check the box to the left of "turn off systen restore">apply (take a few minutes)>ok. Go back and un check the box>apply>ok.

Create a new restore point. To create a new restore point go Start>Run>type "msconfig" without the quotes>ok>Launch System Restore>Tick the circle beside "create a restore point">next>name it anything you wish>Create>home>restart the computer.

Post a new HT log and a new Kaspersky scan please.