i got a nasty virus i guess.
in my taskbar (where the clock is) a virus alert pops on. I cant get rid of it...
I ran spybot, adaware, panda, AVG, Cwshredder, nothing works...

I got zonealarm and AVG installed.

Any1 know the solution?

Thanks

You will most likely need to post a Hijack This log so that the files associated with the virus can be identified. You can download Hijack This at this link http://www.tomcoyote.org/hjt/ then place it into a folder of it's on, such as C:\HJT, so that back up copies can be made and not clutter your desktop or other folders and the backup copies of deleted items can be easily located if needed.

Once saved double click HijackThis.exe, and press "Scan". When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log, Ctrl-A to Select All, and copy its contents into the text editor.

Do not fix anything yet unless you know what you are doing. This is a powerful tool that can crash the computer if used improperly.

You can try Solo Antivirus. It may help you.

Hi there

My Hijack This log:
Logfile of HijackThis v1.99.1
Scan saved at 8:40:06, on 9/11/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
c:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\System32\GSICON.EXE
D:\WINDOWS\System32\dslagent.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINDOWS\System32\wuauclt.exe
C:\hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVG7_CC] c:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] c:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131467596745
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0F0A551-9EF5-42C5-B658-63495993570E}: NameServer = 195.238.2.22 195.238.2.21
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - c:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - c:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe

I already got rid of two virusses named
mssearchnet.exe and nvctrl.exe

When I click the virus alert my IE gets redirected too spyaxe.

I looked around and found spyware named after Smitfraud, searched it on the web. Did what they say i had too do (smitrem, etc..) Still doesnt work.

Help...

Thanks

Download Ewido Security Suite then set it up this way Ewido Setup Instructions reboot into Safe Mode and run Ewido

Please reboot into normal mode and post the ewido log.

Hi I've got the same problem, how do the Hijack this log help me? Can I post it here to get help? I've also got Ewido security suite. Shall post the Safe Mode Ewido log to?

Stefan

Okay, I ran ewido, I can submit the log if you would like but it found the file mad.dll(in system32) to be the culprit. I have a stand alone bootable CD that can run my operating drive as a slave, but my computer doesnt seem to like bootable CDs. Any ideas on how to get rid of this dll file without taking my HD and slaving into another computer???

landahoy and bumen, Make new threads and we'll try to look at you problems.

The solution has been found. Goto my post at #16942 or look for topic title "spyaxe problems" and the solution is in the topic. I have tried it and am now free of the virus alert. Thank you all for your responses.

Hi all
Newbie here, and at a 2 year old level comapred to the rest of you for computer knowledge. I have this same Spyaze problem, and am trying to get to the post you mention above (#16942), but can't seem to locate anywhere here how to get to that post! Please help. Thanks.
Greg