Free Antivirus Update Center

[clamav-virusdb] Update (daily: 12187)

2010-10-28T21:04:00.001-07:00

ClamAV database updated (28 Oct 2010 22-28 -0400): daily.cvd
Version: 12187

Submission-ID: 19163059
Sender: Jason Haar
Sender: Virus Total
Added: Trojan.Rootkit-2919

Submission-ID: 19175320
Sender: Jotti
Sender: Virus Total
Sender: Peter Liao
Added: Trojan.Spy-77946

Submission-ID: 19177401
Sender: Jotti
Sender: Virus Total
Sender: Thomas
Added: Trojan.Kazy-1

Submission-ID: 15998737
Sender: Virus Total
Sender: ShadowServer
Sender: Krukovskiy Anton
Added: No

Submission-ID: 4178157
Sender: Jotti
Sender: Virus Total
Sender: Anonymous
Sender: VirScan.org
Sender: Comodo
Added: Trojan.Agent-178371

Sophos Daily Update Digest

2010-07-04T09:16:00.001-07:00

Sus/Badsrc-F (Suspicious behavior and files) at 4 July 2010 14:03:36 (GMT)
http://www.sophos.com/security/analyses/suspicious-behavior-and-files/susbadsrcf.html

Troj/Agent-NUW (Viruses and Spyware) at 4 July 2010 14:03:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnuw.html

Troj/Zbot-SK (Viruses and Spyware) at 4 July 2010 14:03:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotsk.html

Troj/Agent-NTM (Viruses and Spyware) at 4 July 2010 10:22:22 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentntm.html

Troj/Agent-NTO (Viruses and Spyware) at 4 July 2010 10:22:22 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnto.html

W32/Rimecud-O (Viruses and Spyware) at 4 July 2010 10:22:22 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32rimecudo.html

JS/DwnLdr-IHJ (Viruses and Spyware) at 4 July 2010 06:24:49 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/jsdwnldrihj.html

Troj/DwnLdr-IHH (Viruses and Spyware) at 4 July 2010 03:56:06 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrihh.html

Troj/FakeAV-BLE (Viruses and Spyware) at 4 July 2010 03:56:06 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavble.html

Troj/VB-ESR (Viruses and Spyware) at 4 July 2010 03:56:06 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojvbesr.html

Troj/ZipMal-Y (Viruses and Spyware) at 4 July 2010 03:56:06 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzipmaly.html

Troj/Java-L (Viruses and Spyware) at 3 July 2010 20:47:44 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojjaval.html

Troj/Meredrop-N (Viruses and Spyware) at 3 July 2010 20:47:44 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojmeredropn.html

Troj/PDFJS-LG (Viruses and Spyware) at 3 July 2010 20:47:44 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpdfjslg.html

Mal/Zbot-Y (Viruses and Spyware) at 3 July 2010 15:42:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malzboty.html

Mal/Zbot-Z (Viruses and Spyware) at 3 July 2010 15:42:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malzbotz.html

Troj/Agent-NTK (Viruses and Spyware) at 3 July 2010 15:42:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentntk.html

Troj/Drop-FW (Viruses and Spyware) at 3 July 2010 15:42:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdropfw.html

Troj/Zbot-RR (Viruses and Spyware) at 3 July 2010 15:42:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotrr.html

W32/AutoIt-JU (Viruses and Spyware) at 3 July 2010 15:42:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autoitju.html

Sophos Daily Update Digest

2010-06-15T17:45:00.001-07:00

Sophos Daily Update Digest

2010-06-06T09:36:00.001-07:00

Sophos Daily Update Digest

2010-06-02T08:17:00.001-07:00

Mal/Alureon-H (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malalureonh.html

Troj/Agent-NKO (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnko.html

Troj/Asprox-Gen (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojasproxgen.html

Troj/Buzus-CX (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbuzuscx.html

Troj/Dldr-EF (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdldref.html

Troj/FakeAV-BJF (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavbjf.html

Troj/MDrop-CPJ (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojmdropcpj.html

Troj/PWS-BJA (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsbja.html

Troj/Spy-GQ (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojspygq.html

Troj/TDSS-CX (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojtdsscx.html

Troj/VB-ERD (Viruses and Spyware) at 2 June 2010 10:18:58 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojvberd.html

Mal/Banker-AA (Viruses and Spyware) at 2 June 2010 07:01:21 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malbankeraa.html

Troj/TDSS-CW (Viruses and Spyware) at 2 June 2010 07:01:21 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojtdsscw.html

Troj/Zbot-QC (Viruses and Spyware) at 2 June 2010 07:01:21 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotqc.html

Mal/Agent-S (Viruses and Spyware) at 2 June 2010 05:17:50 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malagents.html

Troj/Banker-EYQ (Viruses and Spyware) at 2 June 2010 05:17:50 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbankereyq.html

Troj/Agent-NMJ (Viruses and Spyware) at 2 June 2010 01:15:01 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnmj.html

Troj/FakeAV-BJE (Viruses and Spyware) at 1 June 2010 22:10:22 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavbje.html

Troj/Iframe-EU (Viruses and Spyware) at 1 June 2010 22:10:22 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojiframeeu.html

Mal/Zegost-E (Viruses and Spyware) at 1 June 2010 17:50:39 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malzegoste.html

Troj/BredoZp-AN (Viruses and Spyware) at 1 June 2010 17:50:39 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbredozpan.html

Troj/Wintrim-U (Viruses and Spyware) at 1 June 2010 17:50:39 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojwintrimu.html

W32/Palevo-U (Viruses and Spyware) at 1 June 2010 17:50:39 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32palevou.html

Sophos Daily Update Digest

2010-05-30T08:43:00.001-07:00

Troj/Bredo-CY (Viruses and Spyware) at 30 May 2010 13:24:18 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbredocy.html

Troj/Zbot-PW (Viruses and Spyware) at 30 May 2010 13:24:18 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotpw.html

Troj/Zbot-PX (Viruses and Spyware) at 30 May 2010 13:24:18 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotpx.html

Troj/Zbot-PY (Viruses and Spyware) at 30 May 2010 13:24:18 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotpy.html

Troj/VB-EQV (Viruses and Spyware) at 30 May 2010 04:44:18 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojvbeqv.html

Troj/PDFJs-KJ (Viruses and Spyware) at 30 May 2010 03:07:56 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpdfjskj.html

Troj/VB-EQU (Viruses and Spyware) at 30 May 2010 01:05:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojvbequ.html

Troj/Agent-NJT (Viruses and Spyware) at 29 May 2010 19:10:54 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnjt.html

[clamav-virusdb] Update (daily: 11103)

2010-05-29T23:00:00.001-07:00

Submission-ID: 15812787
Sender: Virus Total
Sender: Fatih Yesilova
Added: Trojan.JS.Redirector-6

Submission-ID: 11605048
Sender: Virus Total
Sender: CSIS Security Group
Sender: Anonymous
Added: Trojan.Spy.Sinowal-51
Virus name alias: Backdoor.Win32.Sinowal.fox (Kaspersky), Trojan.Packed.680 (Drweb)

Submission-ID: 16051513
Sender: Virus Total
Sender: Brazilian CERT
Sender: Laize
Added: Trojan.Spy.Banker-6336
Virus name alias: Trojan-Banker.Win32.Banbra.xkh (Kaspersky)

Submission-ID: 16053650
Sender: Virus Total
Sender: Sunbelt
Sender: Anonymous
Submission notes: No malicious items detected. Possible broken executable.
Added: No

Submission-ID: 16007464
Sender: Virus Total
Sender: Immunet
Sender: Costel
Added: Trojan.OnlineGames-2784
Virus name alias: Trojan-GameThief.Win32.Magania.dhyd (Kaspersky)

Submission-ID: 11120040
Sender: Virus Total
Sender: Symantec
Sender: Anonymous
Sender: netanel h
Added: Worm.Autorun-2981
Virus name alias: Trojan.Win32.Vaklik.gaq (Kaspersky), Trojan.PWS.Wsgame.12661 (Drweb)

Sophos Daily Update Digest

2010-05-29T22:58:00.001-07:00

Troj/DwnLdr-IFZ (Viruses and Spyware) at 29 May 2010 04:33:27 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrifz.html

Troj/TDSS-CT (Viruses and Spyware) at 29 May 2010 04:33:27 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojtdssct.html

Troj/Zbot-PT (Viruses and Spyware) at 28 May 2010 21:31:46 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotpt.html

Mal/EncPk-DW (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malencpkdw.html

Mal/GamePSW-E (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malgamepswe.html

Mal/Lisp-A (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/mallispa.html

Troj/Agent-NLV (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnlv.html

Troj/Agent-NLW (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnlw.html

Troj/Agent-NLX (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnlx.html

Troj/Agent-NLY (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnly.html

Troj/Banker-EYO (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbankereyo.html

Troj/BHO-QL (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbhoql.html

Troj/BHO-QM (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbhoqm.html

Troj/BHO-QN (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbhoqn.html

Troj/Drop-FM (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdropfm.html

Troj/DwnLdr-IFX (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrifx.html

Troj/FakeAV-BIG (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavbig.html

Troj/FakeAV-BJD (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavbjd.html

Troj/Koutodr-C (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojkoutodrc.html

Troj/Oficla-Q (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojoficlaq.html

Troj/VBInjec-T (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojvbinject.html

Troj/VBInjec-U (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojvbinjecu.html

Troj/Zbot-PV (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotpv.html

W32/P2PWorm-S (Viruses and Spyware) at 28 May 2010 19:07:19 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32p2pworms.html

[clamav-virusdb] Update (daily: 11098)

2010-05-29T02:16:00.001-07:00

ClamAV database updated (29 May 2010 04-44 -0400): daily.cvd
Version: 11098

Submission-ID: 14567783
Sender: Virus Total
Submission notes: Already detected as JS.Fakescan-1
Added: No
Virus name alias: Trojan-Downloader.HTML.FraudLoad.h (Kaspersky)

