Wednesday, July 21, 2010

PCMAV 3.1 Update Build2 (Amis: Menyamar Sebagai File Mp3)


Amis. Trick with the technique of social engineering malware is still a powerful weapon for the user running it, as has been done by this worm. With applications like Winamp icon and make the files appear to have the extension *. mp3, a glimpse of the worm file is a regular mp3 files that are ready to listen. But if the user is well aware, this worm files easily recognizable from the type, size, and display properties that appear when the mouse cursor is directed to that file (as shown). worm was created by using Visual Basic programming language, measuring approximately 22 KB in a state in-pack. When active, he will close the applications that have a caption such as:
- pcmav
- process
- master
- utility
- hijack
- patrol
- firewall
- detect

To protect itself, the worm also disable the Command Prompt, Regedit, Folder Options, and hide the file extension. The worm also manipulate the registry so that when users access msconfig.exe, which came out just notepad.exe application.

The worm will mimic the name of every file *. mp3 files found, and create duplication worm like mp3 files to trick users. Fortunately, the original mp3 is not removed by this worm. The worm also creates a VBScript file with the name menol.vbs mounted on Start - All programs - Startup that serves to activate the files of the parent worm.

At the root drive, hard drive or on removable disk, it will create duplicate files by name AMIS.exe.

List of virus addition to PCMAV 3.1 Update Build2:
Amis
Amis.vbs
Autoit-ReplaceIcon
BHP
BlackLove.D
Blagu
Brontok-Joseray.J
Brontok-Joseray.J.bin
Dewasa
FaLoNgel
FaLoNgel.htm
FaLoNgel.ocx
Flyff666.vbs.B
Hasmi.B
Hasmi.B.ini
Malingsi.T
Malingsi.T.ini
Malingsi.T.mrc
Malingsi.T.sys.A
Malingsi.T.sys.B
Malingsi.T.sys.C
Malingsi.T.sys.D
Malingsi.T.sys.E
Malingsi.T.sys.F
Malingsi.T.sys.G
Malingsi.T.sys.H
Malingsi.U
Nebula
P0et-Death-Drive.A
P0et-Death-Drive.A.inf
P0et-Death-Drive.A.ini
P0et-Death-Drive.A.txt
P0et-Death-Drive.B
QGS
QGS.dll
QGS.hosts
QGS.inf
QGS.lnk
Senseii.vbs
Senseii.vbs.ini.A
Senseii.vbs.ini.B
Senseii.vbs.vbs.A
Senseii.vbs.vbs.B
Senseii.vbs.vbs.C
Senseii.vbs.vbs.D

Download PCMAV 3.1 Update Build2 (Amis: Menyamar Sebagai File Mp3)

Read full story

Thursday, July 15, 2010

PCMAV 3.1 Update Build1 (FaLoNgel: Beranak Pinak Dalam Hard Drive)


FaLoNgel. See screenshot above, the presence of this worm is clear easy to know, because he manipulates certain registry that causes the icons that appear on the desktop and start menu to be larger than the default size. But cleaning is not an easy matter, because it will breed in the hard drive is making thousands of files. Worse, he can delete the files with extensions such as *. doc, *. html, *. htm, *. db, *. ocx and replace it with a duplicate of this worm.Worm created using Visual Basic programming language, size about 35 KB in a state in-pack. He will disable Comand Prompt, Task Manager, Regedit, and also change some colors display in Windows. Windows folder will be filled with artificial worms With the HTML file name FaLoNgelXXXX.htm where XXXX is the number in the thousands.

In a few *. ocx file which is the worm file, there is a message as follows:

FaLoNgelß

Kami tidak akan mengaktifkan antivirus,
Maupun program ini.
Karena file ini telah dikuasai
virus FaLoNgel.

Fandy Love Angel

List of virus addition to PCMAV 3.1 Update Build1:
Autoit-ReplaceIcon
BHP
BlackLove.D
Brontok-Joseray.J
Brontok-Joseray.J.bin
Dewasa
FaLoNgel
FaLoNgel.htm
FaLoNgel.ocx
Flyff666.vbs.B
Hasmi.B
Hasmi.B.ini
Malingsi.T
Malingsi.T.ini
Malingsi.T.mrc
Malingsi.T.sys.A
Malingsi.T.sys.B
Malingsi.T.sys.C
Malingsi.T.sys.D
Malingsi.T.sys.E
Malingsi.T.sys.F
Malingsi.T.sys.G
Malingsi.T.sys.H
Malingsi.U
Nebula
QGS
QGS.dll
QGS.hosts
QGS.inf
QGS.lnk
Senseii.vbs
Senseii.vbs.ini.A
Senseii.vbs.ini.B
Senseii.vbs.vbs.A
Senseii.vbs.vbs.B
Senseii.vbs.vbs.C
Senseii.vbs.vbs.D

Download PCMAV 3.1 Update Build1 (FaLoNgel: Beranak Pinak Dalam Hard Drive)

Read full story

Saturday, July 10, 2010

PCMAV 3.1 Ragnarok Released


Having attended the latest edition of PC Magazine Media 08/2010 with Super DVD 8 GB, which also include antivirus pride Indonesia, PCMAV 3.1. Currently, PCMAV is the only one capable of recognizing antivirus 3327 virus and its variants are reported more widespread in Indonesia.

