Can't get rid of *exhmunmlcl*.exe

My zonealarm is popping up all the time with a file name exhmunmlcl.exe (replace the * for random 2 digits numbers). I have already scanned the pc with boot schedule and also with spybot, but nothing worked out!

What version of avast and VPS are you using, current is program, 4.8.1229 and VPS 080807-0 ?

Also see this topic, http://forum.avast.com/index.php?topic=37247.0.

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
SUPERantispyware On-Demand only in free version.

Also MalwareBytes Anti-Malware freeware version http://www.softpedia.com/get/Antivirus/Malwarebytes-Anti-Malware.shtml

I suggest:

  1. Disable System Restore and then reenable it again.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

G’Day Folks - read my post in this forum http://forum.bitdefender.com/index.php?showtopic=7040

and reference to the 2nd post I made -
"When I loaded “DrWeb CureIT!” it found a " comrepl.exe file in the c:\windows\system32 folder and identified it as " Trojan.DownLoad.3206 " and after deleting it and rebooting the Laptop, the popups in relation to the TODO, etc. have stopped … "

This fixed the problem on one of my Customers Laptops.

Regards
pcbugfixer ;D

If you have had a downloader, infection, there is every likelihood that their firewall doesn’t provide outbound protection as that should in theory have stopped the outbound requests to download more malware.