Submission-ID: 15449500
Sender: Virus Total
Submission notes: Already detected as JS.Crypt-4
Added: No
Virus name alias: Trojan-Clicker.HTML.IFrame.amh (Kaspersky), Trojan.Script.229661 (Bitdefender)

Submission-ID: n/a
Sender: n/a
Added: PHP.C99-9
Added: Trojan.IRCBot-3926
Added: PHP.Fx29
Added: Flooder.PHP.MailSpam-1
Added: Trojan.IRCBot-3927
Added: Trojan.IRCBot-3928
Added: PHP.ShellExec-3
Added: PHP.Downloader-5
Added: Trojan.IRCBot-3929

[clamav-virusdb] Update (daily: 11097)

2010-05-29T00:57:00.001-07:00

ClamAV database updated (29 May 2010 02-58 -0400): daily.cvd
Version: 11097

Submission-ID: 3370489
Sender: VirScan.org
Submission notes: Same as in Submission-ID 5702779
Added: No

Submission-ID: 5553202
Sender: VirScan.org
Submission notes: Same as in Submission-ID 5702779
Added: No

Submission-ID: 5553208
Sender: VirScan.org
Submission notes: Same as in Submission-ID 5702779
Added: No

Submission-ID: 5553209
Sender: VirScan.org
Submission notes: Same as in Submission-ID 5702779
Added: No

Submission-ID: 5628386
Sender: VirScan.org
Submission notes: Same as in Submission-ID 5702779
Added: No

Submission-ID: 5702779
Sender: Virus Total
Submission notes: Already detected as JS.Redirect-5
Added: No

Submission-ID: 7584153
Sender: Virus Total
Submission notes: Already detected as PHP.Proxy
Added: No

Submission-ID: 15783250
Sender: VirScan.org
Submission notes: Same as in Submission-ID 5702779
Added: No

Submission-ID: n/a
Sender: n/a
Added: JS.Crypt-4
Added: JS.Fakescan-1

[clamav-virusdb] Update (daily: 11089)

2010-05-27T22:41:00.000-07:00

ClamAV database updated (27 May 2010 09-47 -0400): daily.cvd
Version: 11089

Submission-ID: 15734348
Sender: ShadowServer
Submission notes: Same as in Submission-ID 15827174
Added: No

Submission-ID: 15735132
Sender: Immunet
Sender: Ken Dunham
Submission notes: Same as in Submission-ID 15916547
Added: No

Submission-ID: 15735136
Sender: Immunet
Sender: Ken Dunham
Submission notes: Same as in Submission-ID 15738525
Added: No

Submission-ID: 15735142
Sender: Immunet
Sender: Ken Dunham
Submission notes: Same as in Submission-ID 15764087
Added: No

Submission-ID: 15735437
Sender: Virus Total
Submission notes: Already detected as Trojan.Downloader-91868
Added: No
Virus name alias: Trojan-Downloader.Win32.Lipler.axkd (Kaspersky)

Submission-ID: 15736163
Sender: Immunet
Sender: Ken Dunham
Submission notes: Same as in Submission-ID 15729458
Added: No

Submission-ID: 15736164
Sender: Immunet
Sender: Ken Dunham
Submission notes: Same as in Submission-ID 15738525
Added: No

Submission-ID: 15736165
Sender: Immunet
Sender: Ken Dunham
Submission notes: Same as in Submission-ID 15764087
Added: No

Submission-ID: 15979745
Sender: Virus Total
Sender: ShadowServer
Sender: Sunbelt
Sender: Immunet
Submission notes: Same as in Submission-ID 15977558
Added: No

--

[clamav-virusdb] Update (daily: 11086)

2010-05-26T19:33:00.001-07:00

From: Robert Scroggins <noreply@sourcefire.com>
Subject: [clamav-virusdb] Update (daily: 11086)
To: clamav-virusdb@lists.clamav.net
Date: Thursday, May 27, 2010, 9:04 AM

ClamAV database updated (26 May 2010 22-03 -0400): daily.cvd
Version: 11086

Submission-ID: 15989826
Sender: Virus Total
Sender: Bastian Doetsch
Added: Worm.Palevo-7771

Submission-ID: 15988593
Sender: Virus Total
Sender: Anonymous
Added: Trojan.Agent-155440

Submission-ID: 15991718
Sender: ShadowServer
Sender: Upload Malware
Sender: anonymous@anonymous.de
Submission notes: No malicious items detected.
Added: No

Submission-ID: 15990498
Sender: Virus Total
Sender: Ricardo
Added: Trojan.Downloader-92934
Virus name alias: Trojan-Downloader.Win32.Banload.axlo (Kaspersky)

Submission-ID: 5231417
Sender: VirScan.org
Sender: Venugopal
Submission notes: No malicious items detected
Added: No

Submission-ID: 15811107
Sender: Immunet
Sender: Andr� R. Bastos
Sender: Dorothy Estevao
Added: Trojan.DNSchanger-4680

Submission-ID: 16009217
Sender: Carlos Luna
Added: Trojan.OnlineGames-2783
Added: INF.Autorun-48

Submission-ID: 16008434
Sender: Virus Total
Sender: OITC
Sender: Bernd Zeimetz
Added: Trojan.Crypt-310

Submission-ID: 16011910
Sender: Virus Total
Sender: Todd Noyes
Added: Trojan.FakeAV-3292

Submission-ID: 15868101
Sender: Virus Total
Sender: Nikolay Mirin
Added: Worm.Palevo-7772
Virus name alias: P2P-Worm.Win32.Palevo.ajsi (Kaspersky)

Sophos Daily Update Digest

2010-05-26T08:14:00.001-07:00

The following identities have been released or updated in the past 24 hours:

Troj/Agent-NKS (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnks.html

Troj/Agent-NKT (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnkt.html

Troj/Agent-NKU (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnku.html

Troj/Agent-NKV (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnkv.html

Troj/Agent-NKW (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnkw.html

Troj/Agent-NKX (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnkx.html

Troj/Bckdr-RCJ (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbckdrrcj.html

Troj/Bubnix-A (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbubnixa.html

Troj/DwnLdr-IET (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldriet.html

Troj/FakeAV-BIR (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavbir.html

Troj/FakeAV-BIU (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavbiu.html

Troj/FakeMS-B (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakemsb.html

Troj/Mdrop-CPN (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojmdropcpn.html

Troj/PDFEx-DL (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpdfexdl.html

Troj/Zbot-PR (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotpr.html

W32/Taterf-P (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32taterfp.html

W32/Taterf-X (Viruses and Spyware) at 26 May 2010 10:33:07 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32taterfx.html

Mal/FakeAV-DQ (Viruses and Spyware) at 26 May 2010 06:02:51 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malfakeavdq.html

Mal/PinkBlock-A (Viruses and Spyware) at 26 May 2010 06:02:51 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malpinkblocka.html

Mal/Refreso-A (Viruses and Spyware) at 26 May 2010 06:02:51 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malrefresoa.html

Troj/Agent-NKR (Viruses and Spyware) at 26 May 2010 06:02:51 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnkr.html

Troj/Patch-P (Viruses and Spyware) at 26 May 2010 06:02:51 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpatchp.html

Troj/StartP-DJ (Viruses and Spyware) at 26 May 2010 06:02:51 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojstartpdj.html

Troj/VBInj-L (Viruses and Spyware) at 26 May 2010 06:02:51 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojvbinjl.html

W32/Vetor-K (Viruses and Spyware) at 26 May 2010 06:02:51 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32vetork.html

Mal/FakeAV-DR (Viruses and Spyware) at 26 May 2010 03:11:01 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malfakeavdr.html

Troj/Agent-NKQ (Viruses and Spyware) at 26 May 2010 03:11:01 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnkq.html

Troj/Agent-NKP (Viruses and Spyware) at 26 May 2010 01:09:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnkp.html

Troj/Backdr-CD (Viruses and Spyware) at 26 May 2010 01:09:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbackdrcd.html

Troj/Bredo-CX (Viruses and Spyware) at 26 May 2010 01:09:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbredocx.html

Troj/Mdrop-CPL (Viruses and Spyware) at 26 May 2010 01:09:59 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojmdropcpl.html

Mal/Afcore-F (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malafcoref.html

Mal/BckDr-E (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malbckdre.html

Mal/Sality-D (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malsalityd.html

Mal/Scrypter-A (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malscryptera.html

Mal/VB-BZ (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malvbbz.html

Troj/Agent-NKM (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnkm.html

Troj/Agent-NKN (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnkn.html

Troj/DwnLdr-IFO (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrifo.html

Troj/DwnLdr-IFR (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrifr.html

Troj/DwnLdr-IFS (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrifs.html

Troj/Inject-NF (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojinjectnf.html

Troj/JavaDl-X (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojjavadlx.html

Troj/SWFLdr-N (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojswfldrn.html

Troj/Zbot-PD (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotpd.html

W32/Autorun-BDG (Viruses and Spyware) at 25 May 2010 21:39:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autorunbdg.html

Conficker Antivirus Download List

2009-05-27T20:12:00.000-07:00

ANSAV Antivirus

Stinger Conficker

PCMAV for Conficker

Microsoft Malware Remover for Conficker

Manual Remove Conficker Virus

Anti Virus / Removal Conficker download

2009-01-30T17:48:00.001-08:00

http://download.norman.no/public/Norman_Malware_Cleaner.exe

The Best Antivirus 2009 review

2009-01-11T00:03:00.001-08:00

The Best Antivirus 2009 from TopTenREVIEWS:

Number one : BitDefender Antivirus (www.bitdefender.com)

Number two : Kaspersky Anti-Virus (www.kaspersky.com)

Number three : Webroot Antivirus (www.webroot.com)

Number four : ESET Nod32 (www.eset.com)

Number five : AVG Anti-Virus (www.avg.com)

Number six : Vipre Antivirus + Antispyware (www.vipreantivirus.com)

Number seven : F-Secure Anti-Virus (www.f-secure.com)

Number eight: Trend Micro (www.trendmicro.com)

Number nine : McAfee VirusScan (www.mcafee.com)

Number ten : Norton AntiVirus (www.symantec.com)

Online Virus Scanner Links

2009-01-10T23:50:00.001-08:00

Trend Micro Online Virus Scanner, click here

Kaspersky Online Virus Scanner, click here

Eset Online Virus Computer Scanner , click here

Virus Total file checker for Virus, click here

Jotti Malware online scan, click here

F-Secure virus scanner, click here

Computer Associates Virus Scanner, click here

Symantec Onlie Security and Virus Scanner, click here

Antiviru for Linux Download

2009-01-10T09:54:00.001-08:00

Panda Antivirus for Linux : click here

Clam Antivirus for Linux : click here

Kaspersky Antivirus for Linux : click here

F-Prot Antivirus for Linux Workstation : click here

AVG Antivirus for Linux and Free BSD : click here

Sophos Antivirus for Linux download here

Avast Antivirus for Linux and Unix Server, click here to download

Symantec Antivirus for Linux , click here

New Virus can infect Windows dan Linux

2009-01-04T18:21:00.001-08:00

A proof of concept virus has been found computer security vendor Kaspersky. The virus infects the two operating systems simultaneously, namely Linux and Windows.

Kaspersky dub virus as Virus.Linux.Bi.a/Virus.Win32.Bi.a. The virus is capable menginfeksi file on the two platforms, namely Windows and Linux. However, it seems the virus has only menginfeksi files in the directory only.

The most important, this virus does not harm the infected computer, even he (the virus-red) do not reproduce themselves. Someone will be infected if they download and open the file that is infected.

"Usually the virus is very difficult to infected Linux operating system," said David Perry, Global Director of Education Vendor Trend Micro Antivirus.

According to Perry, because most used Linux on the server, then only a few users that will be infected. About the proof of concept, the Perry admitted himself,two thumbs up to the virus creator.

"This is a progress. The virus is created with an assembler. Therefore, we believe that this virus is created by a programmer," Perry supplement again, as detikINET from vnunet This Saturday (8/4/2006).

According to Perry, someone has successfully proved that they can make a virus for two operating systems. Predictably, the virus was made by the usual malware that only want to expose its programming expertise. Really, the creator of the virus does not take any profit from this virus.

Stored, a virus related to leave a text string in the file that is infected. The text refers to the Immortal Riot, an online publication where the creator of the virus, between 1993 and 1996, had to send proof of concept (proof of concept) code for viruses.

from:www.detik.com

PC MEDIA Antivirus version 19.1 download

2009-01-04T18:15:00.001-08:00

New Virus on PCMAV 1.91 (96 Virus)
===================================
Aksika-Jatim
Aksika-Jatim.html
Aksika-Jatim.htt
Aksika.ini.B
Apong.B
Autoit.BT
Autoit.BU
Autoit.BV
Autoit.BW
Autoit.BX
Autoit.BY
Autoit.BZ
Autoruner.D
Autoruner.D.inf
Autorunme.B
Bootdat
Brondong
Bugger.vbs
Bugger.vbs.inf
CeylonSpyNet.C
DeathDrive
DeathDrive.inf
DeathDrive.ini
DeathDrive.txt
Doremi.A
Doremi.B
Doremi.C
Doremi.D
Doremi.txt.A
Doremi.txt.B
DungCoi.B
DungCoi.B.ini
Formalin.C
Formalin.D
GadiHot.D
GetRaw.F
Gokil.B
Gokil.B.hosts
Gokil.B.txt
Gokil.B.vbs
Hatred
Hatred.bat
Hatred.htt
Hatred.inf
Hatred.ini
HideTernate
HideTernate.bat
HideTernate.txt
Lancang.B
Loveana.A
Loveana.B
Loveana.ini
Malingsi.B
Minerva.A
Minerva.B
Minerva.B.exe.A
Minerva.B.exe.B
Minerva.B.exe.C
Minerva.B.exe.D
Minerva.wav.A
Minerva.wav.B
Newborn< br>Newborn.htm
Newborn.ini
Nhatquanglan
Prnjobt.inf
Prnjobt.vbe
Purwo.B
Raider.vbs.G
Recycler-Kkrunchy.A
Recycler-Kkrunchy.A.inf
Recycler-Kkrunchy.B
Recycler-Kkrunchy.B.inf
Recycler.G
Recycler.H
Recycler.H.inf
Recycler.I
Shuriken.G
SkyEye
SkyEye.bak
Sonitha
Sonitha.exe
Sonitha.txt.A
Sonitha.txt.B
Sonitha.txt.C
Sonitha.txt.D
Srigala
Srigala.exe
Srigala.html
Srigala.htt
Sumba
Sumba.htm
Sumba.inf
Sysabdas.B
Trojan.FakeAV
Warporn

download site : http://pcmav.biz/

Sophos Update 04-01-2009

2009-01-03T21:21:00.001-08:00

Troj/Agent-INB (Viruses and Spyware) at 3 January 2009 15:47:10 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentinb.html

Troj/FakeAV-IA (Viruses and Spyware) at 3 January 2009 15:47:10 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavia.html

Troj/Renos-CG (Viruses and Spyware) at 3 January 2009 15:47:10 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojrenoscg.html

W32/IRCBot-AAY (Viruses and Spyware) at 3 January 2009 15:47:10 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32ircbotaay.html

Troj/PWS-AXK (Viruses and Spyware) at 3 January 2009 07:20:52 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsaxk.html

Troj/BHO-IZ (Viruses and Spyware) at 3 January 2009 02:56:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbhoiz.html

Troj/Daonol-Fam (Viruses and Spyware) at 3 January 2009 02:56:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdaonolfam.html

Troj/FakeAle-KK (Viruses and Spyware) at 3 January 2009 02:56:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakealekk.html

Troj/FakeAle-KL (Viruses and Spyware) at 3 January 2009 02:56:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakealekl.html

Troj/FakeAV-HZ (Viruses and Spyware) at 3 January 2009 02:56:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavhz.html

W32/Autorun-SY (Viruses and Spyware) at 3 January 2009 02:56:36 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autorunsy.html

Troj/Agent-INA (Viruses and Spyware) at 2 January 2009 22:37:12 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentina.html

Troj/Alure-B (Viruses and Spyware) at 2 January 2009 22:37:12 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojalureb.html

Troj/DNSChan-ME (Viruses and Spyware) at 2 January 2009 22:37:12 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdnschanme.html

W32/AutoRun-SW (Viruses and Spyware) at 2 January 2009 22:37:12 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autorunsw.html

W32/AutoRun-SX (Viruses and Spyware) at 2 January 2009 22:37:12 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autorunsx.html

Troj/Agent-IMY (Viruses and Spyware) at 2 January 2009 16:34:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentimy.html

Troj/Agent-IMZ (Viruses and Spyware) at 2 January 2009 16:34:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentimz.html

Troj/Buchon-Gen (Viruses and Spyware) at 2 January 2009 16:34:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbuchongen.html

Troj/Clicker-FE (Viruses and Spyware) at 2 January 2009 16:34:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojclickerfe.html

Troj/FakeAle-KJ (Viruses and Spyware) at 2 January 2009 16:34:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakealekj.html

Troj/FakeAV-HY (Viruses and Spyware) at 2 January 2009 16:34:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavhy.html

Troj/JSRedir-F (Viruses and Spyware) at 2 January 2009 16:34:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojjsredirf.html

Troj/Spy-BJ (Viruses and Spyware) at 2 January 2009 16:34:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojspybj.html

Troj/Tibia-Gen (Viruses and Spyware) at 2 January 2009 16:34:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojtibiagen.html

Antivirus For PDA

2008-12-20T07:24:00.001-08:00

Top PDA Security Tools Download, clik here

Download Avast Free PDA Security tools, clik here to download

Antivirus List for PDA, clik here to download

Kaspersky Antivirus for PDA, clik here

Pocket PC Antivirus article, click here

Top Ten Virus on December 2008

2008-12-19T09:04:00.000-08:00

Malingsi virus included in the new range of viruses, into the first rank virus is the most reported in this period. Autoit followed by a virus that is the old players, Doremi and viruses including the new virus. And indeed most of the viruses in the list of the ten most times this is a new virus. The following list details:

1. Malingsi

Malingsi virus attacks other viruses.

Viruses have a body fat measurement with a bytes 705,312 is made using Visual Basic, which in-use pack PECompact. It seems this virus is intended to attack other viruses, this is visible from the message in the body. This virus breed and spread using mIRC brokers, who act as a bot.

2. Autoit variants

Most variants Autoit use the folder icon when running on memory.

Characteristics of this virus, which is made using a program Automation scripting. If the error into an executable file, which is also in use UPX-pack. And almost 90% and their autoit virus variants that we all possess, use a similar folder icon when running on memory. The virus is usually also will create an autorun.inf file on the attack when the flash disk drive or drives.

3. Doremi

Fill in text files that present a package file with the virus.

In a database of viruses that we have, we have found 4 variants of the virus that is Doremi.A, B, C and D. The three have almost no difference in terms of coding. A variant uses icons similar PCMAV, B and C using the icon that resembles a key image, and variants D image using the magnifying glass icon. These using social engineering techniques, so that seems like a normal program. File viruses are made using Visual Basic is likely to be put in deliberately to deceive Internet users who download it. No technical briliant that he apply, but the author has been providing routine evil that act in a certain date, such as 14 or 8. What happened? He will try to delete all the data on the hard drive without the user. Finally restart the computer, which appear only "NTLDR is missing." Along with the file the virus, usually you will also find a text file with the name of Do-Re-Mi.txt the contents: "by Midnight Joker."

4.Formalin

Formalin virus file properties.

At the time this update has been known for 2 variants of the virus Formalin. Icon used by the virus the folder shows like this, and he created using Visual Basic. In Formalin.D, the file size of 18,432 bytes, with the condition in the pack using UPX. This virus creates a folder "disguise" with names such as seepage problems UAN and UAS, My Completed Downloads, Picture Wallpaper, Crack program, open the photos!, Nitip Data (I deleted), and others. At the infected computer, a caption in Internet Explorer will be changed to "Your computer has been infected the virus Formalin." He also tried to demolish "safe-mode" by removing some of the relevant registry. And in the file properties of the virus, in the description property will be no version information, such as writing "No dch worry."

5. Purwo.B

Icon Impersonate using similar documents msword.

Created using Visual Basic, with bodies about the size of 36KB, without the pure-pack.Saat menginfeksi he created a folder with the name "Navan Under Cover" that given the hidden attributes, and a file named "PurwokertoKotaSatria.exe" on every drive, he found . In the folder C: \ Windows \ system32 \ system files are also windows.exe, and in the C: \ Windows \ Shell \ services.exe.

6. Plolonk

Plolonk change the wallpaper infected computer.

Viruses that local production is made using a Visual Basic, with a size of 67,072 bytes with the condition in-packscramble. In the registry, he created a new item in the run HKLM, with the name of the service, pointing to one of the mainland that there are files in the directory with the name of the Windows dllhost.exe. In addition, the directory can be found an image file that will be used as wallpaper by the name Pl0Lonx.jpg. So on the infected computer, from the computer desktop wallpaper will change his image into forced SuSE Linux. " In addition, to be automatically active, he also put himself in the Startup folder with the name Empty.pif. are likely to use the UPX -

7. Recycler variants

File viruses hiding behind false recycle bin.

The characteristics of the virus this technique is, how it spread. Of all the variants that we have, how the practices are the same, namely, the masquerade as the recycle bin. For example the virus attacks the flash disk. In a flash disk offering, there will be a folder with the name of Recycler in which there are folders that use the name of alpha numerics, for example "S-1-5-21-1482476501-1644491937-682003330-1013" with the icon similar to the recycle bin icon. If this folder, click on or accessed from the Explorer, the file the virus will not be visible. To view them, you can log in to the command prompt with the "dir / a".

8. Buxto variants

Buxto message from the virus.

The virus was created using Visual Basic. In one of the variants, such as for example Buxto.C, he has the body size of 266,240 bytes, without in-pack. This virus resembles icon icon application Mozilla Firefox browser. The virus is known to create autorun every on the drive that he can find to spread. And one thing, the message delivered by this virus is quite nyeleneh, as an ad's message.

9. Minerva

Minerva divert attention provides users with games.

Virus-sized bytes around 340,981 to 347,965 bytes Minerva.A and Minerva.B to use this indirection as flash games, using the icon that looks like the standard flash file. If the user tempted, and accidentally activate the virus, which appears to a games. And his random games, can Mario Bros., Single Puzzle Hangman, or the other. He was indeed save some games in the body. That he would do to divert attention, whereas the one hand, the virus that has been the victim The only computer, the user is cool to play games-it. This virus tries to log, and me-registerrunning as services. You can also find the file on the mainland with easy Startup folder with the name minerva.com. So, be careful if you get the games shaped files flash games, check first. himself in the HKLM \ System \ CurrentControlSet \ Services with the name Minerva, can hope

10. Windx-Maxtrox

Display the desktop wallpaper changed after the virus Windx-Maxtrox.

Viruses are created with Visual Basic has a body the size of the original around 77Kb, without in-pack. Virus suspected of originating from the strong North Sulawesi region has a capacity of the executable files infection. Rather, it will menginfeksi program in the Program Files directory. Technical infection that he applied canny enough to avoid pendeteksian of heuristic antivirus engine. Characteristics that can be detected in the infected computer is the change from the desktop wallpaper image to be animated images.

http://pcmav.biz/pcmav-19-build-5-download.html

Download PCMAV 1.9 Update Build5 (specialy for Virus Windx.Maxtrox.B)

2008-12-19T07:44:00.001-08:00

Antivirus for virus Windx.Maxtrox B and else

PCMAV 1.9 Update Build 5: Download from Download or Uploaded.to

List Virus from PCMAV 1.9 Update Build5:
Aksika.ini.B
Aksika-Jatim
Aksika-Jatim.html
Aksika-Jatim.htt
Apong.B
Autoit.BT
Autoit.BU
Autoit.BV
Autoit.BW
Autoit.BX
Autoit.BY
Autoit.BZ
DeathDrive
DeathDrive.inf
DeathDrive.ini
DeathDrive.txt
Doremi.A
Doremi.B
Doremi.C
Doremi.D
Doremi.txt.A
Doremi.txt.B
Formalin.C
Formalin.D
GadiHot.D
GetRaw.F
Hatred
Hatred.bat
Hatred.htt
Hatred.inf
Hatred.ini
HideTernate
HideTernate.bat
HideTernate.txt
Minerva.A
Minerva.B
Minerva.B.exe.A
Minerva.B.exe.B
Minerva.B.exe.C
Minerva.B.exe.D
Minerva.wav.A
Minerva.wav.B
Nhatquanglan
Purwo.B
Recycler.G
Recycler.H
Recycler.H.inf
Recycler.I
Recycler-Kkrunchy.A
Recycler-Kkrunchy.A.inf
Recycler-Kkrunchy.B
Recycler-Kkrunchy.B.inf
SkyEye
SkyEye.bak
Sumba
Sumba.htm
Sumba.inf
Sysabdas.B
Windx-Maxtrox.B

ClamAV database updated (18 Dec 2008 21-12 +0000): daily.cvd

2008-12-18T18:20:00.001-08:00

ClamAV database updated (18 Dec 2008 21-12 +0000): daily.cvd
Version: 8784

Submission-ID: 3574753
Sender: Virus Total
Added: W32.Sality-27
Added: W32.Sality-26
Virus name alias: Win32.Sality.OE (Bitdefender)

ClamAV database updated (18 Dec 2008 14-24 +0000): daily.cvd

2008-12-18T08:18:00.001-08:00

ClamAV database updated (18 Dec 2008 14-24 +0000): daily.cvd
Version: 8781

Submission-ID: n/a
Sender: n/a
Added: Trojan.Agent-65353
Added: Trojan.Agent-65354
Added: Trojan.Swizzor-382
Added: Trojan.Swizzor-383
Added: Trojan.Swizzor-384
Added: Trojan.Swizzor-385
Added: Trojan.Swizzor-386

Free AntiSpyware Download Links

2008-12-05T02:12:00.001-08:00

AntiSpyware.org

Super AntiSpyware Download

Ad Aware antispyware by Lavasoft Free Download

Freebyte AntiSpyware

Sofotex Antispyware free download

AVG antispyware and rootkit free download

Free Download Antivirus Links

2008-12-05T02:05:00.001-08:00

Free Avast Antivirus Download

Free Avira Antivirus Download

Free AVG Antivirus Download

Free Another Antivirus Download

Free Comodo Antivirus and Firewall Download

Free Kaspersky Download

PC Tools Antivirus Free Edition Download

Windows Surface Antivirus

2008-12-04T02:04:00.000-08:00

Microsoft Surface turns an ordinary tabletop into a vibrant, interactive surface. It's the first commercially-available surface computing platform from Microsoft. The product provides effortless access to digital content through natural gestures, touch and physical objects. Today, it's a 30-inch diagonal display in a table-like form factor that's easy for individuals or multiple people to interact with in a way that feels familiar, just like in the real world. In essence, it's a surface come to life for exploring, learning, sharing, creating, buying and much more. Today Microsoft Surface is available in the retail, hospitality, automotive, banking and healthcare industries. Consumers can interact with Surface at select AT&T retail locations, at the iBar located in the Rio All Suite Hotel & Casino in Las Vegas and at select Sheratons in the U.S.

What is surface computing?

Led by Microsoft, surface computing is a major advancement that moves beyond the traditional user interface to a more natural way of interacting with information. It features four key attributes:

Direct Interaction: Users can actually "grab" digital information with their hands - interacting with content by touch and gesture, without the use of a mouse or keyboard.
Multi–Touch: Surface computing recognizes many points of contact simultaneously, not just from one finger like with a typical touch–screen, but up to dozens of items at once.
Multi–User: The horizontal form factor makes it easy for several people to gather around Microsoft Surface together, providing a collaborative, face–to–face computing experience.
Object Recognition: Users can place physical objects on the display to trigger different types of digital responses; in the future, this will include the ability to transfer digital content.

How does Microsoft Surface work?

Microsoft Surface uses cameras to sense objects, hand gestures and touch. This user input is then processed and displayed using rear projection. Specifically:

Microsoft Surface uses a rear projection system which displays an image onto the underside of a thin diffuser.
Objects such as fingers are visible through the diffuser by series of infrared–sensitive cameras, positioned underneath the display.
An image processing system processes the camera images to detect fingers, custom tags and other objects such as paint brushes when touching the display.
The objects recognized with this system are reported to applications running in the computer so that they can react to object shapes, 2D tags, movement and touch.

Microsoft Surface based on Vista Technology, so the antivirus is the same like Windows Vista,for example:

- Kapersky
- AVG
- Symantec
- ca
- TREN MICRO
- Windows Live OneCare

ARP Spoofing (virus Microsoft.pif)

2008-12-04T01:27:00.000-08:00

In the era before Windows XP SP2, the favorite and effective way for viruses to spread himself is exploit the rift with the security of the OS that popular at that time, Windows 98, Windows 2000 / NT workstation, Windows NT/2000 Server and Windows XP. This is evident from the CodeRed virus that successfully exploit the rift security Unsurprisingly IIS server that is used by all web-based Microsoft at that time. Other platforms such as the popular Apache on Linux also did not escape from virus attacks, say the Slapper successfully exploit the rift Apache security.

