there was no need to close my previous thread. you could just remove the log.
Anyways can anyone help me remove this Medbot.BD trojan.

It creates setup.exe and autorun.inf on all partitions. NOD detects it all the times and removes setup.exe and i remove autorun.inf manually. but it keeps comming. Here are my running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\GAMING~1\MouseElf.EXE
C:\PROGRA~1\KYE\ERGOME~1\SyTray.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Neobee Speeedy Internet Accelerator\speeedycore.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe

I don't see anything suspicious here. Any assistance would help.
thank you.

Last post in your previous question is here (http://www.wilderssecurity.com/showpost.php?p=823287&postcount=3).-{ Quote: "You can send the log to support @ eset.com along with a link to this thread. I had a brief look at it before it was removed, and didn't see any suspicious file listed." }-Cheers :)

Check the file C:\WINDOWS\System32\smss.exe for infection on VIRUSTOTAL (http://www.virustotal.com/en/indexf.html)

Check if there is any other smss.exe on your system and scan those files on virustotal.

I have this problem as well - I have looked everywhere on the net but can't find anyway to fix it. This is getting to be a real hassle - especially when I am playing games and the Nod32 warning box kicks me back to the desktop....

Is there anyway that Nod can deal with this Medbot trojan, or should i try another antivirus application...

Thanks

NOD32 detects and removes Medbot. If there's a problem deleting it, try booting to safe mode first. Another possibility is that something keeps dropping the malicious file. In such case I'd recommend that you contact ESET's support for further instructions. NOD32 is usually one of the few AVs to detect Medbot proactively:

Original file name: nvsvcd.exe
Already detected as:
Trojan-Proxy.Win32.Horst.av (Kaspersky)
a variant of Win32/Medbot.BK (NOD32v2)

Hi, I aldso have medbot trojjan and have not been able to clean it. Nod 32 does detect it and cleans the setup.exe, the autorun.inf is deleted manually both in the shared folder, still the files keep appearing and infecting my LAN Pc's.

Any solution found.

Regards,

Thor Hedderich

Since the poster also made their own thread about this, which has been replied to as well, the extra posts from this thread have been moved to that one:

http://www.wilderssecurity.com/showthread.php?t=173776