got this trojan in a file called mscmsr.dll - don't know where itcame from...

  • Thread starter Thread starter David De
  • Start date Start date
D

David De

I am sorry I don't know the name of the trojan, just the file it seems
to have infected. My anti-vir (AVIRA) software has detected it a few
times and I delete it, only to find it reoccuring again and again.

I am dealing with this issue of a trojan that my Anti-Vir software
continues to inform me about when I run any spyware programs like
Lavasoft or Spybot. I delete the file with the Anti-Vir, but it seems
to keep popping up. I think this is a new one because the google
search I did on it says 'March 04, 2008'...lucky me. So what do I do
about it? Right now I am running Anti-Vir full system check in Safe
mode - taking forever 2 hours already and only at 10% of a 80gig hard
drive. The files is located in the Windows/system32 folder.
Anybody else have this trojan? Any suggestions? I can't do a system
restore because I have been instead backing up my hard drive about
once a month (and it has been close to a month since the last backup,
so I would lose a month of work).
 
Re: got this trojan in a file called mscmsr.dll - don't know where it came from...

From: "David De"

| I am sorry I don't know the name of the trojan, just the file it seems
| to have infected. My anti-vir (AVIRA) software has detected it a few
| times and I delete it, only to find it reoccuring again and again.
|
| I am dealing with this issue of a trojan that my Anti-Vir software
| continues to inform me about when I run any spyware programs like
| Lavasoft or Spybot. I delete the file with the Anti-Vir, but it seems
| to keep popping up. I think this is a new one because the google
| search I did on it says 'March 04, 2008'...lucky me. So what do I do
| about it? Right now I am running Anti-Vir full system check in Safe
| mode - taking forever 2 hours already and only at 10% of a 80gig hard
| drive. The files is located in the Windows/system32 folder.
| Anybody else have this trojan? Any suggestions? I can't do a system
| restore because I have been instead backing up my hard drive about
| once a month (and it has been close to a month since the last backup,
| so I would lose a month of work).

OK, now that your here, we can discontine the other thread.

Please check your Avira AntiVir logs. The name of the Trojan will be helpful.

Also you noted that you can delete the file but it keeps coming back. It obviously has a
peer file loaded and keeping the infection going.

However if you can delete the file, c:\Windows\system32\mscmsr.dll, please submit a sample
to Virus Total. You may have to disable AntiVir temporarily to submit the file.

http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@virustotal.com?subject=SCAN

When you get the report, please post back the exact results.



--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
On Mar 6, 8:43 pm, "David H. Lipman"
wrote:
> From: "David De"
>
> | I am sorry I don't know the name of the trojan, just the file it seems
> | to have infected. My anti-vir (AVIRA) software has detected it a few
> | times and I delete it, only to find it reoccuring again and again.
> |
> | I am dealing with this issue of a trojan that my Anti-Vir software
> | continues to inform me about when I run any spyware programs like
> | Lavasoft or Spybot. I delete the file with the Anti-Vir, but it seems
> | to keep popping up. I think this is a new one because the google
> | search I did on it says 'March 04, 2008'...lucky me. So what do I do
> | about it? Right now I am running Anti-Vir full system check in Safe
> | mode - taking forever 2 hours already and only at 10% of a 80gig hard
> | drive. The files is located in the Windows/system32 folder.
> | Anybody else have this trojan? Any suggestions? I can't do a system
> | restore because I have been instead backing up my hard drive about
> | once a month (and it has been close to a month since the last backup,
> | so I would lose a month of work).
>
> OK, now that your here, we can discontine the other thread.
>
> Please check your Avira AntiVir logs. The name of the Trojan will be helpful.
>
> Also you noted that you can delete the file but it keeps coming back. It obviously has a
> peer file loaded and keeping the infection going.
>
> However if you can delete the file, c:Windowssystem32mscmsr.dll, please submit a sample
> to Virus Total. You may have to disable AntiVir temporarily to submit the file.
Alright, after 7 hours of Avira-Anti Vir, it looks like - TR/
Dldr.Agent.kdt - the anti virus program asked me what to do with this
trojan and I said delete it. I haven't had a chance to turn on the
computer since it found that one.
I am not sure where to get the log though, but I will look today.

