Hi Confused1971,
Let me explain, why DavidR mentions this. First before you do anything to cure an infection, you have to follow some steps in a particular sequence and step by step.
1. Establish if you are infected or not. Is this a real time genuine infection or a false positive,
there is a sticky in this forum where we explain how to best go about this.
2. See what the infection is all about and that with all the evidence, so run hijackthis or other scanners but do nothing with these yet,
3. We have established what we have at hand and where it resides, then move to the chest, and the end option is to delete but better to fix. It could well be that a hidden infection vector process will re-install the infection on reboot or some system files were not taken out, or something in the registry could revive the malware circus anew.
So when advice is given follow these instructions meticulously, because the helpers have your best interest at heart and will take care not to harm your precious OS nor data,
polonus
Running each file through jotti gave me these results:
1) kernel32.dll in C:\WINDOWS\System32 Moonlight_Engine_1236.4.0.99.rar (MD5: 97431a2966xw386214d666f754c9142c) picked up by:
CPsecure: Malware name: Troj.W32.Obfuscated.gen
Dr.Web: Malware name: Win32.HLLW.Viking.34
Ikarus: Malware name: Backdoor.Bifrose
Quick Heal: Malware name: Trojan.agent.ATV
Sophos Antivirus: Nal/Inet-Fam
2) wnsock.dll in C:\WINDOWS\System32 setup_galil.exe (MD5: 940afcccd771dd9963acb51c8279114)
A-Squared: Malware name: Trojan-Downloader.win32.Banload!IK
AntiVir: Malware name: DR/Delphi.Gen
BidDefender: Malware name: Gen:Trojan.Heur.9083C6969
F-Prot Antivirus: Malware name: W32/Trojan-juke-based!Maximus
Ikarus: Malware name: Trojan-Downloader.Win32.Banload
Sophos Antivirus: Malware name: Mal/Behav-103
VirusBuster: Malware name: Trojan.Crypt.Gen
3) wsock32.dll in C:\WINDOWS\System32 Project1.exe (MD5: 3e91f2b68b94e7cbbec82c8c64b2d6cc)
A-Squared: Malware name: Trojan.Banker.VB!IK
Ikarus: Malware name: Trojan.Banker.VB
Does this help?