Contact
E-mail: faravirusicom@gmail.com
Web: www.faravirusi.com
Astept comentarii si sugestii legate de postarile actuale sau ce ati dori sa vedeti pe acest site.
Pentru contracte de publicitate pe acest site, contactati-ne la adresa de e-mail:
faravirusicom@gmail.com
Pentru promovarea acestui blog pe site-ul dumneavosatra puteti folosi acest banner si codul aferent:
Loading ...
Am gasit azi pe filelist la comentariile unui film acest anunt “Descarca acum cu o viteza de pana la 80MBps !Noi va punem la dispozitie acum un program numit Fast Network care iti permite sa faci asta Poti sa downloadezi de aici hxtp://www.tutti24.pl/FastNetwork.rar”. Am urcat fisierul descarcat pe virustotal.com si uite care a fost rata de detectie: 5/ 42 (11.9%) http://www.virustotal.com/file-scan/report.html?id=1127d0a0052e390cb4017f5bb4074b34ac2ba694c71f6f2edc4e42cfe9d206d7-1321809237. Poti sa analizezi si tu acest fisier sa-mi spui ce influenta rea avea asupra calculatorului daca il rulam!?
uite Radu un nou virus primit pe Maill este arhivat in Winrar si astazi l-am primit si asa se intitula ; Hello!
Unfortunately we failed to deliver the postal package you have sent on the
20th of November in time because the recipient’s address is erroneous.
Please print out the shipment label attached and collect the package at our
office.
United States Postal Service
uite rezultatul scanarii
http://www.virustotal.com/file-scan/report.html?id=abf7ad8c2e73fe931eac35d0ba4b93e84b54c062eda6b0586cd9b4688390e39d-1322044776
Ti-am trimis email cu atasamentul …avind virusul….!
Poti sa analizezi acel fisier sa-mi spui ce influenta poate avea asupra calculatorului……?
Tot primesc niste adrese ciudate pe mail:P as vrea sa las un astfel de gen de adresa dar nush daca e ok
Plus ca mai primesc niste html prin mail:)):
Hi there! It’s Christine Richardson
My age is 25 and it’s as great as my body.
Don’t you remember me? We met at the park.
I was having fun with my friends last night at the pool party, we made amazing videos.
I think that you will like, take a look into attachment!
cam asa suna prostia asta.
AM primit pe email :
Stimate Client,
Pentru a folosii in continuare serviciul nostru Net Banking va rugam sa apasati pe linkul de mai jos :
https://net.crediteurope.ro/ibank-cln/do/login/prompt?validate=423929123
Pentru a putea asigura securitatea contului dvs, periodic veti fi nevoit sa completati procedura de verificare.
Va Multumim ,
Credit Europe Bank @ 2011
Astia nu mai obosesc?
buna radu , am reusit sa ma virusez azi pe mess cu un virus ce apare ca o casuta de dialog mess, si incepe sa descarce un script in pc. rezultatul imi apare la status : gone to f*ck.. avertizeaza pls lumea si zimi care e cia mai usoara cale sa ma devirusez
tnx
adryan, ai dat click pe vreun link sau cum anume s-a descarcat virusul?
nu ( cel putin nu unul care sa mi se para suspect si de care sa mi aduc aminte) pur si simplu imi apare pe ecran , in chenar am optiunea sa l reclam ca spam, iar daca vreau sa l inchid , imi zice ca transferul o sa se opreasca si daca vreau sa cotinu. am dat close in cel mult 10 sec , de cum a aparut ca avea un nick dubios , dar tot a descarcat ceva. oricum , reinstalez windowsul- asta ar trebuie sa ma scape de el
PS : folosesc avira premium security suite.
am scanat cu anti-walmare ,, a gasit o infectie , a bagat o in carantina , dar mi a mai aparut casuta din nou , acelas lucru
Posteaza un log Hijack-This sa vedem ce virusi misuna prin PC la tine si apoi iti vom da alte instructiuni.
