Contact
E-mail: faravirusicom@gmail.com
Web: www.faravirusi.com
Astept comentarii si sugestii legate de postarile actuale sau ce ati dori sa vedeti pe acest site.
Pentru contracte de publicitate pe acest site, contactati-ne la adresa de e-mail:
faravirusicom@gmail.com
Pentru promovarea acestui blog pe site-ul dumneavosatra puteti folosi acest banner si codul aferent:
Loading ...
Am gasit azi pe filelist la comentariile unui film acest anunt “Descarca acum cu o viteza de pana la 80MBps !Noi va punem la dispozitie acum un program numit Fast Network care iti permite sa faci asta Poti sa downloadezi de aici hxtp://www.tutti24.pl/FastNetwork.rar”. Am urcat fisierul descarcat pe virustotal.com si uite care a fost rata de detectie: 5/ 42 (11.9%) http://www.virustotal.com/file-scan/report.html?id=1127d0a0052e390cb4017f5bb4074b34ac2ba694c71f6f2edc4e42cfe9d206d7-1321809237. Poti sa analizezi si tu acest fisier sa-mi spui ce influenta rea avea asupra calculatorului daca il rulam!?
uite Radu un nou virus primit pe Maill este arhivat in Winrar si astazi l-am primit si asa se intitula ; Hello!
Unfortunately we failed to deliver the postal package you have sent on the
20th of November in time because the recipient’s address is erroneous.
Please print out the shipment label attached and collect the package at our
office.
United States Postal Service
uite rezultatul scanarii
http://www.virustotal.com/file-scan/report.html?id=abf7ad8c2e73fe931eac35d0ba4b93e84b54c062eda6b0586cd9b4688390e39d-1322044776
Ti-am trimis email cu atasamentul …avind virusul….!
Poti sa analizezi acel fisier sa-mi spui ce influenta poate avea asupra calculatorului……?
Tot primesc niste adrese ciudate pe mail:P as vrea sa las un astfel de gen de adresa dar nush daca e ok
Plus ca mai primesc niste html prin mail:)):
Hi there! It’s Christine Richardson
My age is 25 and it’s as great as my body.
Don’t you remember me? We met at the park.
I was having fun with my friends last night at the pool party, we made amazing videos.
I think that you will like, take a look into attachment!
cam asa suna prostia asta.
AM primit pe email :
Stimate Client,
Pentru a folosii in continuare serviciul nostru Net Banking va rugam sa apasati pe linkul de mai jos :
https://net.crediteurope.ro/ibank-cln/do/login/prompt?validate=423929123
Pentru a putea asigura securitatea contului dvs, periodic veti fi nevoit sa completati procedura de verificare.
Va Multumim ,
Credit Europe Bank @ 2011
Astia nu mai obosesc?
buna radu , am reusit sa ma virusez azi pe mess cu un virus ce apare ca o casuta de dialog mess, si incepe sa descarce un script in pc. rezultatul imi apare la status : gone to f*ck.. avertizeaza pls lumea si zimi care e cia mai usoara cale sa ma devirusez
tnx
adryan, ai dat click pe vreun link sau cum anume s-a descarcat virusul?
nu ( cel putin nu unul care sa mi se para suspect si de care sa mi aduc aminte) pur si simplu imi apare pe ecran , in chenar am optiunea sa l reclam ca spam, iar daca vreau sa l inchid , imi zice ca transferul o sa se opreasca si daca vreau sa cotinu. am dat close in cel mult 10 sec , de cum a aparut ca avea un nick dubios , dar tot a descarcat ceva. oricum , reinstalez windowsul- asta ar trebuie sa ma scape de el
PS : folosesc avira premium security suite.
am scanat cu anti-walmare ,, a gasit o infectie , a bagat o in carantina , dar mi a mai aparut casuta din nou , acelas lucru
Posteaza un log Hijack-This sa vedem ce virusi misuna prin PC la tine si apoi iti vom da alte instructiuni.
