Chirurgia spinală minim invazivă
Chirurgia spinală minim invazivă oferă pacienților oportunitatea unui tratament eficient, permițându-le o recuperare ultra rapidă și nu în ultimul rând minimizând leziunile induse chirurgical. Echipa noastră utilizează un spectru larg de tehnici minim invazive, din care enumerăm câteva: endoscopia cu variantele ei (transnazală, transtoracică, transmusculară, etc), microscopul operator, abordurile trans tubulare și nu în ultimul rând infiltrațiile la toate nivelurile coloanei vertebrale. www.neurohope.ro |
Trojan.Downloader
Last Updated: Apr 15 2013 12:39, Started by
CostyCTZ
, Apr 13 2013 13:52
·
0
#1
Posted 13 April 2013 - 13:52
Buna ziua,
Am o problema cu un trojan .. Dupa fiecare restart reapare din nou ,mereu cu un alt nume,pe langa asta imi incarca si Procesorul ,acum e mereu peste 30%,aseara cand a inceput a fost peste 60-70% .. chiar 90%.Am pus Log-ul de la 3 scanari cu Mawarebytes ,de fiecare data il gaseste si zice sa dau restart ,apoi dupa restart din nou aceeasi poveste,procesorul peste 30% si daca fac o scanare apare din nou in folderul Temp sub alt nume. Totul a inceput de cand am facut update la windows ,sincer nu stiu ce sa fac.. O zi buna. Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.04.06.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Costy :: COSTY-PC [administrator] 4/13/2013 3:19:24 AM mbam-log-2013-04-13 (03-19-24).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 462233 Time elapsed: 1 hour(s), 38 minute(s), 15 second(s) Memory Processes Detected: 1 C:\Users\Costy\AppData\Local\Temp\winhany.exe (Trojan.Downloader) -> 6000 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 3 HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\Users\Costy\AppData\Local\Temp\winhany.exe (Trojan.Downloader) -> Delete on reboot. C:\dwchv.pif (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Windows\Temp\winevqh.exe (Trojan.Downloader) -> Quarantined and deleted successfully. D:\rslwt.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. (end) -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.04.06.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Costy :: COSTY-PC [administrator] 4/13/2013 12:55:27 PM mbam-log-2013-04-13 (12-55-27).txt Scan type: Custom scan (C:\Users\Costy\AppData\Local\Temp\winnhdfpo.exe|) Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P Objects scanned: 1 Time elapsed: 5 second(s) Memory Processes Detected: 1 C:\Users\Costy\AppData\Local\Temp\winnhdfpo.exe (Trojan.Downloader) -> 4460 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Costy\AppData\Local\Temp\winnhdfpo.exe (Trojan.Downloader) -> Delete on reboot. (end) ------------------------------------------------------------------------------------------------------------------------------------------------- Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.04.06.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Costy :: COSTY-PC [administrator] 4/13/2013 2:38:21 PM mbam-log-2013-04-13 (14-38-21).txt Scan type: Custom scan (C:\Users\Costy\AppData\Local\Temp|) Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P Objects scanned: 5734 Time elapsed: 5 minute(s), 1 second(s) Memory Processes Detected: 1 C:\Users\Costy\AppData\Local\Temp\abgrs.exe (Trojan.Downloader) -> 2680 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Costy\AppData\Local\Temp\abgrs.exe (Trojan.Downloader) -> Delete on reboot. (end) |
#2
Posted 13 April 2013 - 14:11
Descarca si scaneaza folosind Kaspersky Virus Removal Tool. Vezi daca asa il elimina. Daca nu, o sa fie nevoie probabil de un rescue disk.
|
#3
Posted 13 April 2013 - 14:13
#4
Posted 13 April 2013 - 15:18
Am incercat metoda lui Ann0nyym0us si din cate observ procesorul a ajuns din nou la 0% ,ceea ce e de bine sper.
Mi-a gasit niste Win32.Sality.gen ,stergandu-mi niste jocuri si programe ,dar nimic important. Multumesc din nou,sper sa nu mai apara nici o problema. O zi buna |
#5
Posted 15 April 2013 - 12:39
Eram convins ca e Saility; ce nu inteleg este de ce nu l-a recunoscut Malwarebytes, ca doar il in semnaturi.
Oricum, sunt mari sanse sa fi ramas niste resturi de malware prin fisiere, asa ca te sfatuiesc sa descarci SalityKiller si sa-l rulezi cu drepturi de administrator (Click Dreapta -> Run As Administrator). Dupa ce scaneaza si rupe procese care poate mai misuna prin Windows, ideal ar fi sa mai scanezi odata cu un removal tool (de preferabil tot cel de la kasperksy). |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users