shinnok Posted June 19, 2008 Report Posted June 19, 2008 Captura wireshark:0000 00 0e 2e 83 77 16 00 14 5e cd 2d 55 88 64 11 00 ....w... ^.-U.d..0010 03 d0 01 e7 00 21 45 00 01 e5 00 00 40 00 2b 11 .....!E. ....@.+.0020 43 1d dd ce 79 35 4f 70 64 77 96 4f 04 02 01 d1 C...y5Op dw.O....0030 05 39 04 00 28 00 10 00 00 00 00 00 00 00 00 00 .9..(... ........0040 00 00 00 00 00 00 00 00 00 00 f8 91 7b 5a 00 ff ........ ....{Z..0050 d0 11 a9 b2 00 c0 4f b6 e6 fc 80 c7 94 84 0c f2 ......O. ........0060 74 31 e5 63 1c b0 0a 83 6a bb 00 00 00 00 01 00 t1.c.... j.......0070 00 00 00 00 00 00 00 00 ff ff ff ff 79 01 00 00 ........ ....y...0080 00 00 10 00 00 00 00 00 00 00 10 00 00 00 46 52 ........ ......FR0090 4f 4d 00 00 00 00 00 00 00 00 00 00 00 00 10 00 OM...... ........00a0 00 00 00 00 00 00 10 00 00 00 54 4f 00 00 00 00 ........ ..TO....00b0 00 00 00 00 00 00 00 00 00 00 35 01 00 00 00 00 ........ ..5.....00c0 00 00 35 01 00 00 53 54 4f 50 21 20 57 49 4e 44 ..5...ST OP! WIND00d0 4f 57 53 20 52 45 51 55 49 52 45 53 20 49 4d 4d OWS REQU IRES IMM00e0 45 44 49 41 54 45 20 41 54 54 45 4e 54 49 4f 4e EDIATE A TTENTION00f0 2e 0a 0a 57 69 6e 64 6f 77 73 20 68 61 73 20 66 ...Windo ws has f0100 6f 75 6e 64 20 35 35 20 43 72 69 74 69 63 61 6c ound 55 Critical0110 20 53 79 73 74 65 6d 20 45 72 72 6f 72 73 2e 0a System Errors..0120 0a 54 6f 20 66 69 78 20 74 68 65 20 65 72 72 6f .To fix the erro0130 72 73 20 70 6c 65 61 73 65 20 64 6f 20 74 68 65 rs pleas e do the0140 20 66 6f 6c 6c 6f 77 69 6e 67 3a 0a 0a 31 2e 20 followi ng:..1. 0150 44 6f 77 6e 6c 6f 61 64 20 52 65 67 69 73 74 72 Download Registr0160 79 20 55 70 64 61 74 65 20 66 72 6f 6d 3a 20 77 y Update from: w0170 77 77 2e 72 65 67 66 69 78 69 74 2e 63 6f 6d 0a ww.regfi xit.com.0180 32 2e 20 49 6e 73 74 61 6c 6c 20 52 65 67 69 73 2. Insta ll Regis0190 74 72 79 20 55 70 64 61 74 65 0a 33 2e 20 52 75 try Upda te.3. Ru01a0 6e 20 52 65 67 69 73 74 72 79 20 55 70 64 61 74 n Regist ry Updat01b0 65 0a 34 2e 20 52 65 62 6f 6f 74 20 79 6f 75 72 e.4. Reb oot your01c0 20 63 6f 6d 70 75 74 65 72 0a 0a 46 41 49 4c 55 compute r..FAILU01d0 52 45 20 54 4f 20 41 43 54 20 4e 4f 57 20 4d 41 RE TO AC T NOW MA01e0 59 20 4c 45 41 44 20 54 4f 20 53 59 53 54 45 4d Y LEAD T O SYSTEM01f0 20 46 41 49 4c 55 52 45 21 0a 00 FAILURE !.. Is foarte funny si cica circula de cativa ani...cred si eu daca numai eu il primesc de 2 ani incontinuu.Toate provin din china.Site-ul http://www.regfixit.com pointeaza la http://www.registryupdate.com/ .Daca fereastra aceea ar reusi sa apara(cazuri:windows 2000,no firewall,messenger service enabled,etc) si userul ratat ar vizita site-ul ar downloada programul si mai departe naiba stie pentru ca mie lene sa ma uit ce e cu programul ala.Protocol Windows Messenger port 1026 udp ip 221.206.121.53.Interesant este ca nu incearca mai intai sa se conecteze pe portul 135 asa cum face net send.Si din cate am inteles functioneaza in anumite cazuri(cateva am expus mai sus).http://www.secureworks.com/research/threats/popup-spam/http://www.google.ro/search?hl=ro&q=port+1026&btnG=C%C4%83utare+Google&meta= Quote
hari Posted June 19, 2008 Report Posted June 19, 2008 Da, eu am vazut spam din asta de vreo 3-4 ani de zile. Mergea bine pe vremuri. Cum ai zis, se bazeaza pe serviciul Messenger (net send).Dar acum nu mai prea functioneaza, Messenger a fost dezactivat in XP SP2. Quote