http://www.faravirusi.com/2010/04/22/hijackthis-2-0-4-analiza-setarilor-modificate-de-virusi-din-pc-ul-tau/
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:12, on 03/12/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ZTE Join Air\AssistantServices.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ZTE Join Air\UIExec.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\DOCUME~1\gardena\LOCALS~1\Temp\Rar$EX01.032\WLAN Optimizer.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\ady doc\download\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.ro
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.ro
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ro/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.ro
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.ro
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.ro
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.ro
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.ro
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.ro
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 – BHO: AcroIEToolbarHelper Class – {AE7CD045-E861-484f-8273-0445EE161910} – C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 – BHO: SingleInstance Class – {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 – Toolbar: Adobe PDF – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 – HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 – HKLM\..\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 – HKLM\..\Run: [avgnt] “C:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min
O4 – HKLM\..\Run: [UIExec] “C:\Program Files\ZTE Join Air\UIExec.exe”
O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 – HKCU\..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 – HKCU\..\Run: [Google Update] “C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [BitTorrent] “C:\Program Files\BitTorrent\BitTorrent.exe” /MINIMIZED
O4 – HKCU\..\Run: [uTorrent] “C:\Program Files\uTorrent\uTorrent.exe” /MINIMIZED
O4 – HKCU\..\Run: [WLAN Optimizer] C:\DOCUME~1\gardena\LOCALS~1\Temp\Rar$EX01.032\WLAN Optimizer.exe
O4 – HKCU\..\Run: [Messenger (Yahoo!)] “C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 – Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 – Extra context menu item: Google Sidewiki… – res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 – Extra button: PokerStars – {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} – C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O10 – Broken Internet access because of LSP provider ‘c:\program files\bonjour\mdnsnsp.dll’ missing
O22 – SharedTaskScheduler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\system32\browseui.dll
O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:\WINDOWS\system32\browseui.dll
O23 – Service: Avira FireWall (AntiVirFirewallService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 – Service: Avira AntiVir MailGuard (AntiVirMailService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 – Service: Avira AntiVir Scheduler (AntiVirSchedulerService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 – Service: Avira AntiVir Guard (AntiVirService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 – Service: Avira AntiVir WebGuard (AntiVirWebService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 – Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) – Unknown owner – C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\jqs.exe
O23 – Service: UI Assistant Service – Unknown owner – C:\Program Files\ZTE Join Air\AssistantServices.exe
O23 – Service: XAudioService – Conexant Systems, Inc. – C:\WINDOWS\system32\DRIVERS\xaudio.exe
O23 – Service: Yahoo! Updater (YahooAUService) – Yahoo! Inc. – C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
–
End of file – 8690 bytes
Buna @Radu azi am primit un mail suspect care suna in felul urmator:
Afla cum un om obisnuit poate castiga peste 300 de euro pe zi, cu Google AdSense si cum poti face si tu acelasi lucru indiferente de varsta,ocupatia sau experienta ta actuala.
Daca esti in cautarea unei surse sigure de venit si iti doresti sa castigi bani in mod constant, legal si usor, chiar si pe timp de criza, atunci acesta poate fi unul dintre cele mai importante articole pe care le-ai citit vreodata…
Viziteaza: http://profit-sigur.ro/?coupon=20133x20134x
Livrare in toata tara in 24 ore prin Curier Rapid
Am scnat linkul si mi-a dat urmatoarele rezultate: ( http://www.virustotal.com/url-scan/report.html?id=20686d9be99f49ad96e76bb89c4af952-1322827211 ) …fiifnd cuioasa am mers mai departe sa vad ce se intampla si m dat sa comand “pachetul adsense” ……in final cand am dat sa ise din pagina ..Am castigat..;) https://picasaweb.google.com/113803625433883804102/DropBox?authkey=Gv1sRgCMvd54Waj-Sn9wE.PS…totusi NIS+Malwarebytes( web site bloking ) nu au detectat nimic
Asta e linkul corect si momentan nu pot sa fac upload la poza decat asa …sper sa merga https://picasaweb.google.com/113803625433883804102/DropBox?authkey=Gv1sRgCMvd54Waj-Sn9wE
E doar o teapa si atat. Acele ferestre sunt doar pentru a speria vizitatorul si a-l tine cat mai mult pe pagina.
