Contact

Contact

E-mail: faravirusicom@gmail.com
Web: www.faravirusi.com

Astept comentarii si sugestii legate de postarile actuale sau ce ati dori sa vedeti pe acest site.

260 responses to “Contact”

  1. Cristian

    Am gasit azi pe filelist la comentariile unui film acest anunt “Descarca acum cu o viteza de pana la 80MBps !Noi va punem la dispozitie acum un program numit Fast Network care iti permite sa faci asta Poti sa downloadezi de aici hxtp://www.tutti24.pl/FastNetwork.rar”. Am urcat fisierul descarcat pe virustotal.com si uite care a fost rata de detectie: 5/ 42 (11.9%) https://www.virustotal.com/file-scan/report.html?id=1127d0a0052e390cb4017f5bb4074b34ac2ba694c71f6f2edc4e42cfe9d206d7-1321809237. Poti sa analizezi si tu acest fisier sa-mi spui ce influenta rea avea asupra calculatorului daca il rulam!?

  2. basano

    uite Radu un nou virus primit pe Maill este arhivat in Winrar si astazi l-am primit si asa se intitula ; Hello!

    Unfortunately we failed to deliver the postal package you have sent on the
    20th of November in time because the recipient’s address is erroneous.

    Please print out the shipment label attached and collect the package at our
    office.

    United States Postal Service

    uite rezultatul scanarii
    https://www.virustotal.com/file-scan/report.html?id=abf7ad8c2e73fe931eac35d0ba4b93e84b54c062eda6b0586cd9b4688390e39d-1322044776

  3. basano

    Ti-am trimis email cu atasamentul …avind virusul….!

  4. basano

    Poti sa analizezi acel fisier sa-mi spui ce influenta poate avea asupra calculatorului……?

  5. clawname

    Tot primesc niste adrese ciudate pe mail:P as vrea sa las un astfel de gen de adresa dar nush daca e ok
    Plus ca mai primesc niste html prin mail:)):
    Hi there! It’s Christine Richardson

    My age is 25 and it’s as great as my body.
    Don’t you remember me? We met at the park.
    I was having fun with my friends last night at the pool party, we made amazing videos.
    I think that you will like, take a look into attachment!

    cam asa suna prostia asta.

  6. Daniel

    AM primit pe email :

    Stimate Client,
    Pentru a folosii in continuare serviciul nostru Net Banking va rugam sa apasati pe linkul de mai jos :

    https://net.crediteurope.ro/ibank-cln/do/login/prompt?validate=423929123
    Pentru a putea asigura securitatea contului dvs, periodic veti fi nevoit sa completati procedura de verificare.
    Va Multumim ,

    Credit Europe Bank @ 2011

    Astia nu mai obosesc?

  7. adryan

    buna radu , am reusit sa ma virusez azi pe mess cu un virus ce apare ca o casuta de dialog mess, si incepe sa descarce un script in pc. rezultatul imi apare la status : gone to f*ck.. avertizeaza pls lumea si zimi care e cia mai usoara cale sa ma devirusez
    tnx

    1. Radu FaraVirusi(com)

      adryan, ai dat click pe vreun link sau cum anume s-a descarcat virusul?

      1. adryan

        nu ( cel putin nu unul care sa mi se para suspect si de care sa mi aduc aminte) pur si simplu imi apare pe ecran , in chenar am optiunea sa l reclam ca spam, iar daca vreau sa l inchid , imi zice ca transferul o sa se opreasca si daca vreau sa cotinu. am dat close in cel mult 10 sec , de cum a aparut ca avea un nick dubios , dar tot a descarcat ceva. oricum , reinstalez windowsul- asta ar trebuie sa ma scape de el 🙂

        PS : folosesc avira premium security suite.
        am scanat cu anti-walmare ,, a gasit o infectie , a bagat o in carantina , dar mi a mai aparut casuta din nou , acelas lucru

