Tuesday, September 29, 2009

PCMAV 2.1a Update Build3 (Riand.C)


Update Build3 comes with the addition of 10 new virus variant identification. For those users PCMAV 2.1A highly recommended to update immediately, so that you PCMAV can recognize and eradicate the virus even more.

Riand.C. Viruses are created using Visual Basic is disguised with a folder-like icon. As show time at 21:00, he will display a message saying "Hey we meet again?" With the Ok button. When the button is clicked, the virus will display the image some men - men with the words "Coming through YEach woi !!!!".

List of virus addition to 2.1A PCMAV Update Build3:
Ageia.vbs
Astuty.B
Charis.vbs
Charis.vbs.inf
Darkbot
Foldres.C
GameVB.C
Gdmae.vbs
Geografi
Getrawen.C
Ketik
Kupret
Malingsi.H
Malingsi.H.exe
Malingsi.I
MoneyMy.C
Nhatquanglan.D
Phim
Phim.inf
Riand.C
Ronkor.B
Ronkor.txt.B
Shinchan
Shinchan.htt
Shinchan.inf
Shinchan.ini
SmsCinta.vbs.B
Thumbs.vbs.B
Tugas.C
Unindra

Download PCMAV 2.1a Update Build3 (Riand.C)
Read full story

PCMAV 2.1a Update Build2 (Charis.vbs)


Update Build2 comes with the addition of 10 new virus variant identification. For those users PCMAV 2.1A highly recommended to update immediately, so that you PCMAV can recognize and eradicate the virus even more.

Charis.vbs. Local virus was created using VBScr
ipt with the size of about 6KB. On the drive will have infected autorun.inf file and ch4r15.sys.vbs. The default page of Internet Explorer will be converted into http://ch4r15_15 @ yahoo.co.id, and captionnya be ":: ch4r15::". At the beginning of the script viruses also the phrase "YOU LUCKY OPENING THIS SCRIPT, HAPPY NEW WINDOWS MENEMPUH (ch4r15_15@yahoo.co.id)".

List of virus addition to 2.1A PCMAV Update Build2:
Ageia.vbs

Astuty.B
Charis.vbs
Charis.vbs.inf
Darkbot
Foldres.C
GameVB.C
Gdmae.vbs

Geografi
Kupret
Malingsi.H
Malingsi.H.exe
Malingsi.I
Nhatquanglan.D
Phim
Phim.inf

Ronkor.B
Ronkor.txt.B
SmsCinta.vbs.B
Thumbs.vbs.B


Download PCMAV 2.1a Update Build2 (Charis.vbs)
Read full story

Monday, September 7, 2009

PCMAV 2.1a Update Build1 (Malingsi.H)


Update Build1 comes with the addition of 10 new virus variant identification. For those users PCMAV 2.1A highly recommended to update immediately, so that you PCMAV can recognize and eradicate the virus even more.

Malingsi.H. Back in the new variant of this virus. Characterized by almost no change, use the icon like Microsoft Word. This variant has a size of about 727KB, and on-pack use PE Compact. This virus acts as a bot by using mIRC. Therefore to support the action he will create some support files in the \ Program Files \ mIRC \ IRC Bot. To be active every entry of Windows, these viruses planted on StartUp folder with Adobe Gamma Loader.com name, the name was briefly used by applications like Adobe's who also is usually in the StartUp folder. Obviously, he did this to deceive users. So, pay careful attention to the file name, the original files are usually Adobe with extension. Exe, not. Com.

List of virus addition to 2.1A PCMAV Update Build1:
Darkbot
Kupret
Malingsi.H
Malingsi.H.exe
Malingsi.I
Nhatquanglan.D
Phim
Phim.inf
Ronkor.B
Ronkor.txt.B

Download PCMAV 2.1a Update Build1 (Malingsi.H)
Read full story

PCMAV 2.1a Fixed + Express for Induc


If any of you who use PCMAV 2.1x series along with other antivirus in a PC, and get a warning that the file contains code PCMAV Induc viruses, does not need to worry.