http://www.faravirusi.com/2010/04/22/hijackthis-2-0-4-analiza-setarilor-modificate-de-virusi-din-pc-ul-tau/
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:12, on 03/12/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ZTE Join Air\AssistantServices.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ZTE Join Air\UIExec.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\DOCUME~1\gardena\LOCALS~1\Temp\Rar$EX01.032\WLAN Optimizer.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\ady doc\download\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.ro
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.ro
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ro/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.ro
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.ro
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.ro
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.ro
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.ro
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.ro
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 – BHO: AcroIEToolbarHelper Class – {AE7CD045-E861-484f-8273-0445EE161910} – C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 – BHO: SingleInstance Class – {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 – Toolbar: Adobe PDF – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 – HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 – HKLM\..\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 – HKLM\..\Run: [avgnt] “C:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min
O4 – HKLM\..\Run: [UIExec] “C:\Program Files\ZTE Join Air\UIExec.exe”
O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 – HKCU\..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 – HKCU\..\Run: [Google Update] “C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [BitTorrent] “C:\Program Files\BitTorrent\BitTorrent.exe” /MINIMIZED
O4 – HKCU\..\Run: [uTorrent] “C:\Program Files\uTorrent\uTorrent.exe” /MINIMIZED
O4 – HKCU\..\Run: [WLAN Optimizer] C:\DOCUME~1\gardena\LOCALS~1\Temp\Rar$EX01.032\WLAN Optimizer.exe
O4 – HKCU\..\Run: [Messenger (Yahoo!)] “C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 – Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 – Extra context menu item: Google Sidewiki… – res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 – Extra button: PokerStars – {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} – C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O10 – Broken Internet access because of LSP provider ‘c:\program files\bonjour\mdnsnsp.dll’ missing
O22 – SharedTaskScheduler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\system32\browseui.dll
O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:\WINDOWS\system32\browseui.dll
O23 – Service: Avira FireWall (AntiVirFirewallService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 – Service: Avira AntiVir MailGuard (AntiVirMailService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 – Service: Avira AntiVir Scheduler (AntiVirSchedulerService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 – Service: Avira AntiVir Guard (AntiVirService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 – Service: Avira AntiVir WebGuard (AntiVirWebService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 – Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) – Unknown owner – C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\jqs.exe
O23 – Service: UI Assistant Service – Unknown owner – C:\Program Files\ZTE Join Air\AssistantServices.exe
O23 – Service: XAudioService – Conexant Systems, Inc. – C:\WINDOWS\system32\DRIVERS\xaudio.exe
O23 – Service: Yahoo! Updater (YahooAUService) – Yahoo! Inc. – C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
–
End of file – 8690 bytes
Buna @Radu azi am primit un mail suspect care suna in felul urmator:
Afla cum un om obisnuit poate castiga peste 300 de euro pe zi, cu Google AdSense si cum poti face si tu acelasi lucru indiferente de varsta,ocupatia sau experienta ta actuala.
Daca esti in cautarea unei surse sigure de venit si iti doresti sa castigi bani in mod constant, legal si usor, chiar si pe timp de criza, atunci acesta poate fi unul dintre cele mai importante articole pe care le-ai citit vreodata…
Viziteaza: http://profit-sigur.ro/?coupon=20133x20134x
Livrare in toata tara in 24 ore prin Curier Rapid
Am scnat linkul si mi-a dat urmatoarele rezultate: ( http://www.virustotal.com/url-scan/report.html?id=20686d9be99f49ad96e76bb89c4af952-1322827211 ) …fiifnd cuioasa am mers mai departe sa vad ce se intampla si m dat sa comand “pachetul adsense” ……in final cand am dat sa ise din pagina ..Am castigat..;) https://picasaweb.google.com/113803625433883804102/DropBox?authkey=Gv1sRgCMvd54Waj-Sn9wE.PS…totusi NIS+Malwarebytes( web site bloking ) nu au detectat nimic
Asta e linkul corect si momentan nu pot sa fac upload la poza decat asa …sper sa merga https://picasaweb.google.com/113803625433883804102/DropBox?authkey=Gv1sRgCMvd54Waj-Sn9wE
E doar o teapa si atat. Acele ferestre sunt doar pentru a speria vizitatorul si a-l tine cat mai mult pe pagina.
Aaaa ok mersi @Gigi pantru raspuns chiar imi faceam griji si aveam de gand sa imin iau pc la verificari
Buna
As dori si eu niste indrumari legate de comodo internet security, si anume,am instalat strong dc++ l-am pus la trusted application,la stealth ports wizard am setat pe versiunea din mijloc(alert me to incoming connections and make my ports stealth on a per-case basis) dar se pare ca aceste setari nu ma ajuta deoarece functia de search din strongdc++ nu functioneaza absolut deloc,doar daca il setez la firewalled worst case.
Daca ma puteti ajuta cu niste sfaturi in privinta asta.
Va multumesc anticipat.
Arunca o privire si vezi cistigatorul antivirusul anului 2011 si pe ce loc s-a plasat Avira….
http://www.av-comparatives.org/comparativesreviews/summary-reports
O oferta buna pentru cei care nu vor sa cumpere sau sa pirateze Microsoft Office:
Kingsoft Office Suite Professional 2012 gratuit pentru un an (100% compatibil cu Microsoft Office, inclusiv cu cele mai recente formate Microsoft Office; Microsoft Office poate deschide fisiere create cu Kingsoft Office , fara a fi nevoie sa-l aveti instalat pe calculator).
http://ro.giveawayoftheday.com/kingsoft-office-suite-professional-2012/
Atentie – oferta valabila doar 24 de ore!!!
Uite ceva interesant:
http://www.av-test.org/fileadmin/pdf/avtest_award_2011_english.pdf