But the OS does not stay still and try to analyze the causes of this security can be slit in the exploitation by the virus and why it can be used by the virus. For information, is the grip of security weaknesses in the system so it can be used by parties who do not have the right to run aksinya. Gap security will always be there and will always be found every day. Unfortunately, the virus that will exploit the rift security FIXED successfully control a computer in serangnya "even though" the computer is protected with antivirus software that can detect the virus. So "the only" way to tackle the virus that exploit the rift is to the security patching, or ask the grip of security.

If you ask why there is a rift that security, whether deliberately created by the software so that they have a business (telenovela approach, which is always suspect scenario is hidden in many cases). Were approximately case, the software is a human creation. Human is not perfect, so of course brothers also not perfect. The development of software and hardware more days to make increasingly large size of the application (the current OS Windows Vista has reached the size GB) and is a matter that is very difficult (not to say impossible) to create software that 100% sempuirna not have a rift and security. Debian Linux OS 4.0 also comes in DVD and some of it is impossible to guarantee that the OS is not perfect and may be penetrated. So the questions you should ask the security is not; Is an OS can be in the exploitation or not? But that is more appropriate; Are hackers want to exploit the OS or not? Or more precisely; Is the OS is quite interesting / challenging for the attack? Many facts support the fact that the last and the Macintosh OS is successful in the exploitation in a hacking competition, and when asked why the attack on the Macintosh OS (the issue that had not attacked by the virus as one of the advantages produkknya) it? The answer is the winner of 3 of the available OS, Windows Vista Full Pacth, Debian and Macintosh Full Patch Full Patch, the attacker will assume that the Macintosh is easier than ditaklukkan other OS.

Then, whether based on the fact whether it means we have to be surrendered and wave the white flag to the attacker. Back to the days of first use and sempoa again? NO. Security is a process, so you should always follow the latest developments in order not to become victims of exploitation grip of security that always found every day. We do not recommend you memelototi website Security Focus www.securityfocus.com each day to search for and cover the grip of the security applications you use, because the application vendor is working on PR for you. Your task is to make the correct settings. The solution is provided by the vendor applications that can exploit a rift security?

The answer: Automatic patching and the Internet.

Back to the days Codered and Slapper, a major cause of the server / computer successfully "ditaklukkan" patching because the virus is not yet done. If they do, the grace period between finding out and slit the security patch (patch) is very long, reaching over 30 days. So that the virus that exploit the grip of security and usually appear a few days after a rift diumumkannya security will have a grace period of 30 days for the Wara-wiri without a capable prevent. And based on experience, the time needed by the spread of the virus to achieve the maximum to the entire world is less than 1 week.

Apparently the application vendor to learn from it and the more day grace period for the increasingly narrow and the peak is at the SP 2 (Service Pack 2) in the launch of Windows XP. Since then, the viruses that try to exploit the rift security decreased dramatically and the spread of the virus had decreased drastically. 1: 1 Vendor opponent for the Virus.

This is increasingly well during the launch of Windows vista. Unlike with Windows, the default settings (initial) is the "Automatic Update". So every time you install Windows Vista on a computer automatically on the computer is doing automatic updates for patching himself, so this is technically possible occurrence of Zero Day Vulnerability in Windows Vista is installed on. Zero Day Vulnerability can be achieved if the patch / patches available directly on the finding in the grip of security and install the applications that contain these weaknesses before the application evil (viruses) appear utilize the grip of security tetrsebut. In other words, the grace period for the virus to exploit the new security slit was found to be very small (with the assumption that there is an internet connection, so the OS Windows Vista can update each day).

But whether the means Saruman is defeated and the war is finished? In fact, the development of the next show that this is still far from finished and the malware tried to find new techniques to achieve its objectives. FIXED final destination in the control computer, but if the first way is to exploit the rift in the security of computer Operating System, because patching is now running with a good chance it is increasingly small. Now the main target of exploitation is the application of non-application Operating System such as the popular Adobe, Firefox, Internet Explorer and not. The principle is the application that popular, because malware creators want to get maximum impact from their business. Unfortunately, that appears to have slit the security not only software but hardware and system IP. Because, in principle, there is no hardware that runs the software without support, so the software that controls the hardware to run certain control hardware is can then be used to control the computer. Destination eventually want to control the computer system, only how it is different.

This is not a myth, if not please see the virus that utilize the latest security eyelet ARP (Address Resolution Protocol) or known by the name of APR (ARP Aim Routing), which is currently successfully spread throughout the world and pick to win, there are no effective drugs that can be ensure the network computer is not in the exploitation by the virus this unless you change the hardware with a network switch that features "DHCP Snooping" or manually set the IP Address and Mac Address Gateway Internet network in each PC with the "ARP-s" from the Dos prompt.

Symptoms of the virus infected the network

If the Internet connection in your office suddenly experienced a significant delay in the Internet connection from the ISP does not add any problems in the computer network in the "repeatedly" to get the virus incidents or Yahoo Messenger to run when you get the message "An error has occurred in the script on this page. " The users of Norman Virus Control each time you run the Yahoo Messenger / MSN Messenger or run a browser, it will detect Norman (repeatedly) virus with the name W32/Agent.FUVR. Or in your Windows system files with the name Microsoft.vbs, Microsoft.bat or Microsoft.pif the possibility of computer / network you are infected with the virus W32/Agent.FUVR.

Action on some of the virus this OS is as follows:

l Windows XP without antivirus / antivirus software does not update.

There are no symptoms whatsoever and can be directly infected, at the same time will be the host of the virus in the network.

l Windows XP with antivirus update and afford to detect the virus.

"Every time" to run applications that access features such as a browser running Internet Explorer, Firefox, Safari, log Yahoo Messenger, MSN Messenger login will get the message that no virus detected in the Windows system.

l Windows Vista.

"Every time" to run applications that access features such as a browser running Internet Explorer, Firefox, log Yahoo Messenger, MSN Messenger login will get an error message download the script from the site:

l http://root.51113.com/root.gif

l http://hk.www404.cn:53/ads.js

l http://err.www404.cn:443/014.html

Note: Website on only a few were identified by Vaksincom and continue to grow.

Antivirus alone is not enough!

Actually almost all antivirus software can detect the virus. There is detected as W32/Agent.FUVR (Norman), Trojan Downloader, Trojan-Downloader.JS.Agent.byh (Kaspersky), HEUR / Exploit.HTML (Avira), Mal / ObfJS-X (Sophos), JS_PSYME.CPZ (Trend Micro). This means that the virus can not menginfeksi computer antivirus software, which protected the update. But the problem is in fact in the field is "very difficult" to protect all the computers on a network protected by the antivirus update, especially if there is a computer from luat / notebook from outside the network that is connected to the intranet network, just one computer that is infected in the short time he will forge itself as a router / geteway and spread himself to all other computers in the intranet access the Internet.

In addition, this virus has the ability to update itself automatically (such as antivirus software) so that detection antivirus software will become useless if the author has launched a new variant and will be put directly guaranteed all antivirus vendors to get antivirus and samplenya detect the virus with the latest update.

The problem is the second in patching security during the slit is not closed, then even if there is antivirus software that protects computer, the virus will be able to Wara-wiri in the network to close in the grip of security. The question is how close the rift caused by the security systems that contain weaknesses IP ARP Spoofing is this? One way is to replace the switch that supports DHCP Snooping. The other way is quite cost-effective by using the "ARP-s" from the DOS prompt to lock the IP Address and Mac gateway in each PC, but if PCnya thousands and spread in many locations it seems the solution to be patching bring misery for administrators . Yet again if changes occur on the gateway hardware.

The problem is not whether antivirus software can detect the virus or not, but for security in the grip of exploitation by the virus is not close in and each time the virus is a new variant "is almost certainly" difficult to be detected by antivirus software update that will even back menginfeksi and disabling a computer network, even if that is Protected by the antivirus update even. The only way that is completely eliminate exploitation of the opportunities this rift security. Both use the hardware that supports DHCP Snooping or manually set the IP Address and Mac Router in each PC connected to the Internet through the gateway.

How to overcome the system infected?

If you are infected by this virus and a headache because every time virusnya cleaned, my back. Cool it, you not only a headache. The administrator also another headache, so at least you're not alone:).

The first step is to find the infected computer viruses and falsifying itself as the gateway. How?

You can use free tools Colasoft Mac Scanner http://www.colasoft.com/mac_scanner/mac_scanner.php and run on computers that connect to your intranet network. Then see the IP Address that the Mac has the same with the Gateway / Proxy (see picture 1)

Figure 1, Colasoft Mac Scanner detects the computer's IP Address and Mac

In the picture above, Gateway is the IP 192.168.1.1 with the MAC Address 00:01:6 C: CD: D5: 24. It appears that the MAC has 192.168.1.106 IP Address with the same Gateway. So the first step you have to do is disconnect from the network 192.168.1.106 and clean the virus from this.

Final Step

As a Final step, you can prevent computers on the network to be fooled by ARP Spoofing this. Use the "ARP-s [IP Gateway / Proxy] [MAC Address Gateway / Proxy]" to set a static IP and MAC Address in each computer.

If you have a computer in the network, we recommend to consider using a switch mensupport DHCP Snoop. Do not buy it directly, check first whether the switch that you have this feature. If there is, directly activate and set paremeter properly in order to be spared from the ARP Spoofing.

PCMAV ( PC MEDIA ANTIVIRUS) 1.9 DOWNLOAD

2008-12-02T16:49:00.001-08:00

PCMAV 1.9 DOWNLOAD LINK 1

PCMAV 1.9 DOWNLOAD LINK 2

PCMAV 1.9 UPDATE

Top 10 Virus 2008

2008-12-02T08:20:00.001-08:00

The development of the local virus began to wane felt from several periods ago. In the Top-10 this time period and some viruses are in the order of the top 10. However, there are also variants-new variants of successful international ranking virusnya to be on the order or to remain dominate, such as variants of the virus Rieysha, Microso, and Megabat. And, there are also some new virus has entered as Bungas.vbs and Plolonk. The following list details:

1. Rieysha variants
One message from the virus Rieysha-Prisa.Once again Rieysha variants of the virus, known as Rieysha-Prisa. Created still using Visual Basic, and have the body size of 34,304 bytes in the condition in the pack using UPX. Icon virus resembles a default icon image files in Windows XP, such as, for example. JPG. Therefore, he will make a lot of duplicate files to the user, to free space will lead to your hard disk is reduced. With the availability of free space is not enough in the hard disk, can cause Windows can not be running. Users can also find out quickly whether the computer is infected by this virus is not with the status of the clock in the lower right corner, usually because the virus will replace paper AM / PM into rieysha.

