over the months i have had several antiviruses including avg, windows live oncare, antivir, and recently avast. however i had avg when i accidently downloaded a virus and it did not seem to get rid of it. so i switched to windows. that didn't do it either. so i switched to antivir. that one got rid of most of the viruses becasue by then more had come. but after that it kept going off like every hour on the hour. so i switched to avast. this one seemed to do the trick. but revently it picked up another 8. i thought they were all gone because i did a complete system scan and deleted the ones it picked up. the on access scanner had finally gotten to scan windows system folders and it picked theses guys.

C:\WINDOWS\system32\wqvnpeqq.dll
C:\WINDOWS\system32\rrksfvlm.dll
C:\WINDOWS\SYSTEM32\RRKSFVLM.DLL
C:\WINDOWS\SYSTEM32\WQVNPEQQ.DLL

i dont know what they are but it says that they are viruses. please help becasue they keep showin up. thanx

where did u get infected and when?
ive been hearing about outbreaks on zlob and Trojan-Spy.Win32@mx lately..

Those look like randomly generated file names to me?

Send copies to: http://virusscan.jotti.org/

and: http://www.virustotal.com/vt/?9f4b11a2b5bec3143797b1bc0b1f8617:eng

They will run them through a whole range of AVs some of which should tell you what it is. Visit their sites and look for removal instructions.

Also get http://www.ccleaner.com/ and run it. Clear your history and browser cache as well.

Try running your scans in safe mode if you haven't already done so.

Adaware and Spybot might be some help. File Hippo (http://www.filehippo.com) has all sorts of handy things including ccleaner.

If your AV is going off every hour it sounds like you have some kind of dropper on there. I once mis clicked a link and got myself a dropper. It was 3 days before the definition for it came out. What a fun three days.

If you feel daring have a look in start -> run -> msconfig and disable anything that looks similar to the files you posted.

But do stick with an AV, just because it can't clean it yet doesn't mean it never will. Make sure your AV is updating correctly too.

All else fails, hijack this might be in order.

Re Zlob: I just cleaned up that very virus this morning.

Virus 'Troj/Zlob-Gen' has been detected in "C:\WINDOWS\SYSTEM32\hp863B.tmp". Cleanup unavailable.

*100 on a laptop.

might i suggest housecall.trendmicro.com this online virus scanner will take care of viruses and spyware. It hasn't failed me yet.

Hi

Are you running any versions of MSN Messenger if so what version, if it's 3 then you may have gotten infected with any number of "LOP" variants...

How_to_get_rid_of_LOP (http://www.smartcomputing.com/editorial/article.asp?article=articles/2005/w1602/45w03/45w03.asp&ArticleID=25540&guid)

Description

Lop, which stands for Live Online Portal, is a browser hijacker that resets the start and search pages in IE. (Its aliases include: C2; Lop C2Media; Lop.com; Tubmo; Ultimate Browser Enhancer; as well as Lop/Active and variants such as Lop/Dialer, Lop/IMZ, and Lop/Trinity.) Lop variants also may install an Accessories toolbar in IE, add shortcuts to the Favorites menu, monitor online activity, install a porn dialer, and load other spyware and third-party programs onto the system.

Lop is an ActiveX control that installs itself automatically on any PC that comes into contact with its affiliated sites, many of which have four-letter domain names such as Aavc.com, Samz.com, Srox.com, and Wfix.com. Lop also has been known to masquerade as a downloadable MP3 search utility.

How To Tell If Lop Is Present On Your System

Start and search pages redirect traffic to Lop.com or one of its affiliated sites. Another symptom of Lop is the presence of numerous unexplained dial-up attempts.

How To Get Rid Of Lop With Ad-Aware

Among the anti-spyware utilities that can remove Lop variants is Ad-Aware SE. By opening the utility and clicking its Scan Now button, Ad-Aware SE will scour the contents of your Windows drive for evidence of Lop and other spyware programs. When the scan is complete, click Next and choose the Critical Objects tab to see everything that Ad-Aware found. Select all spyware-related items on the list and then click the Next button. Click OK to verify that you want to remove the selected objects to a quarantine folder. If Ad-Aware cannot remove an item, it will give you the option of deferring its removal until the next time you reboot. You can close Ad-Aware when the quarantine is complete.
Useful link to check your browser for hijack.. http://www.doxdesk.com/parasite/

Messenger Plus info... http://inetexplorer.mvps.org/answers/45.html

i tried running avast in safe mode and it seem to have done the trick.cant possibly imagine why though. i ran several scans to be sure and their all clean. thanx for all the help:D