Aaaa ok mersi @Gigi pantru raspuns chiar imi faceam griji si aveam de gand sa imin iau pc la verificari
Buna
As dori si eu niste indrumari legate de comodo internet security, si anume,am instalat strong dc++ l-am pus la trusted application,la stealth ports wizard am setat pe versiunea din mijloc(alert me to incoming connections and make my ports stealth on a per-case basis) dar se pare ca aceste setari nu ma ajuta deoarece functia de search din strongdc++ nu functioneaza absolut deloc,doar daca il setez la firewalled worst case.
Daca ma puteti ajuta cu niste sfaturi in privinta asta.
Va multumesc anticipat.
Arunca o privire si vezi cistigatorul antivirusul anului 2011 si pe ce loc s-a plasat Avira….
http://www.av-comparatives.org/comparativesreviews/summary-reports
O oferta buna pentru cei care nu vor sa cumpere sau sa pirateze Microsoft Office:
Kingsoft Office Suite Professional 2012 gratuit pentru un an (100% compatibil cu Microsoft Office, inclusiv cu cele mai recente formate Microsoft Office; Microsoft Office poate deschide fisiere create cu Kingsoft Office , fara a fi nevoie sa-l aveti instalat pe calculator).
http://ro.giveawayoftheday.com/kingsoft-office-suite-professional-2012/
Atentie – oferta valabila doar 24 de ore!!!
Uite ceva interesant:
http://www.av-test.org/fileadmin/pdf/avtest_award_2011_english.pdf
Ieri am vazut un anunt de la un prieten pe facebook cu un video pe care zicea ca majoritatea oamenilor nu pot sal vada .. si de curiozitate am dat pe el .. ma pus sa instalez un plugin pentru videoclipuri dar am constatat ca nu era pt video ci un fel de virus care nu te mai lasa sa intri pe facebook trimitanduma pe o pagina de facebook falsa .. cu niste intrabari
Asta e pagina cu videoul care mia infectat firefox htt://68723asoqoinasans.blogspot.com/?46675392
Asta e pagina pe care te duce cand vei intra pe facebook dupa ce ai instalat pluginul acela htt/seehowtorestoreyouracc.blogspot.com/?accounts
hi….i just lost the bullguard internet security that i hve won in ur site……..can that key resend by u to me……..so that i continue to use bullguard bcoz my subscription is going to expire tommorrow
Salut.Am accesat un link de pe facebook care m-a trimis pe acest site.As vrea sa stiu daca este infectat .Daca cineva ar putea sa testeze m-ar ajuta foarte mult.
http://www.hiro-video.com/access_fr_368_un-prof-de-karate-met-un-agresseurs-k-o-en-seconde-_225683.htm
Vezi aici: http://www.faravirusi.com/2012/02/12/flora-video-in-regardez-ce-que-cette-fille-va-faire-sur-la-plage-devant-plus-de-1000-personnes-spam-pe-facebook/
Rog administratorul acestui site sa-mi raspunda la mailul trimis.URGENT!
Voi face public acel mail pentru a se lua masurile corespunzatoare.
Multumesc.
@Florin: Nu te impacienta, ti-am raspuns.
Il pot publica si eu, stai linistit, alaturi de celelalte detalii.
Salut am si e o problema cu acel virus care vorbeste pe mess. Imi foloseste idul si cand sunt online si cand sunt cu laptopul inchis. Ce sa fac? Va multumesc mult.