2. Windx-Maxtrox
Display the desktop wallpaper changed after the virus Windx-Maxtrox.Virus created with Visual Basic has a body the size of the original around 77Kb, without in-pack. Virus suspected of originating from the strong North Sulawesi region has a capacity of the executable files infection. Rather, it will menginfeksi program in the Program Files directory. Technical infection that he applied canny enough to avoid pendeteksian of heuristic antivirus engine. Characteristics that can be detected in the infected computer is the change from the desktop wallpaper image to be animated images, Maxtrox.

3. Bungas.vbs
Bungas.vbs virus can also be active when the Properties menu to access the drive is infected. VBScript viruses local kind of have this body size is 7,222 bytes. He attended the condition of some string encrypted, of course, to complicate pendeteksian and process analysis. Interestingly, routine decryptornya not shown it at its source, but it was a little hide. The virus is spread through flash disks, of course, also make use of autorun bring. Autorun.inf file his stake in such a way, so when users access the disk or flash drive to see properties from the flash disk drive, this virus will be active.

4. Buxto variants
The message from this virus Buxto.Virus created using Visual Basic. In one of the variants, such as for example Buxto.C, he has the body size of 266,240 bytes, without in-pack. This virus resembles icon icon application Mozilla Firefox browser. The virus is known to create autorun every on the drive that he can find to spread. And one thing, the message delivered by this virus is quite nyeleneh, as an ad's message.

5. HelloBaby
Files created HelloBaby when menyebar.Saat virus spread, it will create a Desktop.ini file and autorun.inf with hidden and system attributes. The file will disebarnya to each drive, he found on the infected computer. He will also try to spread themselves on the local network with the previous facilities have been shut off the Windows firewall property. In the computer is infected, there will be some files parent virus. Among them, in the system32 directory, there will be a file with the name wmiprvse.exe and mgrShell.exe, and the core of this file will drop a file from the other body in the Temp directory with the name ctfmon.exe and the Windows directory with the name svchost.exe. And to accelerate action spreads, the virus is also set to support NoDriveTypeAutoRun registry autorun on the floppy disk.

6. Virgear
Virgear caption display messages on the Internet icon Explorer.Ia present with similar multimedia files belong not. Variant B has a file size of 49,152 bytes, without in-pack. Meanwhile, the C variants that we discover, has a file size of 19,968 bytes, and in-pack using UPX. As then, it will replace all the multimedia files that he found such as MP3, 3GP, AVI, WMV, asf, MPG, MPEG, MP4, on the computer with the victims themselves, using almost the same name, only added extensions. EXE in eventually. This virus will also change the settings in the registry to support their life, such as hide the Folder Options, mem-block Regedit, System Restore, and others. Known, Virgear also try to block mem-antivirus and other viruses. For that, rename (name change) from PCMAV-CLN.exe before you use them, such as a 123456.exe. And, on the infected computer, it will display the word "Its open handak · M-Series, ja, it rasain oleh2 from amang hacker" in the caption of Internet Explorer.

7. Plolonk
Plolonk change the wallpaper infected computer. Viruses that local production is made using a Visual Basic, with a size of 67,072 bytes with the condition in-packscramble. In the registry, he created a new item in the run HKLM, with the name of the service, pointing to one of the mainland that there are files in the directory with the name of the Windows dllhost.exe. In addition, the directory can be found an image file that will be used as wallpaper by the name Pl0Lonx.jpg. So on the infected computer, from the computer desktop wallpaper will change his image into forced SuSE Linux. " In addition, to be automatically active, he also put himself in the Startup folder with the name Empty.pif. are likely to use the UPX -

8. Autorunme
Autorunme viruses hide in the recycle bin folder that is not dibuatnya.Virus the production of local programmers have this size of 26,835 bytes, and is estimated to be in use PECompact-pack. He does not have an icon, use only the icon from the Windows standard applications. Menginfeksi time, he tries to instill in the parent directory of the file C: \ Windows \ System with the name msvc32s.exe and with the system and hidden attributes, and create new autorun in the registry with the name "Windows msvc Control Centers." The virus can spread through the media such as flash data storage disks can also be spread through Instant Messaging application. In a flash disk, it will create spurious recycle bin folder that contains files with the name autorunme.exe, and directs the autorun.inf file to run the virus. So, when the user is mencolokan flash disk drive and access is, the virus will be active.

9. Microso variants
File Microso.Virus this virus is present with 3 files, namely MicroSoft.pif, MicroSoft.bat, and MicroSoft.vbs. The third file related to each other. However, there is a file that is the parent of three, namely, MicroSoft.pif. In one of the variants, he has a file size of 18,432 bytes. The virus outside of this issue will be explored at some files. DLL from the body that is Jview.dll and AcXtrnel.dll that will be active with an attempt on explorer.exe or run through Rundll32.exe.

10.Kalong.vbs variants
Pieces of the body of the virus Kalong.vbs.E. VBScript this type of virus has sizable long transverse cross. Kalong.vbs.G variants have been reached. Changes made each variant is not too significant. For example Kalong.vbs.E. The virus has a body size of 5,908 bytes is, in aksinya will create a file autorun.inf in the root of each drive, he found that, of course, to make the distribution of mempermudahnya. In addition to that file, you will also find files by name k4l0n62.sys.vbs, of course, the hidden attributes. At the infected computer, he will be attending the caption menampakan Internet Explorer, by turning them into word diatribe concerning pornography.

Update Info from SOPHOS 2 December 2008

2008-12-02T08:04:00.001-08:00

The following identities have been released or updated in the past 24 hours:

Troj/AdClick-FF (Viruses and Spyware) at 2 December 2008 12:00:20 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojadclickff.html

Troj/BankDl-DK (Viruses and Spyware) at 2 December 2008 12:00:20 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbankdldk.html

Troj/Bckdr-QQO (Viruses and Spyware) at 2 December 2008 12:00:20 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbckdrqqo.html

Troj/Dropr-AN (Viruses and Spyware) at 2 December 2008 12:00:20 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdropran.html

Troj/Fakevir-HW (Viruses and Spyware) at 2 December 2008 12:00:20 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakevirhw.html

Troj/Klif-Gen (Viruses and Spyware) at 2 December 2008 12:00:20 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojklifgen.html

Troj/Wintrim-I (Viruses and Spyware) at 2 December 2008 12:00:20 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojwintrimi.html

Mal/EncPk-GK (Viruses and Spyware) at 2 December 2008 05:56:37 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malencpkgk.html

Troj/Bckdr-QQN (Viruses and Spyware) at 2 December 2008 05:56:37 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbckdrqqn.html

Troj/DwnLdr-HLF (Viruses and Spyware) at 2 December 2008 05:56:37 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhlf.html

Troj/DwnLdr-HLG (Viruses and Spyware) at 2 December 2008 05:56:37 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhlg.html

Troj/FakeAle-KD (Viruses and Spyware) at 2 December 2008 05:56:37 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakealekd.html

W32/Autorun-RG (Viruses and Spyware) at 2 December 2008 05:56:37 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autorunrg.html

Mal/FakeAvJs-A (Viruses and Spyware) at 2 December 2008 02:09:06 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malfakeavjsa.html

Troj/Dloadr-CBQ (Viruses and Spyware) at 2 December 2008 02:09:06 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrcbq.html

Troj/PWS-AWL (Viruses and Spyware) at 2 December 2008 02:09:06 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsawl.html

Troj/PWS-AWM (Viruses and Spyware) at 2 December 2008 02:09:06 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsawm.html

W32/AutoIt-AI (Viruses and Spyware) at 2 December 2008 02:09:06 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autoitai.html

Banners4U (Adware or PUA) at 2 December 2008 00:01:55 (GMT)
http://www.sophos.com/security/analyses/adware-and-puas/banners4u.html

Banners4U Installer (Adware or PUA) at 2 December 2008 00:01:55 (GMT)
http://www.sophos.com/security/analyses/adware-and-puas/banners4uinstall_BscvOr8E.html

Cain n Abel (Adware or PUA) at 2 December 2008 00:01:55 (GMT)
http://www.sophos.com/security/analyses/adware-and-puas/cainnabel.html

Cain n Abel Installer (Adware or PUA) at 2 December 2008 00:01:55 (GMT)
http://www.sophos.com/security/analyses/adware-and-puas/cainnabelinstall_2NP2cb4h.html

Troj/Agent-IJZ (Viruses and Spyware) at 2 December 2008 00:01:55 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentijz.html

Troj/Banker-EOR (Viruses and Spyware) at 2 December 2008 00:01:55 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbankereor.html

Troj/Dloadr-CBO (Viruses and Spyware) at 2 December 2008 00:01:55 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrcbo.html

Troj/Dloadr-CBP (Viruses and Spyware) at 2 December 2008 00:01:55 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrcbp.html

Troj/VBDown-I (Viruses and Spyware) at 2 December 2008 00:01:55 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojvbdowni.html

Mal/TinyDL-V (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/maltinydlv.html

Mal/VBDldr-C (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malvbdldrc.html

Sus/Parasit-A (Suspicious behavior and files) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/suspicious-behavior-and-files/susparasita.html

Troj/Banker-EOP (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbankereop.html

Troj/DwnLdr-HLE (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhle.html

Troj/FakeAV-HF (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavhf.html

Troj/Keylog-KX (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojkeylogkx.html

Troj/Keylog-KY (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojkeylogky.html