Immediately get Ragnarok PCMAV 3.1 has been enhanced only from a PC Media magazine 08/2010 which had been published. Immediately a message and get in the stall / nearest agent.

Technical questions please delivered directly to the editors of PC Media via e-mail you have read and understand the contents of README.TXT. And we will be grateful if you could take the time to make comments limited to the use PCMAV 3.1 as an input in its development.

WHAT'S NEW? / CHANGE-LOG

* ADDED! Added database and cleaning virus 35 local / foreign / new variants have been spread in Indonesia. Total 3327 virus and its variants that are circulating in Indonesia is well known in version 3.1 is the core engine PCMAV.

* ADDED! PCMAV can now run on Windows Vista & 7 64-bit full.

* ADDED! Removal special engine to clean thoroughly and AIBO Deathdrive virus variants are widespread in Indonesia.

* Improved! Change of name of the virus found a new variant.

* FIXED! Repair logs in Windows Vista & 7 64-bit.

* Improved! Fixes some minor bugs and improved the internal code to ensure that antivirus PCMAV remain the pride of Indonesia.


Download PCMAV 3.1 Ragnarok Released

Read full story

Tuesday, July 6, 2010

PCMAV 3.0.3 Update Build4 (Senseii: Menyembunyikan Drive C)


Senseii. Malware type VB Script worm is sized around 59 KB, have quite a lot of payload, such as displaying a message like the picture at start Windows, or hide drives C through manipulation of the registry, causing drive C is not visible in Windows Explorer.Worm will spread on a removable disk with senseii.vbe and desktop.vbs name, do not miss a autorun.inf file in order to run the worm automatically if autorun is active.

Some worms and companionnya duplicate files will also be created with the name:

c: \ windows \ EXPL0RER.vbs
c: \ windows \ system \ WinUpdt.vbs
c: \ antivirus.vbs
c: \ regedit.vbs

and much more. Although the drive C is not visible, but you can still access it via the Command Prompt. On the desktop, it also will create a file called Do not click.ini containing the text:

w32 s@ipud1n adalah virus tiruan dari virus yg pernah ada ingin tau siapa yang buat tiruanya yang jelas bukan kamu kan? [credits] senseii c45 sekolah di playgroup terkenal di Cirebon

List of virus addition to 3.0.3 Update PCMAV Build4:
74BE16
74BE16.exe.A
74BE16.exe.B
74BE16.fne.A
74BE16.fne.B
74BE16.fne.C
74BE16.fne.D
74BE16.fne.E
74BE16.fne.F
74BE16.fne.G
74BE16.fnr.A
74BE16.fnr.B
Aibo.C
Anti
Anti.doc
Autoit.EY
Autoit.EZ
Autoit.EZ.cmd
Autoit.EZ.inf
Autoit.FA
Autoit-ReplaceIcon
BHP
BlackLove.B
Brontok-Joseray.J
Brontok-Joseray.J.bin
CekVirus
DosenBlagu
Flyff666.vbs.B
Hasmi.B
Hasmi.B.ini
Hswdc.B
Iklan
KillMe
Malingsi.R
Malingsi.S
Malingsi.S.ini
Malingsi.T
Malingsi.T.ini
Malingsi.T.mrc
Malingsi.T.sys.A
Malingsi.T.sys.B
Malingsi.T.sys.C
Malingsi.T.sys.D
Malingsi.T.sys.E
Malingsi.T.sys.F
Malingsi.T.sys.G
Malingsi.T.sys.H
Malingsi.U
Metamorpica
Minerva.D
MyDoom.B
Nebula
QGS
QGS.dll
QGS.hosts
QGS.inf
QGS.lnk
Restui
Senseii.vbs
Senseii.vbs.ini.A
Senseii.vbs.ini.B
Senseii.vbs.vbs.A
Senseii.vbs.vbs.B
Senseii.vbs.vbs.C
Senseii.vbs.vbs.D

Download PCMAV 3.0.3 Update Build4 (Senseii: Menyembunyikan Drive C)

Read full story
 

Labels

what is PCMAV?

PCMAV is an antivirus program developed by Indonesian Software Developer (PCMedia Magazine). PCMAV is distributed bundled with PCMedia Magazine. PCMAV is a free software for personal use or non-commecial use. For Commercial Use, You need to have the PCMedia Magazine to use this software.

Distributting and Using PCMAV is legal for personal and non-commercial!

PC Media Antivirus PCMAV Download Update © 2009 PCMAV is an antivirus program developed by Indonesian Software Developer (PCMedia Magazine).