Recently I have encountered Malware originating from Belgium. From a fresh boot of my Windows XP machine I get a delay on my Windows Firewall starting with a warning message. Once I start IE a short time later AVG catches a Trojan virus trying to load as svchost.exe. After repeated cleaning and scanning with AVG and Malwarebytes the problem persists. Running CPorts on the machine showed me a message being sent to one of the following: 18.104.22.168-107 (i106.panamamails.com) and 22.214.171.124. Shortly after one of these messages were sent I would receive another notification of virus activity from AVG on the computer. I added the following two entries into my computer at the MSDOS prompt: C:\>route add 126.96.36.199 mask 255.255.255.0 192.168.111.66 -p C:\>route add 188.8.131.52 mask 255.255.255.0 192.168.111.66 -p Note: 192.168.111.66 is an unused IP address on my subnet. This stopped the trojan virus activity by directing its send messages to a black hole. I sent an email to 184.108.40.206 's ISP, email@example.com. This will suspend the virus activity while you continue to clean your machine.