Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
ULBS INFORMATICA

Index preturi

Boxa membrana tweeter infundata

ajutor
 Whisky for Mac

Xiaomi 14 Gpay

Izolare zid exterior de scandura

Dezinstalare drivere W11 23H3
 Recomandare masina de spalat fiab...

BSOD din cauza Intel Audio DSP dr...

De ce sunt oamenii nostalgici

Cum vand casa fara factura Hidroe...
 Scor FICO minim

Tonometru compensat CAS?

polita RCA ONLINE

Termostat frigider - verificare
 

Trojan.Downloader

- - - - -
  • Please log in to reply
4 replies to this topic

#1
CostyCTZ

CostyCTZ

    Junior Member

  • Grup: Members
  • Posts: 41
  • Înscris: 12.08.2010
Buna ziua,
Am o problema cu un trojan .. Dupa fiecare restart reapare din nou ,mereu cu un alt nume,pe langa asta imi incarca si Procesorul ,acum e mereu peste 30%,aseara cand a inceput a fost peste 60-70% .. chiar 90%.Am pus Log-ul de la 3 scanari cu Mawarebytes ,de fiecare data il gaseste si zice sa dau restart ,apoi dupa restart din nou aceeasi poveste,procesorul peste 30% si daca fac o scanare apare din nou in folderul Temp sub alt nume. Totul a inceput de cand am facut update la windows ,sincer nu stiu ce sa fac..
O zi buna.


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.04.06.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Costy :: COSTY-PC [administrator]
4/13/2013 3:19:24 AM
mbam-log-2013-04-13 (03-19-24).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 462233
Time elapsed: 1 hour(s), 38 minute(s), 15 second(s)
Memory Processes Detected: 1
C:\Users\Costy\AppData\Local\Temp\winhany.exe (Trojan.Downloader) -> 6000 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 4
C:\Users\Costy\AppData\Local\Temp\winhany.exe (Trojan.Downloader) -> Delete on reboot.
C:\dwchv.pif (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Windows\Temp\winevqh.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\rslwt.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
(end)

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.04.06.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Costy :: COSTY-PC [administrator]
4/13/2013 12:55:27 PM
mbam-log-2013-04-13 (12-55-27).txt
Scan type: Custom scan (C:\Users\Costy\AppData\Local\Temp\winnhdfpo.exe|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 5 second(s)
Memory Processes Detected: 1
C:\Users\Costy\AppData\Local\Temp\winnhdfpo.exe (Trojan.Downloader) -> 4460 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Costy\AppData\Local\Temp\winnhdfpo.exe (Trojan.Downloader) -> Delete on reboot.
(end)
-------------------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.04.06.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Costy :: COSTY-PC [administrator]
4/13/2013 2:38:21 PM
mbam-log-2013-04-13 (14-38-21).txt
Scan type: Custom scan (C:\Users\Costy\AppData\Local\Temp|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 5734
Time elapsed: 5 minute(s), 1 second(s)
Memory Processes Detected: 1
C:\Users\Costy\AppData\Local\Temp\abgrs.exe (Trojan.Downloader) -> 2680 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Costy\AppData\Local\Temp\abgrs.exe (Trojan.Downloader) -> Delete on reboot.
(end)

#2
Ann0nyym0us

Ann0nyym0us

    Arrogant bastard

  • Grup: Senior Members
  • Posts: 17,413
  • Înscris: 15.12.2009
Descarca si scaneaza folosind Kaspersky Virus Removal Tool. Vezi daca asa il elimina. Daca nu, o sa fie nevoie probabil de un rescue disk.

#3
eu69

eu69

    Active Member

  • Grup: Members
  • Posts: 1,376
  • Înscris: 01.04.2011
Poate ajuta,merita incercat:
http://science.oppos...oader-7448.html

#4
CostyCTZ

CostyCTZ

    Junior Member

  • Grup: Members
  • Posts: 41
  • Înscris: 12.08.2010
Am incercat metoda lui Ann0nyym0us si din cate observ procesorul a ajuns din nou la 0% ,ceea ce e de bine sper.
Mi-a gasit niste Win32.Sality.gen ,stergandu-mi niste jocuri si programe ,dar nimic important.
Multumesc din nou,sper sa nu mai apara nici o problema.
O zi buna

#5
Ann0nyym0us

Ann0nyym0us

    Arrogant bastard

  • Grup: Senior Members
  • Posts: 17,413
  • Înscris: 15.12.2009
Eram convins ca e Saility; ce nu inteleg este de ce nu l-a recunoscut Malwarebytes, ca doar il in semnaturi. :huh:

Oricum, sunt mari sanse sa fi ramas niste resturi de malware prin fisiere, asa ca te sfatuiesc sa descarci SalityKiller si sa-l rulezi cu drepturi de administrator (Click Dreapta -> Run As Administrator). Dupa ce scaneaza si rupe procese care poate mai misuna prin Windows, ideal ar fi sa mai scanezi odata cu un removal tool (de preferabil tot cel de la kasperksy).

Anunturi

Neurochirurgie minim invazivă Neurochirurgie minim invazivă

"Primum non nocere" este ideea ce a deschis drumul medicinei spre minim invaziv.

Avansul tehnologic extraordinar din ultimele decenii a permis dezvoltarea tuturor domeniilor medicinei. Microscopul operator, neuronavigația, tehnicile anestezice avansate permit intervenții chirurgicale tot mai precise, tot mai sigure. Neurochirurgia minim invazivă, sau prin "gaura cheii", oferă pacienților posibilitatea de a se opera cu riscuri minime, fie ele neurologice, infecțioase, medicale sau estetice.

www.neurohope.ro

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate