PCMAV 3.0.2 Update Build4 (Metamorpica: Perusak Sistem Operasi)

Metamorpica. The worm created by using Visual Basic programming language, size 460 KB with no in-pack. At first glance seem like a simple VB program, which even still use the default icon Visual Basic applications. But if you run it, very detrimental effects. This worm will replicate itself by copying all the files on your hard disk name, and delete the original file. This process is done recursively, and be fatal because it will also delete important files that are not protected, including files used by the operating system, so you must restore the system by system restore or reinstall. With this payload, the worm is less potential to spread widely through the exchange of disc media, because the host will be crippled under their control in a short time. But stay alert because the malware files can also be spread by other means, such as via the Internet / file sharing.

Some of the registry will be changed by this worm, when you access the menu Folder Options - View, will have the option "Folder Options connected with f & i worm", if you choose this option, a warning will appear containing the message:

"Thank you for using the product in the country! The virus is made for citizens of Indonesia, can eradicate the virus itself Using Antivirus">. From the creator of the virus: F4nd1 3rd14n54 "

To eradicate this virus or another virus variant, PCMAV Update 3.0.2 Build4 been present with the addition of 13 new virus variant identification. For those users PCMAV 3.0.2, it is strongly recommended to update immediately, so that you PCMAV can recognize and eradicate the virus more.

List of virus addition to 3.0.2 Update PCMAV Build4:
74BE16.exe
74BE16.exe.Dropper.exe.A
74BE16.exe.Dropper.exe.B
74BE16.exe.fne.A
74BE16.exe.fne.B
74BE16.exe.fne.C
74BE16.exe.fne.D
74BE16.exe.fne.E
74BE16.exe.fne.F
74BE16.exe.fne.G
74BE16.exe.fnr.A
74BE16.exe.fnr.B
Anti
Anti.doc
Autoit.EX
Autoit.EX.bat
Autoit.EX.inf
Autoit.EY
Autoit.EZ
Autoit.EZ.cmd
Autoit.EZ.inf
Autoit.FA
AwaN.A
AwaN.B
Bohia
Bohia.dll
Bohia.url.A
Bohia.url.B
Bohia.url.C
Bohia.url.D
Bohia.url.E
Bohia.url.F
DosenBlagu
Geografi.C
Hswdc.A
Hswdc.B
Iklan
Malingsi.P
Malingsi.Q
Malingsi.Q..mrc
Malingsi.Q.dll.A
Malingsi.Q.dll.B
Malingsi.Q.dll.C
Malingsi.Q.ini
Malingsi.R
Malingsi.S
Malingsi.S.ini
Metamorpica
Minerva.D
Petani
Rieysha-Jogja.C
Rieysha-Jogja.C.vbs.A
Rieysha-Jogja.C.vbs.B
Rieysha-Lokal.B
Rieysha-Lokal.B.bat
Rieysha-Lokal.B.htm
RinaRudy.B
Salxls.C
Sarap
Sesiana.vbs.A
Sesiana.vbs.A.inf
Sesiana.vbs.B
YM-Infocard.A
YM-Infocard.A.jpg
YM-Infocard.B
YM-Infocard.C
YM-lnfocard.D

Download PCMAV 3.0.2 Update Build4 (Metamorpica: Perusak Sistem Operasi)

Read full story

PCMAV 3.0.2 Update Build3 (Minerva.D: Worm Berbentuk Game)

Minerva.D. Playing games is fun, but what if the game itself was actually a worm? Minerva.D an example of a worm-shaped game. Created with FreeBASIC compiler, in-pack with UPX and size 333 KB, this worm save some games that are displayed randomly every time dijalankan.Game shown Minerva is a game created with Flash, such as Hangman, Mario Bros., Noughts and crosses, PinWheel , and others. At first glance there is nothing strange, but like most other malware, he would manipulate the registry and is active in memory at startup of Windows.

