Apocalypse_666

Logfile of HijackThis v1.99.1 Scan saved at 4:34:38 PM, on 5/29/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Network Associates\Common Framewo

Logfile of HijackThis v1.99.1 Scan saved at 8:05:52 AM, on 5/29/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\

Okay! When I scanned it it came up with several spywares, which it couldn't fix, and 2 virusses, which it could fix. Here's the report: Incident Status Location Virus:Trj/Agent.FHP Disinfected

Okay, I first downloaded and ran combofix.exe. Here's the log file: 2006-09-30 10:32 1120 --a------ C:\Qoobox\Quarantine\C\INSTALL.LOG.vir 2007-05-17 15:38 18944 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\wingsa32.dll.vir Folder PATH listing Volume serial number is 60E8-403A C:\QOOBOX \---Quarantine +---C | | INSTALL.LOG.vir | | | \---WINDOWS | \---system32 | wingsa32.dll.vir | \---Registry_backups Then I ran Vundofix in safemode: VundoFix V6.4.1 Checking Java version... Java version is 1.5.0.8 Old versions of java are exploitable and should be re

Yeah. I didn't include my folders in this, cos I didn't think you'd need them. If you do, just tell me.... All the files in c:/ AUTOEXEC.BAT boot.ini CONFIG.SYS devicetable.log INSTALL.LOG IO.SYS Log.txt MSDOS.SYS NTDETECT.COM ntldr pagefile.sys sqmdata00.sqm sqmdata01.sqm sqmdata02.sqm sqmdata03.sqm sqmdata04.sqm sqmdata05.sqm sqmdata06.sqm sqmdata07.sqm sqmdata08.sqm sqmdata09.sqm sqmdata10.sqm sqmdata11.sqm sqmdata12.sqm sqmdata13.sqm sqmdata14.sqm sqmdata15.sqm sqmdata16.sqm sqmdata17.sqm sqmdata18.sqm sqmdata19.sqm sqmnoopt01.sqm sqmnoopt02.sqm sqmnoopt03.sqm sqmnoopt04.sqm sqmnoopt05.sqm

Yeah, here: VundoFix V6.3.23 Checking Java version... Java version is 1.5.0.8 Old versions of java are exploitable and should be removed. Java version is 1.5.0.9 Old versions of java are exploitable and should be removed. Java version is 1.5.0.10 Java version is 1.5.0.11 Scan started at 5:14:56 PM 5/19/2007 Listing files found while scanning.... C:\WINDOWS\system32\awtqq.dll C:\WINDOWS\system32\fyagbonm.dll C:\WINDOWS\system32\hjjlm.ini C:\WINDOWS\system32\kxmovjkp.ini C:\WINDOWS\system32\mljjh.dll C:\WINDOWS\system32\mnobgayf.ini C:\WINDOWS\system32\pkjvomxk.dll C:\WINDOWS\system32\wvustqo.dl

Well, I think my computer is infected with one or more different spy/add/malwares and I was wondering if someone could just look at my Hijackthis!-log and see if I am, and if so, what I should do to remove it! I've tried several things concerning Vundo recently, but my programmes (Spybot Search & Destroy, Add-Aware) keep coming up with the same problems. Also, whenever I run Vundofix.exe, it says every time I still have the awtqq.dll, but it can't seem to remove it... Any Help will be greatly appreciated! Logfile of HijackThis v1.99.1 Scan saved at 9:12:03 PM, on 5/25/2007 Platform: Windo