@Alex: Ce anume “spune” virusul pe mess? Trimite-ne un log HijackThis.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:54:13 AM, on 2/21/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Bitdefender\Bitdefender 2012\antispam32\bdimguiaux.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\DllHost.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ro/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 – URLSearchHook: uTorrentBar Toolbar – {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} – C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
F2 – REG:system.ini: UserInit=userinit.exe
O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 – BHO: Groove GFS Browser Helper – {72853161-30C5-4D22-B7F9-0BBC1D38A37E} – C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 – BHO: Adobe PDF Conversion Toolbar Helper – {AE7CD045-E861-484f-8273-0445EE161910} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 – BHO: uTorrentBar – {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} – C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 – BHO: SmartSelect – {F4971EE7-DAA0-4053-9964-665D8EE6A077} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 – Toolbar: uTorrentBar Toolbar – {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} – C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O3 – Toolbar: Adobe PDF – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 – HKLM\..\Run: [GrooveMonitor] “C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe”
O4 – HKLM\..\Run: [Adobe Acrobat Speed Launcher] “C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe”
O4 – HKLM\..\Run: [Acrobat Assistant 8.0] “C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe”
O4 – HKLM\..\Run: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 – HKCU\..\Run: [Google Update] “C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe” /c
O4 – HKCU\..\Run: [uTorrent] “C:\Program Files (x86)\uTorrent\uTorrent.exe” /MINIMIZED
O4 – HKCU\..\Run: [DAEMON Tools Pro Agent] “C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe” -autorun
O4 – HKCU\..\Run: [Messenger (Yahoo!)] “C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O8 – Extra context menu item: Append Link Target to Existing PDF – res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 – Extra context menu item: Append to Existing PDF – res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert Link Target to Adobe PDF – res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 – Extra context menu item: Convert to Adobe PDF – res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 – Extra button: Send to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 – Extra ‘Tools’ menuitem: S&end to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 – Protocol: grooveLocalGWS – {88FED34C-F0CA-4636-A375-3CB6248B04CD} – C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 – AppInit_DLLs: acaptuser32.dll
O23 – Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) – Unknown owner – C:\Windows\System32\alg.exe (file missing)
O23 – Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) – Unknown owner – C:\Windows\System32\lsass.exe (file missing)
O23 – Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) – Unknown owner – C:\Windows\system32\fxssvc.exe (file missing)
O23 – Service: FLEXnet Licensing Service – Macrovision Europe Ltd. – C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 – Service: @keyiso.dll,-100 (KeyIso) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
O23 – Service: @comres.dll,-2797 (MSDTC) – Unknown owner – C:\Windows\System32\msdtc.exe (file missing)
O23 – Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
O23 – Service: PnkBstrA – Unknown owner – C:\Windows\system32\PnkBstrA.exe
O23 – Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
O23 – Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) – Unknown owner – C:\Windows\system32\locator.exe (file missing)
O23 – Service: SafeBox – Bitdefender – C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
O23 – Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
O23 – Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) – Unknown owner – C:\Windows\System32\snmptrap.exe (file missing)
O23 – Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) – Unknown owner – C:\Windows\System32\spoolsv.exe (file missing)
O23 – Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) – Unknown owner – C:\Windows\system32\sppsvc.exe (file missing)
O23 – Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) – Unknown owner – C:\Windows\system32\UI0Detect.exe (file missing)
O23 – Service: BitDefender Update Server v2 (Update Server) – BitDefender – C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
O23 – Service: BitDefender Desktop Update Service (UPDATESRV) – Bitdefender – C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
O23 – Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
O23 – Service: @%SystemRoot%\system32\vds.exe,-100 (vds) – Unknown owner – C:\Windows\System32\vds.exe (file missing)
O23 – Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) – Unknown owner – C:\Windows\system32\vssvc.exe (file missing)
O23 – Service: BitDefender Virus Shield (VSSERV) – Bitdefender – C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
O23 – Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) – Unknown owner – C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 – Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) – Unknown owner – C:\Windows\system32\wbengine.exe (file missing)
O23 – Service: Broadcom Wireless LAN Tray Service (wltrysvc) – Broadcom Corporation – C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 – Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) – Unknown owner – C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 – Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) – Unknown owner – C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 – Service: Yahoo! Updater (YahooAUService) – Yahoo! Inc. – C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
–
End of file – 10239 bytes
Lucrurile par in ordine aici. Schimba-ti parola contului Yahoo!, apoi fa o scanare cu Dr.Web cureit! si Malwarebytes Anti-Malware.
Alex: okay so check out htxp://bit.ly/wT0i5O i found it this week and it only works until tomorrow! plz keep this to urself Alex:hmm i dont think so, i always keep my antivirus up to date Alex: okay so check out htxp://bit.ly/wT0i5O i found it this week and it only works until tomorrow! plz keep this to urself Alex:Yeah I received mine today. Im surprised it works… I think I am also gonna get another one Alex: Let me know if it works for you too! cam asta spunea. Parola am schimbat-o inainte sa-mi spuneti dumneavastra:) o sa incerc sa fac si ce m-ati mai sfatuit.
Alerta maxima!!!!!!!!!!!!
Am gasit un site de phishing realittatea.net imita http://realitatea.net/ are un t in plus.
