Inactive [InActive] Win32 trogan?

My virus scan this morning came up with saying I had a Window32 trogan-gen I kept trying to move file to my chest but it kept saying error in doing so. My computer seems to be ok but I thought I would see if all looks ok. Also virus's in a virus chest should they stay there or be deleted? I have some inther but not sure what to do with them or if anything needs to be done. TIA.





DS (Ver_09-02-01.01) - NTFSx86
Run by Jennifer at 14:38:51.55 on Thu 02/05/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.1015.332 [GMT -5:00]

AV: avast! antivirus 4.8.1229 [VPS 081124-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\dlbtcoms.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\schtasks.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\jusched.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Jennifer\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {A057A204-BACC-4D26-CEC4-75A487FD6484} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe "
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [SunJavaUpdateReg] "c:\windows\system32\jureg.exe "
mRun: [<NO NAME>]
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe "
mRun: [DLBTCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLBTtime.dll,_RunDLLEntry@16
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\paltalk.lnk - c:\program files\paltalk messenger\paltalk.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &AIM Search
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-9-13 111184]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-9-13 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-9-13 51792]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-6-7 24652]

=============== Created Last 30 ================

2009-01-15 09:44 <DIR> --d----- c:\program files\Coupons
2009-01-14 06:36 288,768 a------- c:\windows\system32\drivers\srv.sys

==================== Find3M ====================

2009-01-03 16:25 0 a------- c:\users\jennifer\appdata\roaming\wklnhst.dat
2008-12-25 10:26 157,571 a------- c:\windows\hpoins27.dat
2008-12-25 10:04 86,016 a------- c:\windows\inf\infstor.dat
2008-12-25 10:04 51,200 a------- c:\windows\inf\infpub.dat
2008-12-25 10:04 143,360 a------- c:\windows\inf\infstrng.dat
2008-06-12 08:42 665,600 a------- c:\windows\inf\drvindex.dat
2008-06-08 11:18 174 a--sh--- c:\program files\desktop.ini
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-03-10 19:30 16,384 a--sh--- c:\windows\temp\cookies\index.dat
2008-03-10 19:30 16,384 a--sh--- c:\windows\temp\history\history.ie5\index.dat
2008-03-10 19:30 32,768 a--sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat
2007-08-30 01:10 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT

============= FINISH: 14:40:19.47 ===============


icrosoft® Windows Vistaâ„¢ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/7/2007 1:07:56 AM
System Uptime: 2/5/2009 12:50:40 PM (2 hours ago)

Motherboard: ASUSTeK Computer INC. | | Lancaster8
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | CPU 1 | 2800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 224 GiB total, 169.731 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1.2 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1)
32 Bit HP CIO Components Installer
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.3
Apple Software Update
avast! Antivirus
BufferChm
Casper Activity Center
Comcast High-Speed Internet Install Wizard
Copy
Coupon Printer for Windows
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_03_F2200_ProductContext
DJ_AIO_03_F2200_Software
DJ_AIO_03_F2200_Software_Min
F2200
F2200_Help
Google Toolbar for Internet Explorer
Google Updater
GTK+ Runtime 2.12.1 rev b (remove only)
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
HP Active Support Library
HP Active Support Library 32 bit components
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 10.0
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
HP Easy Setup - Frontend
HP Imaging Device Functions 10.0
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5
HP Total Care Advisor
HP Update
Intel(R) Graphics Media Accelerator Driver
Java(TM) SE Runtime Environment 6 Update 1
LightScribe 1.8.15.1
LimeWire 4.18.8
Make A Masterpiece(TM)
MarketResearch
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel Viewer 2003
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007 Trial
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
PaltalkScene
Pidgin
PSSWCORE
Python 2.5
QuickTime
RapidPlayer v5.0 ActiveX Control
Realtek High Definition Audio Driver
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Scan
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Soft Data Fax Modem with SmartCP
Spelling Dictionaries Support For Adobe Reader 8
Status
Toolbox
TrayApp
UnloadSupport
Update for Office 2007 (KB946691)
VideoToolkit01
Viewpoint Media Player
WeatherBug Gadget
WebReg
Wizard101

==== End Of File ===========================

 

Hi jennmay,

Did your antivirus give you a filename and location of the detection?

Generally yes, you can remove quarantined items.

 

Yes it did it was in adobe reader somethign I did end up deleteing it or I would post the whole filename. So other thatn that all looks ok?

 

Your log does look fine, though it can't hurt to do an online scan for surety. Instructions for that below if you care to follow through.

Please do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

• Click Run at the Security prompt.
• The program will then begin downloading and installing and will also update the database.
• Please be patient as this can take several minutes.
• Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Click View scan report at the bottom.
• Click the Save Report As... button.
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs.
• Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Post the Kaspersky log here.

 

There was no log to post. I clicked report and it was empty. Nothing to copy.

 

Also this might be a technical question but my fan seems to run constantly very very very loud. Never did this before Computer is a little less than a year old. Cant hear anything with it running. I even shut it down everynight because it will keep me awake and my room is all the way in the back of my house.

 

As long as there were no infected files reported, I'd say your computer is clean. I recommend posting in the hardware forum about the noise level of the fan(s).

 

Ok I will ty for all your help.

 

Your welcome.