>
> http://www.virustotal.com/flash/index_en.html
> The submission will then be tested against many different AV vendor's scanners.
> That will give you an idea what it is and who recognizes it. In addition, unless told
> otherwise, Virus Total will provide the sample to all participating vendors.
>
> You can also submit a suspect, one at a time, via the following email URL...
> mailto:s...@virustotal.com?subject=SCAN
>
> When you get the report, please post back the exact results.
>
> --
> Davehttp://www.claymania.com/removal-trojan-adware.html
> Multi-AV -http://www.pctipp.ch/downloads/dl/35905.asp
 
Re: got this trojan in a file called mscmsr.dll - don't know where it came from...

From: "David De"


| Alright, after 7 hours of Avira-Anti Vir, it looks like - TR/
| Dldr.Agent.kdt - the anti virus program asked me what to do with this
| trojan and I said delete it. I haven't had a chance to turn on the
| computer since it found that one.
| I am not sure where to get the log though, but I will look today.
|

I could not find TR/Dldr.Agent.kdt in the Avira library :-(


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
Here is the log file :


AntiVir PersonalEdition Classic
Report file date: Thursday, March 06, 2008 19:09

Scanning for 1136109 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 1) [5.1.2600]
Username: Administrator
Computer name:

Version information:
BUILD.DAT : 270 15603 Bytes 9/19/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 9/5/2007 19:47:45
AVSCAN.DLL : 7.0.6.0 49192 Bytes 9/5/2007 19:47:45
LUKE.DLL : 7.0.5.3 147496 Bytes 9/5/2007 19:47:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 9/5/2007 19:47:47
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 20:32:52
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 12/14/2007 04:49:39
ANTIVIR2.VDF : 7.0.2.181 1993728 Bytes 2/24/2008 04:15:23
ANTIVIR3.VDF : 7.0.2.245 216576 Bytes 3/6/2008 21:20:15
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 3/1/2008 14:53:51
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2/26/2007 15:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 9/5/2007 19:47:45
AVREP.DLL : 7.0.0.1 155688 Bytes 4/16/2007 18:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 1/15/2008 22:19:46
AVREG.DLL : 7.0.1.6 30760 Bytes 9/5/2007 19:47:45
AVARKT.DLL : 1.0.0.20 278568 Bytes 9/5/2007 19:47:40
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 9/5/2007 19:47:43
NETNT.DLL : 7.0.0.0 7720 Bytes 3/8/2007 16:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 9/5/2007 19:47:35
RCTEXT.DLL : 7.0.62.0 86056 Bytes 9/5/2007 19:47:36
SQLITE3.DLL : 3.3.17.1 339968 Bytes 9/5/2007 19:47:47

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir
personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: H:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Thursday, March 06, 2008 19:09

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'H:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '34' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\David\Local Settings\Temporary Internet Files
\Content.IE5\SA7E9WEY\appD[1].cab
[0] Archive type: CAB (Microsoft)
--> inapp5.exe
[DETECTION] Is the Trojan horse TR/Agent.AHDK.1
[INFO] The file was deleted!
C:\Documents and Settings\David\Local Settings\Temporary Internet Files
\Content.IE5\XPSAKWO4\appB[1].cab
[0] Archive type: CAB (Microsoft)
--> inapp4.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.Exo.2
[INFO] The file was deleted!
C:\WINDOWS\system32\mscmsr.dll
[DETECTION] Is the Trojan horse TR/Dldr.Agent.kdt
[INFO] The file was deleted!
Begin scan in 'H:\'
H:\backup of all C\Program Files\movie magic screenwriter\netpub.exe
[DETECTION] Contains a detection pattern of the (dangerous)
backdoor program BDS/Hupigon.Gen Backdoor server programs
[INFO] The file was deleted!


End of the scan: Friday, March 07, 2008 01:57
Used time: 6:48:08 min

The scan has been canceled!

13718 Scanning directories
556411 Files were scanned
4 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
4 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
556407 Files not concerned
5195 Archives were scanned
1 Warnings
89 Notes
 
Re: got this trojan in a file called mscmsr.dll - don't know where it came from...

