Trojan infection

  archie330 13:03 24 Jan 2008

I have been infected with a virus, it is called -

msxml3a.dll Avenue Media.

It is in file c:\WINDOWS\system32\msxml3a.dll

Please can anyone tell me how to get rid of it.

My antivirus (F Secure) and Spyhunter Security Suite can't touch it.


  Sea Urchin 13:42 24 Jan 2008

Try Superantispyware (free version) from here click here Update before running

  pj123 14:02 24 Jan 2008

Very strange!

According to this: click here
this a genuine dll released by Microsoft.

and yet, according to this: click here

it is spyware.

Something wrong somewhere, or am I not reading it right?

Some more info here: click here

Seems to be plenty of differing views on Google about this dll. Some offering download sites and some offering removal software?

  mfletch 14:22 24 Jan 2008


Not sure what to make of it myself,
Could be Legit or may not,

click here

The Microsoft® XML Parser (MSXML 3.0) .cab File Redistribution Package makes it possible to distribute MSXML 3.0 through the Internet. To do this, you need to create a Web page that upon opening references the file. The file then downloads the MSXML 3.0 DLLs (msxml3.dll, msxml3a.dll, and msxmldr.dll) to the user's system folder and registers MSXML 3.0 on the user's computer.

I suppose it could be used by a virus/Trojan


  mfletch 14:48 24 Jan 2008


Do another scan but this time in safe mode,

1/Click Start and then click Turn Off Computer.
2/In the Turn Off Windows dialog box, click Restart, and then click OK.
3/As your computer restarts but before Windows launches, press F8 repeatedly.
4/Use the arrow keys to highlight Safe Mode, and then press ENTER.
5/If you have a dual-boot or multiple-boot system, choose the installation that you need to access using the arrow keys, and then press ENTER.
Note: If Windows launches before you can choose a safe mode, restart your computer and try again


  archie330 15:44 24 Jan 2008

Hi guys,
Just logged back on after doing what Sea Urchin suggested but it is still there.
mfletch - I did the scan in safemode.

  mfletch 17:39 24 Jan 2008


It maybe a false alarm,

If you have a virus sample that is not detected or it causes a false alarm with F-Secure Virus Protection

click here


  archie330 19:18 24 Jan 2008

Hi, I have sent details to F secure as you suggested. I will have to wait for their reply.
Thanks for your advice, so far.

  mfletch 19:25 24 Jan 2008

If you can find the Virus file/folder you could use this site for a second opinion,

click here


  archie330 19:39 24 Jan 2008

I wish I could but can't find it. I know its name and where it is (see my first post) but that's all.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

WPA2 hack: How secure is your Wi-Fi?

Add Depth Of Field to a photo using Tilt Shift Blur in Photoshop

iPhone tips & tricks

Comment afficher des fichiers cachés sur Mac ?