McAfee Focus 2010: Cat de greu este sa te virusezi ? [VIDEO]

Credeti ca este greu sa te infectezi sau ca stiti deja totul despre asta?
Ei bine, sunt inca anumite tehnici de care nu ati auzit, sau este bine sa vi le reamintiti pe cele vechi.

Dave Marcus, Directorul cercetarii in domeniul securitatii la McAfee, demonstreaza intr-un clip video cum poti fi pacalit de catre creatorii de virusi.

mcafee focus 2010 virus


Administrator FaraVirusi.com
voluntar al Comodo Malware Research Team, expert Malwarebytes Anti-Malware

4 responses to “McAfee Focus 2010: Cat de greu este sa te virusezi ? [VIDEO]”

  1. Gigi

    Recunosc, eu nu stiu sa ma infectez ‘ca lumea’. De aceea o fac intentionat 🙂

  2. Catalin C

    Eu m-am infectat cu un Bot…..nu stiu ce fel de bot nu-mi da voie sa downloadez antivirus sa-l curat mi-a stricat tot in pc numai erori cred ca e un worm-bot , am scanat cu hijack an sa postez un logLogfile of Trend Micro HijackThis v2.0.4
    Scan saved at 1:57:39 AM, on 5/14/2007
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
    C:\Windows\RTHDCPL.exe
    C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe
    C:\Windows\FixCamera.exe
    C:\Windows\vsnpstd3.exe
    C:\Windows\tsnpstd3.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Opera\opera.exe
    C:\Users\86-127-74-46\AppData\Local\Opera\Opera\temporary_downloads\HijackThis.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\DllHost.exe

    R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 – BHO: Symantec Intrusion Prevention – {6D53EC84-6AAE-4787-AEEE-F4628F01010C} – C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\IPSBHO.DLL
    O2 – BHO: SingleInstance Class – {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 – HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 – HKLM\..\Run: [TMRUBottedTray] “C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe”
    O4 – HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
    O4 – HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
    O4 – HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
    O4 – HKLM\..\Run: [ZoneAlarm Client] “C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe”
    O4 – HKLM\..\Run: [Malwarebytes’ Anti-Malware] “C:\Program Files\Malwarebytes’ Anti-Malware\mbamgui.exe” /starttray
    O4 – HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 – HKCU\..\Run: [ccleaner] “C:\Program Files\CCleaner\CCleaner.exe” /AUTO
    O4 – HKCU\..\Run: [Messenger (Yahoo!)] “C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe” -quiet
    O4 – HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
    O4 – HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
    O4 – HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
    O4 – HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
    O17 – HKLM\System\CCS\Services\Tcpip\..\{142BC06F-2B81-4805-8DAF-A334DB75B806}: NameServer = 198.153.192.1,198.153.194.1
    O17 – HKLM\System\CS1\Services\Tcpip\..\{142BC06F-2B81-4805-8DAF-A334DB75B806}: NameServer = 198.153.192.1,198.153.194.1
    O17 – HKLM\System\CS2\Services\Tcpip\..\{142BC06F-2B81-4805-8DAF-A334DB75B806}: NameServer = 198.153.192.1,198.153.194.1
    O17 – HKLM\System\CS3\Services\Tcpip\..\{142BC06F-2B81-4805-8DAF-A334DB75B806}: NameServer = 198.153.192.1,198.153.194.1
    O23 – Service: DXUCWG – Sysinternals – http://www.sysinternals.com – C:\Users\86-127~1\AppData\Local\Temp\DXUCWG.exe
    O23 – Service: HDA – Sysinternals – http://www.sysinternals.com – C:\Users\86-127~1\AppData\Local\Temp\HDA.exe
    O23 – Service: JVF – Sysinternals – http://www.sysinternals.com – C:\Users\86-127~1\AppData\Local\Temp\JVF.exe
    O23 – Service: KAQUQP – Sysinternals – http://www.sysinternals.com – C:\Users\86-127~1\AppData\Local\Temp\KAQUQP.exe
    O23 – Service: MBAMService – Malwarebytes Corporation – C:\Program Files\Malwarebytes’ Anti-Malware\mbamservice.exe
    O23 – Service: Norton AntiVirus (NAV) – Symantec Corporation – C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
    O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\Windows\system32\nvvsvc.exe
    O23 – Service: Trend Micro RUBotted Service (RUBotted) – Trend Micro Inc. – C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe
    O23 – Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) – TuneUp Software – C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
    O23 – Service: TY – Sysinternals – http://www.sysinternals.com – C:\Users\86-127~1\AppData\Local\Temp\TY.exe
    O23 – Service: TrueVector Internet Monitor (vsmon) – Check Point Software Technologies LTD – C:\Windows\System32\ZoneLabs\vsmon.exe


    End of file – 5398 bytes
    Cine ma poate ajuta sa scap de acest Bot , va rog !!!!

    1. happyday

      descarca pe un computer curat una din trasnaile astea si urmeaza instructiunile prezentate in primul link :
      http://www.softpedia.com/get/Antivirus/Kaspersky-Rescue-Disk.shtml
      http://www.freedrweb.com/livecd/?lng=en

  3. Catalin C

    Salut am reusit sa scap de pacoste era vorba despre Trojan Crypt XPACK.Gen >>>>arhivat zip……asemanator cu zbotkiller.exe de pe site-ul F-secure de unde l-am downloadat sa scanez deci mare grija ce se ascunde in spatele acestor mici utilitare asa zis de curatat !!!!…..de acum in colo nu mai descarc ar softuri arhivate de pe net , din greseala mea am invatat …..oricum am reformatat computerul ieri , Mersi Happyday pentru acele link-uri…….Avira 10 isi merita renumele si banii pentru acele licente cumparate . 🙂

Leave a Reply