Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Boxa membrana tweeter infundata

ajutor

Whisky for Mac

Xiaomi 14 Gpay
 Izolare zid exterior de scandura

Dezinstalare drivere W11 23H3

Recomandare masina de spalat fiab...

BSOD din cauza Intel Audio DSP dr...
 De ce sunt oamenii nostalgici

Cum vand casa fara factura Hidroe...

Scor FICO minim

Tonometru compensat CAS?
 polita RCA ONLINE

Termostat frigider - verificare

Mai au PC-urile vreun viitor?

Centrala termica immergas
 

Trojan.Downloader

- - - - -
  • Please log in to reply
4 replies to this topic

#1
CostyCTZ

CostyCTZ

    Junior Member

  • Grup: Members
  • Posts: 41
  • Înscris: 12.08.2010
Buna ziua,
Am o problema cu un trojan .. Dupa fiecare restart reapare din nou ,mereu cu un alt nume,pe langa asta imi incarca si Procesorul ,acum e mereu peste 30%,aseara cand a inceput a fost peste 60-70% .. chiar 90%.Am pus Log-ul de la 3 scanari cu Mawarebytes ,de fiecare data il gaseste si zice sa dau restart ,apoi dupa restart din nou aceeasi poveste,procesorul peste 30% si daca fac o scanare apare din nou in folderul Temp sub alt nume. Totul a inceput de cand am facut update la windows ,sincer nu stiu ce sa fac..
O zi buna.


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.04.06.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Costy :: COSTY-PC [administrator]
4/13/2013 3:19:24 AM
mbam-log-2013-04-13 (03-19-24).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 462233
Time elapsed: 1 hour(s), 38 minute(s), 15 second(s)
Memory Processes Detected: 1
C:\Users\Costy\AppData\Local\Temp\winhany.exe (Trojan.Downloader) -> 6000 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 4
C:\Users\Costy\AppData\Local\Temp\winhany.exe (Trojan.Downloader) -> Delete on reboot.
C:\dwchv.pif (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Windows\Temp\winevqh.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\rslwt.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
(end)

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.04.06.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Costy :: COSTY-PC [administrator]
4/13/2013 12:55:27 PM
mbam-log-2013-04-13 (12-55-27).txt
Scan type: Custom scan (C:\Users\Costy\AppData\Local\Temp\winnhdfpo.exe|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 5 second(s)
Memory Processes Detected: 1
C:\Users\Costy\AppData\Local\Temp\winnhdfpo.exe (Trojan.Downloader) -> 4460 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Costy\AppData\Local\Temp\winnhdfpo.exe (Trojan.Downloader) -> Delete on reboot.
(end)
-------------------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.04.06.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Costy :: COSTY-PC [administrator]
4/13/2013 2:38:21 PM
mbam-log-2013-04-13 (14-38-21).txt
Scan type: Custom scan (C:\Users\Costy\AppData\Local\Temp|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 5734
Time elapsed: 5 minute(s), 1 second(s)
Memory Processes Detected: 1
C:\Users\Costy\AppData\Local\Temp\abgrs.exe (Trojan.Downloader) -> 2680 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Costy\AppData\Local\Temp\abgrs.exe (Trojan.Downloader) -> Delete on reboot.
(end)

#2
Ann0nyym0us

Ann0nyym0us

    Arrogant bastard

  • Grup: Senior Members
  • Posts: 17,413
  • Înscris: 15.12.2009
Descarca si scaneaza folosind Kaspersky Virus Removal Tool. Vezi daca asa il elimina. Daca nu, o sa fie nevoie probabil de un rescue disk.

#3
eu69

eu69

    Active Member

  • Grup: Members
  • Posts: 1,376
  • Înscris: 01.04.2011
Poate ajuta,merita incercat:
http://science.oppos...oader-7448.html

#4
CostyCTZ

CostyCTZ

    Junior Member

  • Grup: Members
  • Posts: 41
  • Înscris: 12.08.2010
Am incercat metoda lui Ann0nyym0us si din cate observ procesorul a ajuns din nou la 0% ,ceea ce e de bine sper.
Mi-a gasit niste Win32.Sality.gen ,stergandu-mi niste jocuri si programe ,dar nimic important.
Multumesc din nou,sper sa nu mai apara nici o problema.
O zi buna

#5
Ann0nyym0us

Ann0nyym0us

    Arrogant bastard

  • Grup: Senior Members
  • Posts: 17,413
  • Înscris: 15.12.2009
Eram convins ca e Saility; ce nu inteleg este de ce nu l-a recunoscut Malwarebytes, ca doar il in semnaturi. :huh:

Oricum, sunt mari sanse sa fi ramas niste resturi de malware prin fisiere, asa ca te sfatuiesc sa descarci SalityKiller si sa-l rulezi cu drepturi de administrator (Click Dreapta -> Run As Administrator). Dupa ce scaneaza si rupe procese care poate mai misuna prin Windows, ideal ar fi sa mai scanezi odata cu un removal tool (de preferabil tot cel de la kasperksy).

Anunturi

Chirurgia endoscopică a hipofizei Chirurgia endoscopică a hipofizei

"Standardul de aur" în chirurgia hipofizară îl reprezintă endoscopia transnazală transsfenoidală.

Echipa NeuroHope este antrenată în unul din cele mai mari centre de chirurgie a hipofizei din Europa, Spitalul Foch din Paris, centrul în care a fost introdus pentru prima dată endoscopul în chirurgia transnazală a hipofizei, de către neurochirurgul francez Guiot. Pe lângă tumorile cu origine hipofizară, prin tehnicile endoscopice transnazale pot fi abordate numeroase alte patologii neurochirurgicale.

www.neurohope.ro

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate