Amis. Trick with the technique of social engineering malware is still a powerful weapon for the user running it, as has been done by this worm. With applications like Winamp icon and make the files appear to have the extension *. mp3, a glimpse of the worm file is a regular mp3 files that are ready to listen. But if the user is well aware, this worm files easily recognizable from the type, size, and display properties that appear when the mouse cursor is directed to that file (as shown). worm was created by using Visual Basic programming language, measuring approximately 22 KB in a state in-pack. When active, he will close the applications that have a caption such as:
- pcmav
- process
- master
- utility
- hijack
- patrol
- firewall
- detect
To protect itself, the worm also disable the Command Prompt, Regedit, Folder Options, and hide the file extension. The worm also manipulate the registry so that when users access msconfig.exe, which came out just notepad.exe application.
The worm will mimic the name of every file *. mp3 files found, and create duplication worm like mp3 files to trick users. Fortunately, the original mp3 is not removed by this worm. The worm also creates a VBScript file with the name menol.vbs mounted on Start - All programs - Startup that serves to activate the files of the parent worm.
At the root drive, hard drive or on removable disk, it will create duplicate files by name AMIS.exe.
List of virus addition to PCMAV 3.1 Update Build2:
Amis
Amis.vbs
Autoit-ReplaceIcon
BHP
BlackLove.D
Blagu
Brontok-Joseray.J
Brontok-Joseray.J.bin
Dewasa
FaLoNgel
FaLoNgel.htm
FaLoNgel.ocx
Flyff666.vbs.B
Hasmi.B
Hasmi.B.ini
Malingsi.T
Malingsi.T.ini
Malingsi.T.mrc
Malingsi.T.sys.A
Malingsi.T.sys.B
Malingsi.T.sys.C
Malingsi.T.sys.D
Malingsi.T.sys.E
Malingsi.T.sys.F
Malingsi.T.sys.G
Malingsi.T.sys.H
Malingsi.U
Nebula
P0et-Death-Drive.A
P0et-Death-Drive.A.inf
P0et-Death-Drive.A.ini
P0et-Death-Drive.A.txt
P0et-Death-Drive.B
QGS
QGS.dll
QGS.hosts
QGS.inf
QGS.lnk
Senseii.vbs
Senseii.vbs.ini.A
Senseii.vbs.ini.B
Senseii.vbs.vbs.A
Senseii.vbs.vbs.B
Senseii.vbs.vbs.C
Senseii.vbs.vbs.D
Download PCMAV 3.1 Update Build2 (Amis: Menyamar Sebagai File Mp3)
Read full story
- pcmav
- process
- master
- utility
- hijack
- patrol
- firewall
- detect
To protect itself, the worm also disable the Command Prompt, Regedit, Folder Options, and hide the file extension. The worm also manipulate the registry so that when users access msconfig.exe, which came out just notepad.exe application.
The worm will mimic the name of every file *. mp3 files found, and create duplication worm like mp3 files to trick users. Fortunately, the original mp3 is not removed by this worm. The worm also creates a VBScript file with the name menol.vbs mounted on Start - All programs - Startup that serves to activate the files of the parent worm.
At the root drive, hard drive or on removable disk, it will create duplicate files by name AMIS.exe.
List of virus addition to PCMAV 3.1 Update Build2:
Amis
Amis.vbs
Autoit-ReplaceIcon
BHP
BlackLove.D
Blagu
Brontok-Joseray.J
Brontok-Joseray.J.bin
Dewasa
FaLoNgel
FaLoNgel.htm
FaLoNgel.ocx
Flyff666.vbs.B
Hasmi.B
Hasmi.B.ini
Malingsi.T
Malingsi.T.ini
Malingsi.T.mrc
Malingsi.T.sys.A
Malingsi.T.sys.B
Malingsi.T.sys.C
Malingsi.T.sys.D
Malingsi.T.sys.E
Malingsi.T.sys.F
Malingsi.T.sys.G
Malingsi.T.sys.H
Malingsi.U
Nebula
P0et-Death-Drive.A
P0et-Death-Drive.A.inf
P0et-Death-Drive.A.ini
P0et-Death-Drive.A.txt
P0et-Death-Drive.B
QGS
QGS.dll
QGS.hosts
QGS.inf
QGS.lnk
Senseii.vbs
Senseii.vbs.ini.A
Senseii.vbs.ini.B
Senseii.vbs.vbs.A
Senseii.vbs.vbs.B
Senseii.vbs.vbs.C
Senseii.vbs.vbs.D
Download PCMAV 3.1 Update Build2 (Amis: Menyamar Sebagai File Mp3)