The virus is active ONLY be installed on the computer version of the Delphi compiler is 4-7 on the computer are common among developers / programmers Delphi. In other words, the computer virus generally can not be active. Of virus programmer / developer or a software house that use this Delphi was not lethal as was heralded by some sites.


The virus is made only to infect every application created using Delphi. The way it works is to find out whether the computer is version Delphi 4-7 applications. If there is, he then sought the files for Delphi innate SysConst.pas injected "code" is still really in the form of source code. Then, SysConst.pas files compiled to produce SysConst.dcu files. While the original files in SysConst.dcu-rename the virus becomes SysConst.bak. Files that have been contaminated with the virus can be found in the directory \ Program Files \ Borland \ DelphiX \ Lib, where X shows Delphi version.

What happens if the virus is active?
Of course, every application created using Delphi code will be boarded by this virus. For example when a programmer uses SysUtils unit in the program. But, it is important for you to know that this virus can only spread themselves on your computer if there are 4-7 versions of Delphi, and he's not doing damage, like deleting files or other things. Thus, any programmer that makes software using Delphi that contains the virus code, the software will be detected as a virus by the antivirus, as a result the software in-block and can not be used. And no doubt, has many applications made with Delphi, even though popular, had boarded it. One of including third-party components (third party) from a professional developer PCMAV used by generations of 2.1x.

So how do I clean the computer from this virus?
For now, the action can be done on the infected file is deleted a file compilation of Delphi. Then, do the rebuild again for all applications created with Delphi are infected. But before doing rebuild or recompile, you need to improve SysConst.dcu files that have been infected. Way, simply delete SysConst.dcu file, then copy files SysConst.bak be SysConst.dcu. And let SysConst.bak file, so that your computer is not infected anymore. All these files can be found in the Delphi program directory, default in "\ Program Files \ Borland \ DelphiX \ Lib", where X shows the version of Delphi. The easiest way, do the scan using PCMAV Express for Induc to overcome this virus completely. And lastly, please contact the software manufacturer and let them know that the software had been boarded by Induc virus code.

Once again, no need to worry too much. As long as you're not a programmer / developer using Delphi and Delphi compiler versions on your computer 4-7, then certainly this virus will never be active.

Download PCMAV 2.1 Fixed:





Download PCMAV Express for Induc:
Read full story

PCMAV 2.1 Update Build3 (Viettel)


Update Build3 comes with the addition of 10 new virus variant identification. For you PCMAV 2.1 users are strongly advised to update immediately, so that your PCMAV can recognize and eradicate the virus even more.

Viettel. This virus will drain a victim's computer resources so that was very slow. He uses a folder-like icon in the spread. It was alleged that he came from Vietnam. He will create a master file in the Windows directory with the name of the userinit.exe and System32 with the name system.exe. At the infected computer will have a file with a name in the directory kdcoms.dll Windows.

List of virus addition to PCMAV 2.1 Update Build3:
Aibo
Alva
Autoit.EH
Autoit-Hubbun
Autoit-Hubbun.txt
Bassok
Boas
Busur
Buxto.D
Chelsea
Chelsea.inf
Cortex.B
Fold
GhostyNet.D
HellSpawn
HellSpawn.html
Ilusi.vbs.B
Ilusi.vbs.txt.B
Kepret
Knight.B
Manna
Merlin.bat
Merlin.bat.inf
MoneyMy.B
Peerfrag
Riand.B
Spiderman.B
Viettel.A
Viettel.B
Viettel.C

Download PCMAV 2.1 Update Build3 (Viettel)
Read full story
 

Labels

what is PCMAV?

PCMAV is an antivirus program developed by Indonesian Software Developer (PCMedia Magazine). PCMAV is distributed bundled with PCMedia Magazine. PCMAV is a free software for personal use or non-commecial use. For Commercial Use, You need to have the PCMedia Magazine to use this software.

Distributting and Using PCMAV is legal for personal and non-commercial!

PC Media Antivirus PCMAV Download Update © 2009 PCMAV is an antivirus program developed by Indonesian Software Developer (PCMedia Magazine).