Possible undetected virus

[Cheri2057]

Need help

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:34 AM, on 2/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe


Toj somewhere. Advast won't delete it

[philly12]

hmm..cant see nothing wrong with your HJT report, but that doesnt mean everything is safe.  What is your problem exactly?  Like what is the name of the Virus that is being detected? I believe you said it was Win 32:Trat BHO[trj] correct?  If that is the case, I have heard of it "hiding" so to speak.  You'll have to wait for more help.  An admin will prolly have you run combofix if that is indeed what infection you have, but I am too novice to much help with combofix.  Be patient, i'm sure they will be around soon.

[philly12]

I thought your Hijackthis report looked too short, and i was right (thanks oldman).  Cheri2057, please post the ENTIRE log (you seem to have posted half of it).

[CharleyO]

***

Cheri -

Use the "copy & paste" method to get all of your HJT log posted on here by using more than one post.


***

[cowboypete]

Hi,
I have what might be a problem.  I once downloaded a (what I thought was going to be a nice screen saver) on another computor. The problem is  I copied files to this computor and a file called spider.sav is in my documents.  I have deleted it and rebooted and it would be gone then I would use my computer again and there it would be again. I scanned it but no viruses are detected.  I just checked and its back again. Does anyone have a solution?

Cowboypete

[CharleyO]

***

Welcome to the forums, cowboypete.   

It would be best to start a new thread on your problem as it dies not seem to be related to this one and you will most likely get better help.

Please download HijackThis from the link below, run the program but do not make any fixes, and then post the log results in this thread using the "copy & paste" method. It will probably take more than one post to be able to get the complete log posted. Someone will review your log and then offer help.

http://filehippo.com/download_hijackthis/


***

[oldman]

Spider.sav is a saved game from Spider Solitaire. If you can't delete the file, you can probably get rid of it by opening Spider Solitaire and going to Game > Open Last Saved Game. Either finish the game or quit