  8. Gigi

    Posteaza un log Hijack-This sa vedem ce virusi misuna prin PC la tine si apoi iti vom da alte instructiuni.

    https://www.faravirusi.com/2010/04/22/hijackthis-2-0-4-analiza-setarilor-modificate-de-virusi-din-pc-ul-tau/

  9. adryan

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:59:12, on 03/12/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\ZTE Join Air\AssistantServices.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
    C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ZTE Join Air\UIExec.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
    C:\DOCUME~1\gardena\LOCALS~1\Temp\Rar$EX01.032\WLAN Optimizer.exe
    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
    C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
    C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    E:\ady doc\download\HijackThis.exe

    R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.ro
    R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.ro
    R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://google.ro/
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.ro
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.ro
    R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 – HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.google.ro
    R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.ro
    R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.google.ro
    R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.google.ro
    R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 – BHO: AcroIEToolbarHelper Class – {AE7CD045-E861-484f-8273-0445EE161910} – C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 – BHO: SingleInstance Class – {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 – Toolbar: Adobe PDF – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 – HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 – HKLM\..\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”
    O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 – HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
    O4 – HKLM\..\Run: [avgnt] “C:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min
    O4 – HKLM\..\Run: [UIExec] “C:\Program Files\ZTE Join Air\UIExec.exe”
    O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
    O4 – HKCU\..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
    O4 – HKCU\..\Run: [Google Update] “C:\Documents and Settings\gardena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
    O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 – HKCU\..\Run: [BitTorrent] “C:\Program Files\BitTorrent\BitTorrent.exe” /MINIMIZED
    O4 – HKCU\..\Run: [uTorrent] “C:\Program Files\uTorrent\uTorrent.exe” /MINIMIZED
    O4 – HKCU\..\Run: [WLAN Optimizer] C:\DOCUME~1\gardena\LOCALS~1\Temp\Rar$EX01.032\WLAN Optimizer.exe
    O4 – HKCU\..\Run: [Messenger (Yahoo!)] “C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe” -quiet
    O4 – Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 – Extra context menu item: Google Sidewiki… – res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    O9 – Extra button: PokerStars – {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} – C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
    O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
    O10 – Broken Internet access because of LSP provider ‘c:\program files\bonjour\mdnsnsp.dll’ missing
    O22 – SharedTaskScheduler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\system32\browseui.dll
    O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:\WINDOWS\system32\browseui.dll
    O23 – Service: Avira FireWall (AntiVirFirewallService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
    O23 – Service: Avira AntiVir MailGuard (AntiVirMailService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
    O23 – Service: Avira AntiVir Scheduler (AntiVirSchedulerService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 – Service: Avira AntiVir Guard (AntiVirService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 – Service: Avira AntiVir WebGuard (AntiVirWebService) – Avira GmbH – C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    O23 – Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) – Unknown owner – C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
    O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\jqs.exe
    O23 – Service: UI Assistant Service – Unknown owner – C:\Program Files\ZTE Join Air\AssistantServices.exe
    O23 – Service: XAudioService – Conexant Systems, Inc. – C:\WINDOWS\system32\DRIVERS\xaudio.exe
    O23 – Service: Yahoo! Updater (YahooAUService) – Yahoo! Inc. – C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


    End of file – 8690 bytes

  10. lyly

    Buna @Radu azi am primit un mail suspect care suna in felul urmator:

    Afla cum un om obisnuit poate castiga peste 300 de euro pe zi, cu Google AdSense si cum poti face si tu acelasi lucru indiferente de varsta,ocupatia sau experienta ta actuala.

