Tspy_agent.tq/tspy_cimuz

Hello,
Looking for a little information on these 2 Spyware/Grayware. Over the past days i`ve formatted atleast 6 times and this always comes back, from what very little information i can find people seem to think its a keylogger but seems as if they are not sure.

First of these are 100% clean formats, no old files at all, and ive only installed afew programs which are all from trusted company`s. Yet Trend-micro always seems to find TSPY_AGENT.TQ/TSPY_CIMUZ lurking in my system after awhile. By that i mean right after i format and do ALL MY UPDATES my system scan`s 100% clean. Then i installed all my programs and did a other scan which came up clean, afterwards i installed a game of mine "World of warcraft" from a trust company then i turned my pc off awhile, came back did a scan and there it was again. No one seems to really know what these files are from what i`ve researched from search engines. Formatted time and time again and they always seem to return.

Trend-Micro shows no file path so i dont know where the so called files are located and it`s the ONLY virus scanner to pick it up. I have Spyblaster installed & enabled, every update for WinXP Pro. Basicly im trying to narrow down exactly what this is, Trend-Micro offers to clean it but it cannot clean the TSPY_AGENT.TQ file yet even so afterwards if i rescan it is gone completly, still leaves me a little cautious about my system if infact it is a keylogger. So basicly im looking to see if anyone knows forsure what this file is, im starting to think its something involved with my game world of warcraft because it seems to appear right after i install it. Im still at a loss as i said formatted over and over and always returns.

If anyone has any information on what this file exactly is or what its related to would be a big help its starting to drive me nuts formatting over and over. Bitdefender ,Panda & Ewido all scan clean Trend-Micro is the only one to pick it up. I`ve attached HJT logs along with virus scanner logs & some pictures. Just looking to find out exactly what this file is and if i should be alarmed.

Thanks in advance - Eyz

http://img209.imageshack.us/my.php?image=untitled001ii6.jpg
http://img140.imageshack.us/my.php?image=untitled002kt2.jpg
http://img140.imageshack.us/my.php?image=untitled003nz5.jpg
http://img209.imageshack.us/my.php?image=untitled004qh1.jpg

 

Your HijackTHis log appears to be from Safe Mode; post one from Normal Mode.

 

Everything posted is from Normal mode, I disabled a few unnecessary system services maybe thats why it looks like that.

Eyz

 

<< The installed version of Java on this compter is out-dated. Install version 1.5.0_07 available from http://java.sun.com/javase/downloads/index.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>


Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

According to your HijackThis log you are not running a Firewall or AntiVirus.

Otherwise I see no Malware in your logs.

 

Ok thanks,
Did what you asked, until i figured wether my system was compromised i didn`t want to install a firewall/anti-virus. So should i not worry about what trend-micro is picking up? Maybe it`s being over cautious and detecting something thats not really a threat?

Thx - Eyz

 

It's most likely a false positive