A aparut KAV si KIS 2013 Beta:
http://forum.kaspersky.com/index.php?showtopic=161942
Se primeste e-mail de la youtube service si te anunta ca un video postat de tine e in topul vizualizarilor si iti recomanda sa vizitezi o pagina de la youtube.
Acesta este link-ul recomandat si cu virusi
http://www.youtube.com/watch?v=Zs3bn1A7p&feature=topvideos_mp
Avastul il semnaleaza
Infection Details
URL: “http://pilldrugstorexcedrin.com/”
Process: “C:\Program Files\Internet Explorer\IEXP…
Infection: “URL:Mal”
A aparut COMODO Internet Security/Firewall/Antivirus 5.10.228257.2253:
http://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-5102282572253-released-t82809.0.html
Da, postasem eu initial aici: http://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-5102282572253-released-t82806.0.html
A aparut Malware Defender 2.8.0.0001:
http://www.softpedia.com/get/Security/Secure-cleaning/Malware-Defender.shtml
@Radu (sau oricine ma poate ajuta): am o problema cu Firefox.
Nu pot downloada absolut nimic, dar saiturile de gen YouTube merg fara probleme.
Nu pot nici macar sa-i fac update. In rest merge.
Care ar putea fi problema?
Ia uite! Cica ar fi aparut un alt program gratuit de tip Internet Security! Este vorba despre “Free ZoneAlarm AntiVirus + Firewall”. Este inca in faza de Beta.
Intrand pe adresa de mai jos gasiti cateva informatii, pareri si niste poze.
http://www.wilderssecurity.com/showthread.php?t=320261
Mai jos gasiti alte informatii si pachetul de download:
http://www.neowin.net/news/zonealarm-free-antivirus–firewall-102021000-beta
Acasa la mamica lui:
http://forums.zonealarm.com/showthread.php?p=293367#post293367
https://www.zonealarm.com/security/en/beta-center-details.htm?ifrom=betahome&betaSku=ZAAV-FREE-BETA
Domnule Radu,
Pot sa inteleg ca ai sters comentariile mele prin care am anuntat ca a aparut un nou program de tip “Internet Security” gratuit, care concureaza, sau poate concura, cu Comodo IS Premium, Forticlient IS Free, Outpost IS Free.
Am facut trimitere la alte bloguri … si aici am gresit. Recunosc ca, in loc sa transmit informatia, si, eventual, sa transmit adresa oficiala, am pus alte bloguri pentru informare…… OK … Mea culpa (pentru cei care nu cunosc, expresia folosita este o expresie din limba latina care se traduce în limba romana prin greseala mea sau prin propria mea greseala).
Dar mi se pare neprofesionist sa nu transmiti stirea si … mai mult, sa o blochezi.
Nu e nici o suparare. Dar …. de acum, in aceste conditii, pot sa-ti spun succes mai departe si ….. la revedere!
Cu stima,
Ocsi
@ocsi: Nu inteleg la ce te referi. Comentariile tale sunt la locul lor. Ce motiv aveam sa le sterg? Incearca cu alt browser daca nu apar…nu stiu ce s-a intamplat, dar la mine sunt.
Pai … nu erau. Adica erau, au disparut si au aparut. Am folosit ca browsere Firefox, IE9, Comodo Dragon. Toate trei au luat-o razna? Sau … eu am luat-o razna!! Daca tu nu ai intervenit inseamna ca si-a bagat necuratul coada … sau …. o fi de la betie?!
OK! Acum sunt acele comentarii. Mai, cerd ca aici s-a extins Zona Crepusculara …..
In fine! Imi cer scuze in acest caz. Imi retrag cuvintele.
Dar cum vad ca sunt moderat si daca dau un raspuns de genul: Da, e bine, sau Nu, nu vreau …. sau alte astfle de banalitati.
Eu nu am intervenit deloc asupra comentariilor tale. Nu o fac uneori pt cei care sar la harta si sa o fac pt o persoana ce are contributii de calitate?
E clar! Au luat-o razna trei PC-uri din patru, trei browsere din trei, doua retele de net din doua (RDS si Romtelecom)!!!
Sau … am sfeclit-o eu cu mintea!