Spreading technique utilizing a removable disk storage media, it will replicate itself under the name Minerva game.exe and New_Games.exe on a removable disk. Another characteristic is to create sound files with WAV format called TOENG.WAV and ROGER.WAV in the folder Windows \ Media.

To eradicate this virus or another virus variant, PCMAV Update 3.0.2 Build3 been present with the addition of 10 new virus variant identification. For those users PCMAV 3.0.2, it is strongly recommended to update immediately, so that you PCMAV can recognize and eradicate the virus more.

List of virus addition to 3.0.2 Update PCMAV Build3:
Anti
Anti.doc
Autoit.EX
Autoit.EX.bat
Autoit.EX.inf
Autoit.EY
Autoit.EZ
Autoit.EZ.cmd
Autoit.EZ.inf
Autoit.FA
AwaN.A
AwaN.B
Bohia
Bohia.dll
Bohia.url.A
Bohia.url.B
Bohia.url.C
Bohia.url.D
Bohia.url.E
Bohia.url.F
DosenBlagu
Geografi.C
Hswdc.A
Hswdc.B
Iklan
Malingsi.P
Malingsi.Q
Malingsi.Q..mrc
Malingsi.Q.dll.A
Malingsi.Q.dll.B
Malingsi.Q.dll.C
Malingsi.Q.ini
Malingsi.R
Malingsi.S
Malingsi.S.ini
Minerva.D
Petani
Rieysha-Jogja.C
Rieysha-Jogja.C.vbs.A
Rieysha-Jogja.C.vbs.B
Rieysha-Lokal.B
Rieysha-Lokal.B.bat
Rieysha-Lokal.B.htm
RinaRudy.B
Salxls.C
Sarap
Sesiana.vbs.A
Sesiana.vbs.A.inf
Sesiana.vbs.B
YM-Infocard.A
YM-Infocard.A.jpg
YM-Infocard.B
YM-Infocard.C
YM-lnfocard.D


Download PCMAV 3.0.2 Update Build3 (Minerva.D: Worm Berbentuk Game)

Read full story

PCMAV 3.0.2 Update Build2 (Anti)

Anti. Viruses are created with Delphi programming language, is about 481 KB with no on-pack. He uses icons similar to those commonly used by Real Player file (extension *. rm). Adverse effects thereof is to delete video files with the extension tertentu.Saat active, the virus will create some files, among others:

Windows\soundvc.exe
\windows\system32\anti.exe
C:\anti.doc

Files that are known to be deleted by this virus is a file with extension *. 3gp, *. rm and *. wmv. Anti.doc file created on drive C virus is a Microsoft Word file containing the virus message, namely:

mode BAIK ON
1. stop RIBUT = akan men9ambil alih sistem suara di-waktu sholat
2. stop PORNO = akan men9hapus file2 y9 di-identifikasi porno

mode KEJAM ON
1. …blablabla…
2. …wekekekek…

jika men9halangi mode BAIK ON maka mode KEJAM ON akan di-eksekusi

“jan9an mencela karena 7an virus BAIK
mun9kin dosa 9ue buat VIRUS ini
9a’ sebesar dosa lho y9 slalu n9umpat 9ue dari belakan9
maaf klo ini SALAH”

To eradicate this virus or another virus variant, PCMAV Update 3.0.2 Build2 been present with the addition of nine new virus variant identification. For those users PCMAV 3.0.2, it is strongly recommended to update immediately, so that you PCMAV can recognize and eradicate the virus more.

