Virus attack plzz help !!

[Ranjan]

That is not a NT log.
Dead giveaway for Windows 7 is this. "C:\Windows\system32\taskhost.exe"

Oh.. My fault.. I mistakenly, read that as taskmgr.exe

[Ibrad]

I just want to point out last time I used Online Armor I would get access denied message because OA's hips were blocking it. Thats the one reason I uninstalled OA

[Ceyfer √]

To me OA and Comodo are for advanced user who like to tightly secure their boxes. OA is not annoying if the user know how to use it & its configured correctly. HIPS is not for everyone.

[kool_guy]

hey i dunno wat u guys r talkin abt but i have a genuine retail win7 home premium not any windows nt or stuf(sry fr my ignorance but im not any sort of comp expert)
will post spybot log soon
n yeah ranjan my board preps are full on!!

Malwarebytes' Anti-Malware 1.44
Database version: 3704
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2/9/2010 8:54:22 AM
mbam-log-2010-02-09 (08-54-22).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 166461
Time elapsed: 21 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Spybot log file-
DoubleClick: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
Zedo: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
Zedo: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
HitBox: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
HitBox: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
HitBox: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
Statcounter: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
MediaPlex: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
FastClick: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
FastClick: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
FastClick: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
WebTrends live: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
Zedo: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
Zedo: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
Statcounter: Tracking cookie (Firefox: Vignesh (default)) (Cookie, nothing done)
DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
Statcounter: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-02-09 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2010-02-02 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-02-02 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-02-02 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-02-02 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-01-26 Includes\Malware.sbi (*)
2010-02-02 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-01-26 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-02-02 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2010-02-02 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-12-08 Includes\Trojans.sbi (*)
2010-02-02 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

[safeguy]

To me OA and Comodo are for advanced user who like to tightly secure their boxes. OA is not annoying if the user know how to use it & its configured correctly. HIPS is not for everyone.

Agreed...I'm using OA++ now and I felt that it's web shield was slowing down my browsing speed...turned that off along with HIPS as I'm not the type who likes to be prompted too often...and also because I'm not as paranoid as some of you are...

[Ranjan]

@kool
As i said earlier, you doesn't seem to be infected.
I think its any other system problem or may be, like others said, if your using OA, try turning that off for a while and see if your problem is solved or not..
@safeguy
You're compromising with your security...
btw, are you using Avira and OA++ simultaneously...?

[kool_guy]

ok now i removed oa++ n installed nav2010

thnx fr dhelp nyways

[hellnoire]

Are you still using Avira real time, or did you remove that too?