Comentariile dispar, apar, reapar, dispar …..!!!! Comentariile sunt moderate sau nu, remoderate …. re-re-re-remoderate!!!!
E ceva ciudat!
O sa rog pe altcineva sa acceseze site-ul …. poate eu sunt cauza ciudateniilor!!!
Culmea …. si altii patesc la fel (persoanele pe care le-am rugat sa intre pe aici si sa vada ce se intampla).
Ia vedeti totusi n-o fi de la voi?
OOi7JMd01NEx4dgEah htxp://blinetransit.com/css.html
Primit pe mail adinieauri si dak accesezi acel link te duce :
hxtp://domainverwaltung.thiersee.at/web/index.php?promo=freeavg
O pagina care seamana izbitor cu siteul AVG
@broascadilie: Si ce subiect are email-ul? Este un Antivirus fals, postam acum un articol.
AV-Test = Jan – Feb 2012
http://www.av-test.org/en/tests/test-reports/janfeb-2012/
Radu, ar trebui sa verifici blogul/ Nu apar comentariile, sau apar daca accesezi un subdomeniu, sau cand schimbi capitolele. La fel se intampla si in cazul articolelor …. am primit pe mess faptul ca a aparut un articol nou … am dat click …. si nu a aparut (ci articolul mai vechi) … am accesat un comentariu si …. surpriza … in josul ecranului a aparut un comentariu la un articol nou, care nu se afisa initial …. apoi …. accesandu-l a aparut si comentariul tau anterior.
In cazul meu nici acum nu a aparut comentariul! Nu ca as tine la el …. dar e ceva in neregula!!!!!!!
io cre’ că te sabotează careva de p’acilea…musai e o conşpiraţiune pusă la cale de nişte malefici ce nu voiesc a le fi scoase la iveală secretele tenebroase in materie de antivirusistică…asta da mârşăvie… *
* idee inspirată din cartea “Ocsi and the Chamber of the Antivirus Secrets” ce va vedea lumina tiparului in perioada imediat urmatoare…v-o recomand cu toata caldura…
@ocsi: Am implementat un sistem de caching. Momentan nu am mai primit reclamatii, sa vedem…
Salut,
Am si eu o problema .Fisierele mele audio,jpeg,gif au acum semnul asta in fata ,,$” si nu le pot deschide.Am scanat cu Doc Web,Emisoft,Bitdefender…Am schimbat si SO(win7).Ce as mai putea face? Va multumesc!
Multumesc mult,mult pentru (sfaturi…!) Intodeauna e bine sa ajuti cind poti!
Am primit azi pe e-mail (yahoo) un anunt care te trimite pe o pagina infectata , va rog sa va uitati si voi:
YouTube Content Service has sent you a notification:
Your video has been approved
To: ……..@yahoo.com
hppp://www.youtube.com/watch?v=duxRN51iwI&feature=toprated
Un nou virus.
Ad-Aware Free Antivirus+ 10.0.173.3160 – cu asta se lauda mai nou cei de la Lavasoft. Vezi aici
http://www.lavasoft.com/products/ad_aware_free.php
Daca vreti sa testati Ad-Aware Free Antivirus+
- il downloadati de pe adresa data anterior
- kitul de instalare este pentru versiunea Pro, trial de 30 zile (habar n-am de ce nu au scos un kit separat si pentru versiunea gratuita – poate e vorba de marketing)
- il instalati si nu restartati PC-ul
- va cere o cheie de activare
- in acest moment introduceti urmatoarea cheie: 3Z9T5-EMP6Z-N8JXA-6796C-CCQXN si-l activati
- acum aveti versiunea Free si veti restarta calculatorul
Si a obtinut rezultate foarte bune in testele efectuate de catre Virusbtn.
Vedeti pozitia Lavasoft aici:
http://www.virusbtn.com/vb100/RAP/RAP-quadrant-Aug-Feb12-850.jpg
TuneUp Utilities 2011 – licenta gratuita pentru un an
http://www.tune-up.com/promo/pcf0512/
Uite un articol interesant aici http://majorgeeks.com/page.php?id=20
Este vorba despre cele mai bune programe gratuite (sau, ma rog, ceea ce considera aia ca ar fi cele mai bune).