List of virus addition to 3.0.2 Update PCMAV Build2:

Anti
Anti.doc
Autoit.EX
Autoit.EX.bat
Autoit.EX.inf
AwaN.A
AwaN.B
Bohia
Bohia.dll
Bohia.url.A
Bohia.url.B
Bohia.url.C
Bohia.url.D
Bohia.url.E
Bohia.url.F
Geografi.C
Hswdc.A
Hswdc.B
Iklan
Malingsi.P
Malingsi.Q
Malingsi.Q..mrc
Malingsi.Q.dll.A
Malingsi.Q.dll.B
Malingsi.Q.dll.C
Malingsi.Q.ini
Petani
Rieysha-Jogja.C
Rieysha-Jogja.C.vbs.A
Rieysha-Jogja.C.vbs.B
Rieysha-Lokal.B
Rieysha-Lokal.B.bat
Rieysha-Lokal.B.htm
RinaRudy.B
Salxls.C
Sarap
Sesiana.vbs.A
Sesiana.vbs.A.inf
Sesiana.vbs.B
YM-Infocard.A
YM-Infocard.A.jpg
YM-Infocard.B
YM-Infocard.C
YM-lnfocard.D

Download PCMAV 3.0.2 Update Build2 (Anti)

Read full story

PCMAV 3.0.2 Update Build1 (YM-Infocard)

YM-InfoCard. Recently, a widespread worm spreads through Messenger (YM). On computers that are infected, the virus will send a message like in the picture above to the entire list of friends, and the message provides a link of interest to the user to click on it. Domain listed on the links can vary, but all leads to the image.php file. If the link is clicked, then a file named IMGXXXXX.JPG-www.myspaces.com.exe will be downloaded (xxxxx is a series of numbers that also vary).

Although there are a confirmation of whether to download the EXE file, it appeared that quite a lot of users are not vigilant and keep downloading it, even run the file so that the computer go into korban.Sampai today, PCMAV team has received 4 (four) YM-variant InfoCard with different file size: 73 KB, 99 KB, 103 KB and 164 KB. a variant written in Visual Basic programming language, and others with FreeBASIC, without in-pack. Icon uses the icon-type image to outwit users who may think that file is an image file.

Although most of the reported link no longer active, but it is possible there are new links and variants that continue to spread. Of the variants that have been found, one of the characteristics of this worm is to create a duplicate of himself to the WINDOWS \ infocard.exe, and activate it in memory, this process is visible in Task Manager.

The name of the file that created this worm is infocard.exe or lnfocard.exe (diff in his first letter, the letter "i" and "l"), depending on the type of variants. In addition to the Windows folder, YM-InfoCard also replicate themselves by the name of the file C: \ d.exe, Program Files \ lnfocard.exe, also create a file Windows \ winbrd.jpg, and an empty file with the name Windows \ mds.sys and Windows \ mdt.sys.

Spread via YM has also been done another worm like Autoit. Although there are no damaging effects inflicted on the infected computer, but which quickly spread to watch.

To eradicate this virus or another virus variant, PCMAV Update 3.0.2 Build1 been present with the addition of 35 new virus variant identification. For those users PCMAV 3.0.2, it is strongly recommended to update immediately, so that you PCMAV can recognize and eradicate the virus more.

List of virus addition to 3.0.2 Update PCMAV Build1:
AwaN.A
AwaN.B
Bohia
Bohia.dll
Bohia.url.A
Bohia.url.B
Bohia.url.C
Bohia.url.D
Bohia.url.E
Bohia.url.F
Geografi.C
Hswdc:EXE_PE32
Malingsi.P
Malingsi.Q
Malingsi.Q..mrc
Malingsi.Q.dll
Malingsi.Q.dll
Malingsi.Q.dll
Malingsi.Q.ini
Rieysha-Jogja.C
Rieysha-Jogja.C.vbs.A
Rieysha-Jogja.C.vbs.B
Rieysha-Lokal.B
Rieysha-Lokal.B.bat
RinaRudy.B
Salxls.C
Sarap
Sesiana.vbs.A
Sesiana.vbs.A.inf
Sesiana.vbs.B
YM-Infocard.A
YM-Infocard.A.jpg
YM-Infocard.B
YM-Infocard.C
YM-lnfocard.D


Download PCMAV 3.0.2 Update Build1 (YM-Infocard)

Read full story

PCMAV 3.0.2 Ragnarok

Have attended the latest edition of PC Magazine Media 06/2010 with Super DVD 8 GB, which also includes antivirus pride of Indonesia, PCMAV 3.0.2. Currently, PCMAV is the only antivirus software that is able to recognize the 3246 virus and its variants are reported much spread in Indonesia.

