Trojan Horse virus was detected on my comp last yr and I quarantined it with Norton Anti virus. Now just a starting of dis month my comp got infected with Yaha32K and this virus deleted Norton and all anti virus softwares. But the I tried an online scan and detected it. After a few days I downloaded the symantec Yaha fix tool but then dis tool said "virus not detected on ur comp" once again I tried a McAfee scan and this scan didnt detect Yaha virus at all. I have NO idea where it disappeared. But now I find a spider.sav file in My documents. I am suspicious this is a virus. What do I do ti get rid of it?

Do you have Spider solitair on your computer? Spider.sav is a saved game. Just delete it. The first time I saw that it spooked me until I realized what it was.

But from searching for Spider.sav at this site I found some msgs posted in 2001 and 2002 and they say it is some BearBug virus. I ran an online Mcafee scan and found some "JS/NoClose" virus on my comp. I have no idea what this is!

suzi is correct in her assessment of "spider.sav". http://securityresponse.symantec.com/avcenter/venc/data/js.noclose.html While JS.Noclose may be annoying, it is not malicious.It is code that is used by a Web site to create hidden windows for the purpose of displaying advertisements and banner ads. Closing these windows can be difficult, because when you close one, the window that is "hidden" behind it is displayed. There is no malicious payload involved in this type of code and as such,your system is not endangered.For this reason Symantec does not detect such scripts as viral. __________________________________________________ http://vil.mcafee.com/dispVirus.asp?virus_k=99279 Virus Characteristics This javascript trojan allows various hidden functions to take place on a user's system. It exists in two forms: In HTA form, an HTML Application is created which is not visible to the user and can not be closed. In HTML form, a browser window is created which is minimized and can not be easily maximized or closed. Typically these window "tricks" are seen associated with advertisement and banner ad programs. Especially affiliated with pornographic sites and sites which pay commissions to others for displaying banner ads. The trojan does not contain any other payload and does not cause any damage to the local system. Files which trigger this detection should be deleted. Indications Of Infection Minimized web browser window which can not be easily maximized. Method Of Infection Viewing a web page which contains this trojan javascript code creates the mysterious window in question. Removal Instructions All Users: Use current engine and DAT files for detection. Delete any file which contains this detection

spider.sav may be a saved game of solataire but of course someone who knew this could use this to their advantage, ie the virus use that to help it hide. I noticed the virus today, it moves pretty quickly too. I think i isolated the code but not like that helps any. I got a word doc that says "enter if you dare" in it but it only flashes up for a second i actually couldnt even read it had to get a friend and my lil brother to figure out what it said. after i opened this file it made a copy ~$spider which then gave me pop ups talking about converting some s---. I havent deleted the orginal yet im gonna try to study it since I got my new processor in the mail and am about to format hardrive and install anyway. I am very interested this i would like ANY INFO you have related to this, its wierd it corelates with a recent event in my life related to ok any way any info would be nice, thnx. like really what does this thing do thats bad and question like that please email me thnx.