think i got a virus

i ran hijack this and was wondering if someone could give it a once over because i have this thing on my taskbar that says system alert and tries to get me to install some anti-virus program but i have one and i cant get rid of this thing please help

here is my log file

Logfile of HijackThis v1.99.1
Scan saved at 7:38:31 PM, on 1/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ABIT\ABIT uGuru\uGuru.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Video ActiveX Object\isamini.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Video ActiveX Object\isamonitor.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Anthony\Desktop\HijackThis.exe

O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - C:\Program Files\Video ActiveX Object\isaddon.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ABIT uGuru] C:\Program Files\ABIT\ABIT uGuru\uGuru.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run:

OK never mind i booted into safe mode and ran hijack this and deleted some fishy looking files and now im fine

C:\Program Files\Video ActiveX Object\isamini.exe
C:\Program Files\Video ActiveX Object\isamonitor.exe
O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - C:\Program Files\Video ActiveX Object\isaddon.dll

These are bad files. They are part of a Trojan called Zlob.Media-Codec
I'd run a spyware scan to see if they can be removed.

Also your log had these:
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F334190-2BDE-46BA-88BD-83908768F96F}: NameServer = 206.141.193.55 68.94.157.1 Unknown
O21 - SSODL: hirtellous - {fa19bd7e-50bc-4203-80ac-c4edc81ca9a3} - C:\WINDOWS\system32\nbbrhbd.dll

Which came back questionable. You can upload or copy/paste your log at hijackthis.de which does a good job at identifying nasty entries from your hijackthis logfile.

dang i jsut got hit with zlob and it was hell to delete. I kept on popping up in spybot every time i deleted it i seemed it had a backup file. I dont remember how i got rid of it i think i formatted to drive.

yeah it was a pain i had to boot into safe mode and delete it

man i got this freaking thing last night from some video file on myspace. took me almost two hours to get rid of it. used hijack and a couple of other programs and still had the reminders finally i just did a system restore to yesterday. so far so good i hope.

Another quick way to spot things is with msconfig, but often you do need to hit safe-mode to get rid of them.

looks like a lot of people are getting the Zlob virus, i recently just had to help 2 friends get rid of it


I used Avast! updated first, then scan b4 windows booted up
got rid of it like a charm

I had seen one just like that a while back, I think it was called SpyDawn. It was a pain in the neck to get rid of. I had to spend about 4 hours on that particular rig, running everything from HJT, to Windows Defender, to Avast. It turned out that somewhere between running Avast in safe mode, and installing SP2 for this guy (amazing how some people don't pay attention to recommendations), it just disappeared.

I normally use the trend micro online virus scan, then whatever I need to manually delete I boot off a knoppix cd and delete it that way.