    Daca esti in cautarea unei surse sigure de venit si iti doresti sa castigi bani in mod constant, legal si usor, chiar si pe timp de criza, atunci acesta poate fi unul dintre cele mai importante articole pe care le-ai citit vreodata…
    Viziteaza: https://profit-sigur.ro/?coupon=20133x20134x
    Livrare in toata tara in 24 ore prin Curier Rapid

    Am scnat linkul si mi-a dat urmatoarele rezultate: ( https://www.virustotal.com/url-scan/report.html?id=20686d9be99f49ad96e76bb89c4af952-1322827211 ) …fiifnd cuioasa am mers mai departe sa vad ce se intampla si m dat sa comand “pachetul adsense” ……in final cand am dat sa ise din pagina ..Am castigat..;) https://picasaweb.google.com/113803625433883804102/DropBox?authkey=Gv1sRgCMvd54Waj-Sn9wE.PS…totusi NIS+Malwarebytes( web site bloking ) nu au detectat nimic

  11. lyly

    Asta e linkul corect si momentan nu pot sa fac upload la poza decat asa …sper sa merga https://picasaweb.google.com/113803625433883804102/DropBox?authkey=Gv1sRgCMvd54Waj-Sn9wE

    1. Gigi

      E doar o teapa si atat. Acele ferestre sunt doar pentru a speria vizitatorul si a-l tine cat mai mult pe pagina.

  12. lyly

    Aaaa ok mersi @Gigi pantru raspuns chiar imi faceam griji si aveam de gand sa imin iau pc la verificari

  13. nicu s

    Buna
    As dori si eu niste indrumari legate de comodo internet security, si anume,am instalat strong dc++ l-am pus la trusted application,la stealth ports wizard am setat pe versiunea din mijloc(alert me to incoming connections and make my ports stealth on a per-case basis) dar se pare ca aceste setari nu ma ajuta deoarece functia de search din strongdc++ nu functioneaza absolut deloc,doar daca il setez la firewalled worst case.
    Daca ma puteti ajuta cu niste sfaturi in privinta asta.
    Va multumesc anticipat.

  14. basano

    Arunca o privire si vezi cistigatorul antivirusul anului 2011 si pe ce loc s-a plasat Avira….
    https://www.av-comparatives.org/comparativesreviews/summary-reports

  15. ocsi

    O oferta buna pentru cei care nu vor sa cumpere sau sa pirateze Microsoft Office:
    Kingsoft Office Suite Professional 2012 gratuit pentru un an (100% compatibil cu Microsoft Office, inclusiv cu cele mai recente formate Microsoft Office; Microsoft Office poate deschide fisiere create cu Kingsoft Office , fara a fi nevoie sa-l aveti instalat pe calculator).
    https://ro.giveawayoftheday.com/kingsoft-office-suite-professional-2012/
    Atentie – oferta valabila doar 24 de ore!!!

  16. ocsi
  17. George

    Ieri am vazut un anunt de la un prieten pe facebook cu un video pe care zicea ca majoritatea oamenilor nu pot sal vada .. si de curiozitate am dat pe el .. ma pus sa instalez un plugin pentru videoclipuri dar am constatat ca nu era pt video ci un fel de virus care nu te mai lasa sa intri pe facebook trimitanduma pe o pagina de facebook falsa .. cu niste intrabari

    Asta e pagina cu videoul care mia infectat firefox htt://68723asoqoinasans.blogspot.com/?46675392
    Asta e pagina pe care te duce cand vei intra pe facebook dupa ce ai instalat pluginul acela htt/seehowtorestoreyouracc.blogspot.com/?accounts

  18. Amit Raina

    hi….i just lost the bullguard internet security that i hve won in ur site……..can that key resend by u to me……..so that i continue to use bullguard bcoz my subscription is going to expire tommorrow

  19. marius

    Salut.Am accesat un link de pe facebook care m-a trimis pe acest site.As vrea sa stiu daca este infectat .Daca cineva ar putea sa testeze m-ar ajuta foarte mult.
    https://www.hiro-video.com/access_fr_368_un-prof-de-karate-met-un-agresseurs-k-o-en-seconde-_225683.htm

    1. Radu FaraVirusi(com)
  20. Florin

    Rog administratorul acestui site sa-mi raspunda la mailul trimis.URGENT!
    Voi face public acel mail pentru a se lua masurile corespunzatoare.
    Multumesc.

