Extrémě pomalý PC - vir Adware.Navhelper.D ?!

Může to být cokoliv, nespoléhej na to že by ti nějaký defender našel všechno malware co jsi si natahal do počítače natož to vyléčil. Zkus ještě nouzový režim a spustit antivirovou kontrolu tam. Obávám se že pokud nebudeš schopen manuálně vyhledat a odstranit nákazu zbývá přeinstalace systému.

Tohle píší na:
showthread.php

Zrovna vcera som skusal Burn4Free a je ti zasraty spyware a nie freeware. Spolu so sebou nainstaluje aj nejaky Navhelper (NH) ci co do IE, po odinstalacii B4F samozrejme v PC zostane aj NH a pri kazdom otvoreni explorera (napr. pri otvoreni Tento pocitac) sa chce pripajat na net. Pomoze az odinstalovanie Navhelper klasicky z menu Pridat/odobrat... Este k tomu vam rozdrbe nastavenie list v exploreri.

Jinak temp složka jde normálně vymazat.

Nic takovýho sem tam nenašel.

Je to jeden diskuzní příspěvek tam, je to okopírované, ale teď už se rozběhla akce vyhledej a znič, tak je to jedno.

Existuje spousta free softíku, co ti PC odvšivý, jen stačí hledat. (Ccleaner, MWAW, na zjištění skrytých procesů co ti berou CPU je HijackThis)

Ten adaware by moh stačit ne...?

AdAware nic zvláštního nenašel.

Ten adaware by moh stačit ne...?

No comment.

V tom nouzovym nejde BitDefender spustit... "naštěstí" jde nod32 ale ten mi snad nikdy nic nenašel. A AdAware nic zvláštního nenašel.
To s tim odinstalovanim zkusim ale přeinstalacé néééé .

Vlož sem log z HijackThis.
HijackThis stahneš tady-
http://www.bleepingcomputer.com/files/Merijn/Hijack This.zip
rozbal do vlastní složky,spusť,klikni na "Do a system scan and save a logfile"
Vygenerovaný texťák zkopíruj sem.

když se nevejde,tak ho přepul,ale přesně

Logfile of HijackThis v1.99.1
Scan saved at 0:12:06, on 18.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS \system32\winlogon.exe
C:\WINDOWS\system32\services .exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\syste m32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.e xe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\syste m32\cisvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo. exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc3 2.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\Explorer.EXE
C:\Pro gram Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\mHotkey.exe
C:\WIN DOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\spool\drivers \w32x86\3\hpztsb03.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\rund ll32.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Gigabyte\ET5\GUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS \system32\ctfmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\BOINC\boinc.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\sys tem32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BOINC\boincmgr.exe
C:\WINDOWS\system32\taskm gr.exe
C:\Program Files\ConMet\ConMet.exe
C:\Documents and Settings\Admin\Plocha\hijackthis\HijackThis.exe

R 0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fwlink
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = fwlink
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = fwlink
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fwlink
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

A to se na tom pocitaci da este delat neco jinyho krome sledovani toho, jak se vsechny ty antiviry, firewally a defendery navzajem mydli po hlave?

Co me prekvapuje je treba:
C:\WINDOWS\sys tem32\cidaemon.exe
C:\WINDOWS\system32\taskm gr.exe

- ty mezery tam fakt jsou nebo to vzniklo pri kopirovani textu?

obcas to tady udela - rekl bych ze to je forem

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 3.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\ETcall.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BOINC Manager] "C:\Program Files\BOINC\boincmgr.exe" /s
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\h4yy8xln.default \extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles/h4yy8xln.default \extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Start Firewall.lnk = C:\WINDOWS\system32\net.exe
O4 - Global Startup: WinZip Quick Pick.lnk.disabled
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/osc an8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Cont rols/en/x86/client/wuweb_site.cab?1174320235578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Co ntrols/en/x86/client/muweb_site.cab?1174145064421
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cab s/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Na polovinu to holt nevyšlo
Ten log sem dělal když nečinné procesy brali kolem 90% i víc. A nebylo to tim, že bych na pc nic nechtěl dělat, spíš to nešlo

O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll : toto fix

jeden Antivir odinstaluj, vyčisti Ccleanerem ( můžeš použít i MWAV viewtopic.php), přescanuj s EVIDO on-line onlinescan

to dll-ko patří Pandě

jestli budeš chtít pomoc,tak někde jinde

třeba tady je troška klidu
http://forum.asw.cz/index.php?PHPSESSID=90ba4cde3ca b94adeebea22321c1e0a2&board=4.0

jezisi - opravdu mas preobranovano
jeden antivir
jeden firewall
jeden aktivni antispyvare
---
a to uz ti tu stejne radili - vypni blbosti typu soundman qtask.. - vzdyt chudinka je uz po startu tak naprana spustenyma aplikacema ze funi a ocenuji odolnost systemu ze nedostal hystericky zachvat pouze se zpomalil

edit

O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\h4yy8xln.default \extensions\{B13721C7-F507-4982-B2E5-502A71474FED} \

a nesurfuj s adminskyma voltikama coz tenhle ucet urco bude vid?

Nevim co tim myslíš ale Admin je název uživatelskýho účtu.