From: "David De"

| Here is the log file :
|
| C:\Documents and Settings\David\Local Settings\Temporary Internet Files
| \Content.IE5\SA7E9WEY\appD[1].cab
| [0] Archive type: CAB (Microsoft)
| --> inapp5.exe
| [DETECTION] Is the Trojan horse TR/Agent.AHDK.1
| C:\Documents and Settings\David\Local Settings\Temporary Internet Files
| \Content.IE5\XPSAKWO4\appB[1].cab
| [0] Archive type: CAB (Microsoft)
| --> inapp4.exe
| [DETECTION] Is the Trojan horse TR/Drop.Agent.Exo.2
| [INFO] The file was deleted!
| C:\WINDOWS\system32\mscmsr.dll
| [DETECTION] Is the Trojan horse TR/Dldr.Agent.kdt
| [INFO] The file was deleted!
| Begin scan in 'H:\'
| H:\backup of all C\Program Files\movie magic screenwriter\netpub.exe
| [DETECTION] Contains a detection pattern of the (dangerous)
| backdoor program BDS/Hupigon.Gen Backdoor server programs
| [INFO] The file was deleted!
|

Have Dave:

Besides the Trojans, you have BDS/Hupigon.Gen (assuming it isn't a False Positive).

Not Good :-(


Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/th.../HJTInstall.exe

Create a HJT log file and post it in one of the below locations...
Include the Avira log you provided.

{ Please - Do NOT post the HJT Log here ! }

Forums where you can get expert advice for HiJack This! (HJT) logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.malwarebytes.org/forums/index.php?showforum=7
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13



--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 

> Have Dave:
>
> Besides the Trojans, you have BDS/Hupigon.Gen (assuming it isn't a False Positive).
>
> Not Good :-(
>
> Download and execute HiJack This! (HJT)http://www.trendsecure.com/portal/en-US/th.../HJTInstall.exe


Tried to download, but when running, I get this error "The NTVDM CPU
has encountered an Illegal Instruction. CS0dd5 IP:0255 OP:65 63 75 72
65 Choose Close to terminate the application. I will have to try in
SAFE mode to see what happens.

>
> Create a HJT log file and post it in one of the below locations...
> Include the Avira log you provided.
>
> { Please - Do NOT post the HJT Log here ! }
>
> Forums where you can get expert advice for HiJack This! (HJT) logs.
>
> NOTE: Registration is REQUIRED in any of the below before posting a log
>
> Suggested primary:http://www.thespykiller.co.uk/index.php?board=3.0

For this board, where do I post the hijack log?


>
> Suggested secondary:http://www.bleepingcomputer.com/forums/for...om/forum67.html
>
> Suggested tertiary:http://www.dslreports.com/forum/cleanuphtt...isplay.php?f=13
>
> --
> Davehttp://www.claymania.com/removal-trojan-adware.html
> Multi-AV -http://www.pctipp.ch/downloads/dl/35905.asp
 
Re: got this trojan in a file called mscmsr.dll - don't know where it came from...

David De wrote:

> For this board, where do I post the hijack log?

You don't. David was very clear and I'll repeat it: do not post HijackThis
logs to the Microsoft public newsgroups. It takes a great deal of time and
expertise to analyze HJT logs and there are privacy issues. Instead, choose
one of the specialty forums listed below, register, read their posting FAQ,
and post your HJT log there. Not here.

http://aumha.org/downloads/hijackthis.zip
http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Merijn
http://www.bleepingcomputer.com/forums/ind...showtutorial=42 - another
tutorial
http://aumha.net/ - Click on the HijackThis forum. Read the announcement and
the stickies *first*.
http://www.atribune.org/forums/index.php?showforum=9
http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://spywarewarrior.com/viewforum.php?f=5

Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!
 
Re: got this trojan in a file called mscmsr.dll - don't know where it came from...

Privacy issue's? Not true.


--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com, David
H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz, Beauregard T.
Shagnasty,Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell




"Malke" wrote in message
news:OdX5B6VgIHA.4684@TK2MSFTNGP06.phx.gbl...
> David De wrote:
>
>> For this board, where do I post the hijack log?
>
> You don't. David was very clear and I'll repeat it: do not post HijackThis
> logs to the Microsoft public newsgroups. It takes a great deal of time and
> expertise to analyze HJT logs and there are privacy issues. Instead,
> choose
> one of the specialty forums listed below, register, read their posting
> FAQ,
> and post your HJT log there. Not here.
>
> http://aumha.org/downloads/hijackthis.zip
> http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Merijn
> http://www.bleepingcomputer.com/forums/ind...showtutorial=42 - another
> tutorial
> http://aumha.net/ - Click on the HijackThis forum. Read the announcement
> and
> the stickies *first*.
> http://www.atribune.org/forums/index.php?showforum=9
> http://aumha.net/viewforum.php?f=30
> http://www.bleepingcomputer.com/forums/forum22.html
> http://castlecops.com/forum67.html
> http://www.dslreports.com/forum/cleanup
> http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
> http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html
> http://gladiator-antivirus.com/forum/index.php?showforum=170
> http://spywarewarrior.com/viewforum.php?f=5
>
> Malke
> --
> MS-MVP
> Elephant Boy Computers
> www.elephantboycomputers.com
> Don't Panic!
 