    1. Radu FaraVirusi(com)

      @Florin: Nu te impacienta, ti-am raspuns. 😉 Il pot publica si eu, stai linistit, alaturi de celelalte detalii.

  21. Alex

    Salut am si e o problema cu acel virus care vorbeste pe mess. Imi foloseste idul si cand sunt online si cand sunt cu laptopul inchis. Ce sa fac? Va multumesc mult.

    1. Radu FaraVirusi(com)

      @Alex: Ce anume “spune” virusul pe mess? Trimite-ne un log HijackThis.

      1. Alex

        Logfile of Trend Micro HijackThis v2.0.4
        Scan saved at 3:54:13 AM, on 2/21/2012
        Platform: Windows 7 SP1 (WinNT 6.00.3505)
        MSIE: Internet Explorer v8.00 (8.00.7601.17514)
        Boot mode: Normal

        Running processes:
        C:\Program Files (x86)\uTorrent\uTorrent.exe
        C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
        C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
        C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
        C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
        C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
        C:\Program Files\Bitdefender\Bitdefender 2012\antispam32\bdimguiaux.exe
        C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Windows\SysWOW64\rundll32.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
        C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Windows\SysWOW64\DllHost.exe

        R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
        R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ro/
        R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
        R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
        R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
        R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
        R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
        R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
        R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        R3 – URLSearchHook: uTorrentBar Toolbar – {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} – C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
        F2 – REG:system.ini: UserInit=userinit.exe
        O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
        O2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
        O2 – BHO: Groove GFS Browser Helper – {72853161-30C5-4D22-B7F9-0BBC1D38A37E} – C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
        O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files (x86)\Java\jre6\bin\ssv.dll
        O2 – BHO: Adobe PDF Conversion Toolbar Helper – {AE7CD045-E861-484f-8273-0445EE161910} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
        O2 – BHO: uTorrentBar – {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} – C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
        O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
        O2 – BHO: SmartSelect – {F4971EE7-DAA0-4053-9964-665D8EE6A077} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
        O3 – Toolbar: uTorrentBar Toolbar – {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} – C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
        O3 – Toolbar: Adobe PDF – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
        O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
        O4 – HKLM\..\Run: [GrooveMonitor] “C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe”
        O4 – HKLM\..\Run: [Adobe Acrobat Speed Launcher] “C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe”
        O4 – HKLM\..\Run: [Acrobat Assistant 8.0] “C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe”
        O4 – HKLM\..\Run: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
        O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
        O4 – HKCU\..\Run: [Google Update] “C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe” /c
        O4 – HKCU\..\Run: [uTorrent] “C:\Program Files (x86)\uTorrent\uTorrent.exe” /MINIMIZED
        O4 – HKCU\..\Run: [DAEMON Tools Pro Agent] “C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe” -autorun
        O4 – HKCU\..\Run: [Messenger (Yahoo!)] “C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe” -quiet
        O8 – Extra context menu item: Append Link Target to Existing PDF – res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
        O8 – Extra context menu item: Append to Existing PDF – res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
        O8 – Extra context menu item: Convert Link Target to Adobe PDF – res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
        O8 – Extra context menu item: Convert to Adobe PDF – res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
        O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
        O9 – Extra button: Send to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
        O9 – Extra ‘Tools’ menuitem: S&end to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
        O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
        O18 – Protocol: grooveLocalGWS – {88FED34C-F0CA-4636-A375-3CB6248B04CD} – C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
        O20 – AppInit_DLLs: acaptuser32.dll
        O23 – Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) – Unknown owner – C:\Windows\System32\alg.exe (file missing)
        O23 – Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) – Unknown owner – C:\Windows\System32\lsass.exe (file missing)
        O23 – Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) – Unknown owner – C:\Windows\system32\fxssvc.exe (file missing)
        O23 – Service: FLEXnet Licensing Service – Macrovision Europe Ltd. – C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
        O23 – Service: @keyiso.dll,-100 (KeyIso) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
        O23 – Service: @comres.dll,-2797 (MSDTC) – Unknown owner – C:\Windows\System32\msdtc.exe (file missing)
        O23 – Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
        O23 – Service: PnkBstrA – Unknown owner – C:\Windows\system32\PnkBstrA.exe
        O23 – Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
        O23 – Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) – Unknown owner – C:\Windows\system32\locator.exe (file missing)
        O23 – Service: SafeBox – Bitdefender – C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
        O23 – Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
        O23 – Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) – Unknown owner – C:\Windows\System32\snmptrap.exe (file missing)
        O23 – Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) – Unknown owner – C:\Windows\System32\spoolsv.exe (file missing)
        O23 – Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) – Unknown owner – C:\Windows\system32\sppsvc.exe (file missing)
        O23 – Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) – Unknown owner – C:\Windows\system32\UI0Detect.exe (file missing)
        O23 – Service: BitDefender Update Server v2 (Update Server) – BitDefender – C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
        O23 – Service: BitDefender Desktop Update Service (UPDATESRV) – Bitdefender – C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
        O23 – Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
        O23 – Service: @%SystemRoot%\system32\vds.exe,-100 (vds) – Unknown owner – C:\Windows\System32\vds.exe (file missing)
        O23 – Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) – Unknown owner – C:\Windows\system32\vssvc.exe (file missing)
        O23 – Service: BitDefender Virus Shield (VSSERV) – Bitdefender – C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
        O23 – Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) – Unknown owner – C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
        O23 – Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) – Unknown owner – C:\Windows\system32\wbengine.exe (file missing)
        O23 – Service: Broadcom Wireless LAN Tray Service (wltrysvc) – Broadcom Corporation – C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
        O23 – Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) – Unknown owner – C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
        O23 – Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) – Unknown owner – C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
        O23 – Service: Yahoo! Updater (YahooAUService) – Yahoo! Inc. – C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