Troj/Spy-BL (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojspybl.html

Troj/TDSS-F (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojtdssf.html

Troj/Zbot-BC (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotbc.html

W32/AutoRun-RF (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autorunrf.html

W32/MarioF-A (Viruses and Spyware) at 1 December 2008 20:37:45 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32mariofa.html

Troj/Banker-EOQ (Viruses and Spyware) at 1 December 2008 18:07:05 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbankereoq.html

Troj/Mdrop-BXF (Viruses and Spyware) at 1 December 2008 18:07:05 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojmdropbxf.html

Mal/Behav-035 (Viruses and Spyware) at 1 December 2008 16:12:17 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/malbehav035.html

Troj/Agent-IJT (Viruses and Spyware) at 1 December 2008 16:12:17 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentijt.html

Troj/Agent-IJV (Viruses and Spyware) at 1 December 2008 16:12:17 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentijv.html

Troj/Agent-IJW (Viruses and Spyware) at 1 December 2008 16:12:17 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentijw.html

Troj/Agent-IJY (Viruses and Spyware) at 1 December 2008 16:12:17 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentijy.html

Troj/NtRootK-EE (Viruses and Spyware) at 1 December 2008 16:12:17 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojntrootkee.html

Troj/Renos-BU (Viruses and Spyware) at 1 December 2008 16:12:17 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojrenosbu.html

Troj/Tiotua-Z (Viruses and Spyware) at 1 December 2008 16:12:17 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/trojtiotuaz.html

W32/Bravo-J (Viruses and Spyware) at 1 December 2008 16:12:17 (GMT)
http://www.sophos.com/security/analyses/viruses-and-spyware/w32bravoj.html

PC Media Antivirus (PCMAV)

2008-12-02T07:55:00.001-08:00

PC Media Antivirus (PCMAV)
Copyright (c) 2006-2009 PC Media Magazine

No other antivirus software that is able to completely overcome by the virus
computers, both local and foreign, that many spread in Indonesia
as PCMAV.

Generally antivirus software that is only able to identify and delete files
The bervirus detected. PCMAV TO COMPLETE with accuracy
detection more precision and the ability to save files,
documents and the systems become targets of the virus to attack again
recovered 100%.

With PCMAV, you will get antivirus software, which not only
but simply detects the power of detection able to pursue a respite
99.9% of viruses known to the "radical" without cause
damage to the file system and the infected.

Unique mix of features and accuracy, and concern for the
safety system, files and documents and give you a perfection
antivirus software on PCMAV.

In every edition of PC Magazine Media latest published each month,
PCMAV we continue to refine this feature with the ability and
PCMAV made by the new antivirus software as the appropriate needs
You, faithful readers PC Magazine Media. And become the pride of Indonesia.

WHAT NEW?
--------------
a.Ditambahkan, the user database and cleaning the virus 95
local / foreign / new variants of the reported spread in Indonesia.
Total 2254 virus and its variants are more outstanding in
Indonesia has been known in this version 1.9 by the engine's internal PCMAV.

b.Ditambahkan, special cleaner for the virus Bungas.vbs.

c.Diperbaiki, error detection (false alarms) in some heuristik
programs and scripts.

d.Diperbarui, change the name of the new variants of the virus that
found.

e.Perbaikan some minor bugs and improvisation to the internal code
ensure that PCMAV Cleaner & PCMAV RealTime Protector more
antivirus software from the ordinary.

FEATURES & FAKTA ADVANTAGE PCMAV
----------------------------
This is the advantage that distinguishes PCMAV with other antivirus software:

- BEST ANTIVIRUS: Recognizing at the same time overcome the interference of viruses
computers, both local and foreign virus, which spreads in many
Indonesia more than any other antivirus software in the world.

- PRODUCTION INDONESIA: the first national art production in Indonesia
The quality of the completely different type of interference
computer virus that be naughty.

- CLEAN TUNTAS: With power basmi PCMAV a respite, the virus that
can be naughty even be hunted at the same time be cleaned thoroughly
to the "radical" without rest.

- SAVING DOCUMENT: folders and files documents important that you
hidden (hidden) or infected by the virus can be restored
perfectly up to 100% without worry or risk losing
damage to the files.

- RECOVERY SYSTEM: Silence They Cry registry and important Windows system files
that has been "damaged", by both the virus and as a result of the use of antivirus
Other less reliable, able to regenerate (handle) holistically
to recover 100%.

- AKURAT: Formula special able to make our PCMAV found as
one of the best antivirus in the world in terms of accuracy pendeteksian.
Mistake to detect a virus that is known not in the dictionary PCMAV,
so that errors in the rescue file can be avoided.

- ON PROTECTING: Designed by a pro-active to ensure a
file that has run the free virus and the virus will intercept
before the spread, even to a new virus that is not known. Be
You can also calm, because when your computer is working, not PCMAV
stop protect.

- AUTO UPDATE: Less more than 100 new viruses found in Indonesia
each month. Automatically, with the online updates regularly,
PCMAV will protect your computer from the latest virus threats.

- Checking Make: Technology multi-point scanning in PCMAV effective
avoid the escape of the virus that is able to automatically active as well
code injection, process, services, which is scheduled to even.

- Recognize Closer NEW: Technology "GeneticHeuristic" unique in
effectively able to detect a new virus that is not known.

- PENDETEKSIAN fastest: With a special algorithm, which is in the code
pendeteksiannya core components, PCMAV able to produce the fastest performance
compared to other antivirus software that has been produced in Indonesia.

- Dual core ENGINE ANTIVIRUS: Engine PCMAV can be combined with
pulav engine that has been enhanced by the team to get PCMAV
results pendeteksian virus protection and more, even
up to 400,000 viruses / malware more.

- Easy operation: Menu and a display of antivirus programs
now so enjoyable, easily operated and not ribet.

- WITHOUT INSTALL: PCMAV are portable, so it can be operated
directly without the need to install it.

- AHLI TERPERCAYA: With experience since 1992, antivirus software developers
Media in the PC is a computer virus researchers and antivirus software manufacturer that
very experienced and includes rare in Indonesia. Therefore,
we know how true and trusted antivirus software yield the best
according to the conditions in Indonesia.

- PC SUPPORT MEDIA: PCMAV supported by the Media PC, the computer magazine
the largest in Indonesia.

- FREE: It is an extra bonus on every purchase of PC Magazine Media edition
The latest published each month.

TERMS OF USE (END-USER LICENSE)
---------------------------------------
PC Media Antivirus (PCMAV) is the work and copyright and
integral part of the Media PC, the computer monthly magazine
published by PT Dian Digital Media, which is part
from the leading publishing groups in Indonesia: Pinpoint
Publications.

PCMAV not stated as a program that the public-domain
(public property) or freeware (no cost), but you are free
use and distribution of this program and the full comprehension
(including this README.txt files) without any charge
PCMAV not included along with the material
violate the law and the provisions of the program, as will be explained
in this section met.

PCMAV antivirus programs and all made the PC Magazine Media
allowed for use by a single owner of PC Magazine Media
in the edition which include both individuals and the owners
body of law on the one building the same location. In addition, the program
This also allowed for the use of personal computers in the home, institutions
or a non-profit educational institution funded by the country / institutions
non-profit.

NO HARD OR USE AND USING THIS IN PCMAV VERSI
LOCATION Institutions BUILDING A BUSINESS OR PROFIT-oriented
HAVE NO ISSUE MAJALAH legally discover that the PC release
PCMAV referred.

USE AND UTILIZATION PCMAV OR WITHOUT PERMISSION FOR THIS PURPOSE
OR commercial interests, it was not allowed.

You also are not allowed to do any action, either
directly or indirectly, that could violate rights
on intellectual property, including but not limited to what
referred to as a reverse engineer, decompile, disassemble,
PCMAV or modify.

The Media PC Magazine has issued all the efforts and resources
mengujicobanya and seriously to be PCMAV
give the best results. However, as a rule program
the other computer, you are very aware and understand that the parties
Media PC PCMAV and give all the files associated with it
there, without providing any guarantee that the program is freed
from all kinds of technical risk, and we are not obliged
to replace all the costs that may be caused by all
kinds of functions from the use of this program. For that, very
mem-recommended backup your important data before using the program
it.

During the official comes from the CD / DVD Media PC / PC Mild then guaranteed PCMAV
100% virus free. Although the result of inaccuracies heuristic engine,
some antivirus PCMAV suspect as a virus. Please complain
officially to the antivirus software manufacturer to fix them.
In addition, it is not advisable to run while other antivirus
PCMAV activate.

With the advantage / use PCMAV means you understand and
agree with all of this.

SYSTEM NEEDS MINIMAL
------------------------
Processor: Pentium
RAM: 64 MB
Operating system - Windows XP for Cleaner + RTP
- Non-XP (98, 2000, Vista) for Cleaner only. RTP follow.

Parameters that need to CLEANER (Advanced USER)
-------------------------------------------------- --
/ REGSHELL => To display the "Scan with PCMAV" in the
Right-click the file that will be scanned.
/ UNREGSHELL => To remove the "Scan with PCMAV".
/ FORCE => Allows PCMAV force to clean files
infected.
/ REGCLEAN => Trying to recover registry settings and Tools
Folder Options "to the default condition.
/ NOMEM => No need to scan memory.
/ NOSTARTUP => No need to scan at startup PCMAV.
/ NOUPDATE => No need to check for updates.

S? Closer Unrecognized? Closer NEW affected? PCMAV ERROR?
-------------------------------------------------- --------
If you have not run this PCMAV sebagaimanamestinya,
please report it to the editor of Media PC via e-mail to immediately
we tindaklanjuti.

To keep disinfecting the virus can be carried out thoroughly, then PCMAV
accurately and designed only to identify the exact virus
computers that have been in the collection of computer viruses in the Lab
Antivirus PC Media.