> > David De wrote:
>
> >> For this board, where do I post the hijack log?

I meant the spykiller group, not this one - I should have been
clearer.

After posting there, I have done the combofix and updated the log file
for HJT on there - just waiting for a response
http://thespykiller.co.uk/index.php?topic=6134.0
I am not sure if the combofix gets rid of the virus or not, or is it
just a diagnostic tool?


>
> > You don't. David was very clear and I'll repeat it: do not post HijackThis
> > logs to the Microsoft public newsgroups. It takes a great deal of time and
> > expertise to analyze HJT logs and there are privacy issues. Instead,
> > choose
> > one of the specialty forums listed below, register, read their posting
> > FAQ,
> > and post your HJT log there. Not here.
>
 
Re: got this trojan in a file called mscmsr.dll - don't know where it came from...

From: "David De"


|
| I meant the spykiller group, not this one - I should have been
| clearer.
|
| After posting there, I have done the combofix and updated the log file
| for HJT on there - just waiting for a response
| http://thespykiller.co.uk/index.php?topic=6134.0
| I am not sure if the combofix gets rid of the virus or not, or is it
| just a diagnostic tool?
|

You are in good hands with Derek. I sent him a Personal Message thanking him for assisting
you.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
Very kind of you. Thanks for the followup.
> |
>
> You are in good hands with Derek. I sent him a Personal Message thanking him for assisting
> you.
>
> --
> Davehttp://www.claymania.com/removal-trojan-adware.html
> Multi-AV -http://www.pctipp.ch/downloads/dl/35905.asp
 
Re: got this trojan in a file called mscmsr.dll - don't know where

I use Norton 360. It cost but is well worth it. They will help you rid you
computer of a virus.

"David H. Lipman" wrote:

> From: "David De"
>
> | I am sorry I don't know the name of the trojan, just the file it seems
> | to have infected. My anti-vir (AVIRA) software has detected it a few
> | times and I delete it, only to find it reoccuring again and again.
> |
> | I am dealing with this issue of a trojan that my Anti-Vir software
> | continues to inform me about when I run any spyware programs like
> | Lavasoft or Spybot. I delete the file with the Anti-Vir, but it seems
> | to keep popping up. I think this is a new one because the google
> | search I did on it says 'March 04, 2008'...lucky me. So what do I do
> | about it? Right now I am running Anti-Vir full system check in Safe
> | mode - taking forever 2 hours already and only at 10% of a 80gig hard
> | drive. The files is located in the Windows/system32 folder.
> | Anybody else have this trojan? Any suggestions? I can't do a system
> | restore because I have been instead backing up my hard drive about
> | once a month (and it has been close to a month since the last backup,
> | so I would lose a month of work).
>
> OK, now that your here, we can discontine the other thread.
>
> Please check your Avira AntiVir logs. The name of the Trojan will be helpful.
>
> Also you noted that you can delete the file but it keeps coming back. It obviously has a
> peer file loaded and keeping the infection going.
>
> However if you can delete the file, c:Windowssystem32mscmsr.dll, please submit a sample
> to Virus Total. You may have to disable AntiVir temporarily to submit the file.
>
> http://www.virustotal.com/flash/index_en.html
> The submission will then be tested against many different AV vendor's scanners.
> That will give you an idea what it is and who recognizes it. In addition, unless told
> otherwise, Virus Total will provide the sample to all participating vendors.
>
> You can also submit a suspect, one at a time, via the following email URL...
> mailto:scan@virustotal.com?subject=SCAN
>
> When you get the report, please post back the exact results.
>
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>
>
 
Re: got this trojan in a file called mscmsr.dll - don't know where

I've got the same virus now. It's name is Win32:Agent-TVS and it's in
file mscmsr.dll
 
Re: got this trojan in a file called mscmsr.dll - don't know where

From:

| I've got the same virus now. It's name is Win32:Agent-TVS and it's in
| file mscmsr.dll



1. Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/th.../HJTInstall.exe

2. Disable Notepad's word wrap:
In Notepad.exe Format --> uncheck "Word wrap"

3. Download/run Deckard's System Scanner:
http://www.techsupportforum.com/sectools/Deckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post in one of the below
expert forums...


{ Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }

Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner
Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.malwarebytes.org/forums/index.php?showforum=7
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
Back
Top