        End of file – 10239 bytes

        1. Radu FaraVirusi(com)

          Lucrurile par in ordine aici. Schimba-ti parola contului Yahoo!, apoi fa o scanare cu Dr.Web cureit! si Malwarebytes Anti-Malware.

      2. Alex

        Alex: okay so check out htxp://bit.ly/wT0i5O i found it this week and it only works until tomorrow! plz keep this to urself Alex:hmm i dont think so, i always keep my antivirus up to date Alex: okay so check out htxp://bit.ly/wT0i5O i found it this week and it only works until tomorrow! plz keep this to urself Alex:Yeah I received mine today. Im surprised it works… I think I am also gonna get another one Alex: Let me know if it works for you too! cam asta spunea. Parola am schimbat-o inainte sa-mi spuneti dumneavastra:) o sa incerc sa fac si ce m-ati mai sfatuit.

  22. marius

    Alerta maxima!!!!!!!!!!!!
    Am gasit un site de phishing realittatea.net imita https://realitatea.net/ are un t in plus.

  23. ocsi
  24. LIVIU

    Se primeste e-mail de la youtube service si te anunta ca un video postat de tine e in topul vizualizarilor si iti recomanda sa vizitezi o pagina de la youtube.

    Acesta este link-ul recomandat si cu virusi
    https://www.youtube.com/watch?v=Zs3bn1A7p&feature=topvideos_mp

    Avastul il semnaleaza
    Infection Details
    URL: “https://pilldrugstorexcedrin.com/”
    Process: “C:\Program Files\Internet Explorer\IEXP…
    Infection: “URL:Mal”

  25. ocsi
    1. Radu FaraVirusi(com)
  26. ocsi
  27. xpert

    @Radu (sau oricine ma poate ajuta): am o problema cu Firefox.
    Nu pot downloada absolut nimic, dar saiturile de gen YouTube merg fara probleme.
    Nu pot nici macar sa-i fac update. In rest merge.
    Care ar putea fi problema?

