Glad to know you haven't been using the computer. This is always of great concern when a person posts logs with obvious infections and then do not return. The risks of continuing to use the computer with the infection not yet removed are great...additional infections installed, which this one will do, or infection of other computers via file sharing or infection of flash drives or installation to a cd via a cd burning program and then transfer to other computers by that flash drive or cd. This is why we always are concerned when the poster does not return.

The trojan your Trend Micro found is also called Antivirus2008, Trojan FakeAlert, Win32/FakeSpyguard, SpywareGuard2008 and many others. It is found and identified by numerous other scanners.

As I said, in my post, we have no idea who this Grinler poster is, the site he asked you to post to is a legitimate site but he is not one of our helpers here. Of course this is a public site so we generally have little control who posts here but our advice normally is to continue with steps given by your original helper and ignore those who are unknown or wait for advice from your helper. Nothing he requested is wrong just...we don't know him or why he made the actual request since I had requested the upload to http://virusscan.jotti.org/, which is the one we normally use and you found that other scanners readily identify this infection. I basically wanted to know the NAME given to the infection found in the file by the various av scanners that site uses. It aids in removal.

MBA-M should be able to remove this. TrendMicro cannot remove it because it is a Trojan, not a virus. Most or many antivirus programs cannot remove trojans, this is why multiple programs are always recommended. I will wait for your MBA-M log. Be sure to have it clean everything found. Also, after that REBOOT the system and run a new HJT scan and post that log too. Does your Trend Micro program give you the option to REMOVE it? I know it cannot fix or quarantine but if the option is give to remove then you should do that.

Judy