Immediately get PCMAV Ragnarok 3.0.2 has been enhanced only from PC Magazine Media 06/2010 has risen. Immediately a message and get on the kiosk nearest dealer.

WHAT IS NEW?

* Updated! Added a database identifier and cleaning virus 22 local / foreign / new variant of the reported spread in Indonesia. Total 3246 virus and its variants are circulating in Indonesia has been known in the version 3.0.2 is the core engine PCMAV.

* Improved! Special engine to thoroughly clean Brontok virus variants are still spreading in Indonesia.

* Updated! Module settings for memory usage that is more reliable for multithread environment.

* Updated! Setting a more efficient memory usage dikala idle.

* BUG FIXED! No more confirmation when pressing the exit button when detecting a file with context menu.

* BUG FIXED! Some non-active timer function has now been removed.

* Updated! Changes name to follow a new variant viruses were found.

* Improved! Some minor bug fixes and improvements to ensure that the internal code can still be antivirus PCMAV Indonesian pride.

Download PCMAV 3.0.2 Ragnarok

Read full story

PCMAV 3.0.1 Update Build4 (Malingsi.Q)

Malingsi.Q. This virus has been known for a long time, but it is still spreading with different variants. This time the size of about 685 KB, and as in previous variants that have been found, the virus was packed with PE Compact, created with Visual Basic programming language, and uses similar to Microsoft Word icon. Spreading technique is to change the *. doc file attributes that the discovery that a super hidden, then the virus will be disguised by the name of the file. Users who are not alert can be fooled by the icon used Microsoft Word viruses.

Characteristic of this virus is to install itself with the name Adobe Gamma Loader.com on Startup. Also, hiding a virus located in the folder Program Files \ Microsoft Office \ OFFICE11, files created in these folders include: jwiegh.dll, PUB60SP.mrc, remote.ini, services.exe, yofc.dll, etc. another.

----------------

To eradicate this virus or another virus variant, Build4 PCMAV Update 3.0.1 is now available with the addition of 10 new virus variant identification. For those users PCMAV 3.0.1, it is strongly recommended to update immediately, so that you PCMAV can recognize and eradicate the virus even more.

List of virus addition to 3.0.1 Update PCMAV Build4:
Abzenz.B
Autoit.EW
Autoit.EW.ini
AwaN.A
AwaN.B
Bohia
Bohia.dll
Bohia.url.A
Bohia.url.B
Bohia.url.C
Bohia.url.D
Bohia.url.E
Bohia.url.F
Dots.vbs
Forever
Forever.dll
Forever.hosts
Forever.inf
GadiHot.E
GadiHot.E.txt
Geografi.C
Hswdc
Malingsi.O
Malingsi.O.dll
Malingsi.O.dll
Malingsi.O.dll
Malingsi.O.exe
Malingsi.O.ini
Malingsi.O.mrc
Malingsi.P
Malingsi.Q
Malingsi.Q..mrc
Malingsi.Q.dll
Malingsi.Q.dll
Malingsi.Q.dll
Malingsi.Q.ini
Pengantin_Baru
Rieysha-Jogja.C
Rieysha-Jogja.C.vbs.A
Rieysha-Jogja.C.vbs.B
RinaRudy.B
Salxls.C
Saphira.B
Saphira.B.sys
Sarap
Sesiana.vbs.A
Sesiana.vbs.A.inf
Sesiana.vbs.B
Xcrack
Xcrack.inf

Donwload PCMAV 3.0.1 Update Build4 (Malingsi.Q)

Read full story