  28. ocsi

    Ia uite! Cica ar fi aparut un alt program gratuit de tip Internet Security! Este vorba despre “Free ZoneAlarm AntiVirus + Firewall”. Este inca in faza de Beta.
    Intrand pe adresa de mai jos gasiti cateva informatii, pareri si niste poze.
    https://www.wilderssecurity.com/showthread.php?t=320261

    1. ocsi

      Mai jos gasiti alte informatii si pachetul de download:
      https://www.neowin.net/news/zonealarm-free-antivirus–firewall-102021000-beta

  29. ocsi
  30. ocsi

    Domnule Radu,
    Pot sa inteleg ca ai sters comentariile mele prin care am anuntat ca a aparut un nou program de tip “Internet Security” gratuit, care concureaza, sau poate concura, cu Comodo IS Premium, Forticlient IS Free, Outpost IS Free.
    Am facut trimitere la alte bloguri … si aici am gresit. Recunosc ca, in loc sa transmit informatia, si, eventual, sa transmit adresa oficiala, am pus alte bloguri pentru informare…… OK … Mea culpa (pentru cei care nu cunosc, expresia folosita este o expresie din limba latina care se traduce în limba romana prin greseala mea sau prin propria mea greseala).
    Dar mi se pare neprofesionist sa nu transmiti stirea si … mai mult, sa o blochezi.
    Nu e nici o suparare. Dar …. de acum, in aceste conditii, pot sa-ti spun succes mai departe si ….. la revedere!
    Cu stima,
    Ocsi

    1. Radu FaraVirusi(com)

      @ocsi: Nu inteleg la ce te referi. Comentariile tale sunt la locul lor. Ce motiv aveam sa le sterg? Incearca cu alt browser daca nu apar…nu stiu ce s-a intamplat, dar la mine sunt.

      1. ocsi

        Pai … nu erau. Adica erau, au disparut si au aparut. Am folosit ca browsere Firefox, IE9, Comodo Dragon. Toate trei au luat-o razna? Sau … eu am luat-o razna!! Daca tu nu ai intervenit inseamna ca si-a bagat necuratul coada … sau …. o fi de la betie?!
        OK! Acum sunt acele comentarii. Mai, cerd ca aici s-a extins Zona Crepusculara …..
        In fine! Imi cer scuze in acest caz. Imi retrag cuvintele.
        Dar cum vad ca sunt moderat si daca dau un raspuns de genul: Da, e bine, sau Nu, nu vreau …. sau alte astfle de banalitati.

        1. Radu FaraVirusi(com)

          Eu nu am intervenit deloc asupra comentariilor tale. Nu o fac uneori pt cei care sar la harta si sa o fac pt o persoana ce are contributii de calitate?

  31. ocsi

    E clar! Au luat-o razna trei PC-uri din patru, trei browsere din trei, doua retele de net din doua (RDS si Romtelecom)!!!
    Sau … am sfeclit-o eu cu mintea!
    Comentariile dispar, apar, reapar, dispar …..!!!! Comentariile sunt moderate sau nu, remoderate …. re-re-re-remoderate!!!!
    E ceva ciudat!
    O sa rog pe altcineva sa acceseze site-ul …. poate eu sunt cauza ciudateniilor!!!
    Culmea …. si altii patesc la fel (persoanele pe care le-am rugat sa intre pe aici si sa vada ce se intampla).
    Ia vedeti totusi n-o fi de la voi?

  32. broascadilie

    OOi7JMd01NEx4dgEah htxp://blinetransit.com/css.html

    Primit pe mail adinieauri si dak accesezi acel link te duce :
    hxtp://domainverwaltung.thiersee.at/web/index.php?promo=freeavg
    O pagina care seamana izbitor cu siteul AVG

    1. Radu FaraVirusi(com)

      @broascadilie: Si ce subiect are email-ul? Este un Antivirus fals, postam acum un articol.

  33. ocsi
  34. ocsi

    Radu, ar trebui sa verifici blogul/ Nu apar comentariile, sau apar daca accesezi un subdomeniu, sau cand schimbi capitolele. La fel se intampla si in cazul articolelor …. am primit pe mess faptul ca a aparut un articol nou … am dat click …. si nu a aparut (ci articolul mai vechi) … am accesat un comentariu si …. surpriza … in josul ecranului a aparut un comentariu la un articol nou, care nu se afisa initial …. apoi …. accesandu-l a aparut si comentariul tau anterior.
    In cazul meu nici acum nu a aparut comentariul! Nu ca as tine la el …. dar e ceva in neregula!!!!!!!

    1. happyday

      io cre’ că te sabotează careva de p’acilea…musai e o conşpiraţiune pusă la cale de nişte malefici ce nu voiesc a le fi scoase la iveală secretele tenebroase in materie de antivirusistică…asta da mârşăvie… *

      * idee inspirată din cartea “Ocsi and the Chamber of the Antivirus Secrets” ce va vedea lumina tiparului in perioada imediat urmatoare…v-o recomand cu toata caldura… 😉

    2. Radu FaraVirusi(com)

      @ocsi: Am implementat un sistem de caching. Momentan nu am mai primit reclamatii, sa vedem…

  35. dan

    Salut,
    Am si eu o problema .Fisierele mele audio,jpeg,gif au acum semnul asta in fata ,,$” si nu le pot deschide.Am scanat cu Doc Web,Emisoft,Bitdefender…Am schimbat si SO(win7).Ce as mai putea face? Va multumesc!

  36. dan

    Multumesc mult,mult pentru (sfaturi…!) Intodeauna e bine sa ajuti cind poti!

  37. Adi

    Am primit azi pe e-mail (yahoo) un anunt care te trimite pe o pagina infectata , va rog sa va uitati si voi:

    YouTube Content Service has sent you a notification:
    Your video has been approved
    To: ……..@yahoo.com

    hppp://www.youtube.com/watch?v=duxRN51iwI&feature=toprated

    Un nou virus.

  38. ocsi

    Ad-Aware Free Antivirus+ 10.0.173.3160 – cu asta se lauda mai nou cei de la Lavasoft. Vezi aici
    https://www.lavasoft.com/products/ad_aware_free.php

    1. ocsi

      Daca vreti sa testati Ad-Aware Free Antivirus+
      – il downloadati de pe adresa data anterior
      – kitul de instalare este pentru versiunea Pro, trial de 30 zile (habar n-am de ce nu au scos un kit separat si pentru versiunea gratuita – poate e vorba de marketing)
      – il instalati si nu restartati PC-ul
      – va cere o cheie de activare
      – in acest moment introduceti urmatoarea cheie: 3Z9T5-EMP6Z-N8JXA-6796C-CCQXN si-l activati
      – acum aveti versiunea Free si veti restarta calculatorul

      1. ocsi

        Si a obtinut rezultate foarte bune in testele efectuate de catre Virusbtn.
        Vedeti pozitia Lavasoft aici:
        https://www.virusbtn.com/vb100/RAP/RAP-quadrant-Aug-Feb12-850.jpg

  39. ocsi

    TuneUp Utilities 2011 – licenta gratuita pentru un an
    https://www.tune-up.com/promo/pcf0512/

  40. ocsi

    Uite un articol interesant aici https://majorgeeks.com/page.php?id=20
    Este vorba despre cele mai bune programe gratuite (sau, ma rog, ceea ce considera aia ca ar fi cele mai bune).

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.