To avoid mistakes pendeteksian and cleaning, then
likely a result of a modification of the variants of the virus will cause
PCMAV can not recognize the virus. Still with viruses
The new work always. For that, please send it in ZIP format
The tar-password via e-mail to the editor of several examples of Media PC files
that you suspect bervirus. After we successfully edited (and this
does not take a moment), we will remove the update to
virus online. Make sure your Internet connection (non-proxy)
has been connected before running PCMAV, to get the update database
the latest viruses.

Improvement of the casebook
-------------------------
In every edition of PC Magazine Media latest published each month,
PCMAV we continue to refine this feature with the ability and
PCMAV made by the new antivirus software as a pride for you,
PC Magazine readers loyal media.

Thank you for the support and trust you to PCMAV!

FULL LIST OF FILE
-------------------
The following is the complete list of files (3 files) from package
PCMAV antivirus programs:

* README.txt - The file you are currently reading
* PCMAV-CLN.EXE - Cleaner main program
* PCMAV-RTP.EXE - the main program RealTime Protector

DOUBLE ENGINE ANTIVIRUS: PCMAV & CLAMAV
---------------------------------------
NOTE: Look indication DATABASE WITH LATEST FROM CLAMAV
The large, then the logical consequence USE OF ENGINE CLAMAV
IN PCMAV should affect the length of the process PENDETEKSIAN
FILE AND disciplines Memory is greater. In addition, ENGINE
MORE CLAMAVdesignated as A SCANNER that do not have
PROCEDURE CLEANER prove ENGINE PCMAV.

PCMAV, both Cleaner and RealTime Protector, in detecting
viruses, other than using its own engine, can also be
with pulav. Which resulted from a combination of both really
terrible to detect computer viruses.

CLAMAV (www.clamav.net) antivirus program is open
Unix is licensed to GPL. Use of this double-engine
aims to make the results pendeteksian virus can be obtained more
again. CLAMAVown database of current virus reached 400,000 /
more malware. Of course logical consequence of the magnitude of this database
is more than the length of the process pendeteksian without engine
CLAMAV, but not necessarily more convincing results.

For some it needed library files (libclamav.dll, libclamunrar.dll,
and libclamunrar_iface.dll) and two database files virus (main.cvd and daily.cvd)
which later placed into the same folder in a folder PCMAV are.
For more details, in pulav integrate this into PCMAV,
The following sequence of steps:

CLAMAV0.94
============
1. The installation procedure library CLAMAV
A. Download the file from the library CLAMAVthe following address:
http://oss.netfarm.it/clamav/
See the section on "Current Stable", and download the file library pulav
0.94 by clicking the appropriate link, such as
http://oss.netfarm.it/clamav/files/clamav-win32-0.94.7z.
When the link is no longer active because of the update
or change the version, please download only the new files
available.

B. Once you get the file "CLAMAV-Win32-0.94.7z" results
was downloaded, do the following extract some files in the folder
where PCMAV Cleaner / RTP are:
- Libclamav.dll
- Libclamunrar.dll
- Libclamunrar_iface.dll

* 7z archive file is a 7-Zip. Use the program through a 7-Zip:
http://www.7-zip.org

2. Virus database Procedures installation pulav
A. Download the file using the download manager database
daily from the following address:

http://db.local.clamav.net/daily.cvd

NOTE: If the appointment of such a direct address
at the top of your browser fails to download a second file,
then go to the site www.clamav.net, and right below
the title "Latest releases" there is a link "daily.cvd." You
live to right-click the link for each file, and select
"Save As."

B. Place the file "daily.cvd" with the file "main.cvd"
on the pulav folder on the CD / DVD Media PC magazine
This edition to the folder where PCMAV Cleaner / RTP is located.

3. After all the above procedure is done, make sure that the
folder PCMAV has 7 (seven) fruit files, namely:

1. PCMAV-CLN.exe ==> PCMAV package from the CD / DVD Media PC
2. PCMAV-RTP.exe ==> PCMAV package from the CD / DVD Media PC
3. README.txt ==> PCMAV package from the CD / DVD Media PC
4. libclamav.dll ==> download extracts results
5. libclamunrar.dll ==> download extracts results
6. libclamunrar_iface.dll ==> download extracts results
7. main.cvd ==> pulav package from the CD / DVD Media PC
8. daily.cvd ==> downloaded

Now you run PCMAV-CLN.EXE, when the CLAMAV
PCMAV successfully integrated by the information will appear
pulav on the database column "PCMAV Informations." And
You can now use PCMAV as usual (including
RTP), with a database of more viruses.

It is important to note:
Make sure your Windows operating system using the library MSVCRT80
suit. If not, pulav will not be integrated with good. If
that happens, please download the following files, extract and place
File-file (Microsoft.VC80.CRT.manifest, msvcm80.dll, msvcp80.dll, and
msvcr80.dll) with the same file PCMAV and other pulav:
http://oss.netfarm.it/clamav/files/Microsoft.VC80.8.0.50727.762.CRT.x86.7z

LIST OF Closer enough to be handled
---------------------------------
The following is a list of viruses that spread in many
Indonesia is able to be handled by the engine PC Media Antivirus 1.9.
Each edition of the latest PC Media magazine will always be accompanied by
PCMAV that have been updated with a version of the virus and the latest data.

NEW Virus in PCMAV 1.9 (95 Virus)
==================================
Aniee.M
Aniee.M.dll.A
Aniee.M.dll.B
Aniee.M.exe.A
Aniee.M.exe.B
Aniee.M.exe.C
Aniee.N
Aniee.O
Aniee.P
Aniee.txt
Anjerit
Autoit.BR
Autoit.BS
Bebek.inf
Bungas.bat
Bungas.bgs.A
Bungas.bgs.B
Bungas.bgs.C
Bungas.inf
Bungas.vbs
Buxto.C
CeylonSpyNet.B
Crashy
Crashy.inf
DewiMars
DewiMars.bat
DewiMars.inf
DewiMars.txt
Dhetya
Euis.C
Formalin.B
ForrisWaitme.C
ForrisWaitme.htt
Ginga
Ginga.jpg
Hikhik
Jaya.vbs
Jaya.vbs.inf
Joker
Joker.inf
Joker.txt
Kalong.vbs.F
Kalong.vbs.G
Kangen.I
Kangen.J
Kangen.K
Kangen.L
Kangen.M
Kangen.O
Kangen.P
Kangen.Q
Kangen.R
Kangen.S
Keybd
Locatory
Locatory.inf
Logon
Logon.ini
Microso.C
NasiTumpeng
NasiTumpeng.htm
NasiTumpeng.Log.txt
NasiTumpeng.txt
Ogeb.vbs
Ogeb.vbs.inf
PicCindy.D
Plolonk
Plolonk.inf
Plolonk.jpg
Projbar
Recycler.D
Recycler.D.exe
Recycler.E
Recycler.F
Rieysha-Lokal
Rieysha-Lokal.doc
Rieysha-Lokal.htt
Rieysha-Lokal.ini
Rieysha-Prisa
Rieysha-Prisa.inf
Rieysha-Prisa.ini
Rieysha-Prisa.vbs.A
Rieysha-Prisa.vbs.B
Starkid
Starkid.exe
Starkid.inf
Starkid.txt
Tiara.M
Tiara.M.txt
Tititan
Tititan.html
Tititan.inf
TLab-Death
Tlab-Ultimate
Yana

VIRUS YANG SUDAH DIKENAL SEJAK PCMAV 1.8 (2254 Virus)
=====================================================
Aastree.A
Aastree.B
Aastree.C
Aastree.D
ABG-Ach
Acro
AdaCinta
AdryZ.A
AdryZ.A.htm
AdryZ.A.inf
AdryZ.A.txt
AdryZ.B
AdryZ.B.txt
Adsw
Adsw.txt
Aduhai.A
Aduhai.B
Aduhai.bmp
Aduhai.txt
Adware.MyWebSearch
Aikom
Aikom.txt
Aites.A
Aites.B
Aites.C
Akakom.A
Akakom.B
Akmal.vbs.A
Akmal.vbs.B
Akmal.vbs.inf
Aksika-Arsitek
Aksika-Arsitek.ini
Aksika-Arsitek.txt
Aksika-Brontok
Aksika-Brontok.exe
Aksika-Brontok.ini
Aksika-Brontok.txt
Aksika-Brontok.zip.A
Aksika-Brontok.zip.B
Aksika-Brontok.zip.C
Aksika-Brontok.zip.D
Aksika-Brontok.zip.E
Aksika-Dago.A
Aksika-Dago.B
Aksika-Dago.bat
Aksika-Dago.C
Aksika-Dago.D
Aksika-Dago.E
Aksika-Dago.htm.A
Aksika-Dago.htm.B
Aksika-Dago.htt
Aksika-Dago.ini
Aksika-Dease
Aksika-Dease.ini
Aksika-Eswete.A
Aksika-Eswete.B
Aksika-Eswete.B.htm
Aksika-Eswete.htm
Aksika-Eswete.ini
Aksika-Eswete.oem
Aksika-Etex
Aksika-Etex.ini
Aksika-Etex.txt
Aksika-Iseng
Aksika-Iseng.ini
Aksika-Iseng.txt
Aksika-Itong
Aksika-Itong.html
Aksika-Itong.ini
Aksika-Kere.A
Aksika-Kere.A.htt
Aksika-Kere.A.ini
Aksika-Kere.A.txt
Aksika-Kere.B
Aksika-Kere.B.htt
Aksika-Kere.B.ini
Aksika-Kere.B.txt
Aksika-Kere.C
Aksika-Kere.D
Aksika-Kere.htt
Aksika-Kere.ini
Aksika-Kere.txt
Aksika-Kompti
Aksika-Kompti.bat
Aksika-Kompti.ini
Aksika-Kompti.txt
Aksika-Kristy
Aksika-Kristy.ini
Aksika-Kristy.txt
Aksika-Qbo
Aksika-Steroid
Aksika-Steroid.txt
Aksika-Thedawn
Aksika-Yuga
Aksika.A
Aksika.B
Aksika.C
Aksika.D
Aksika.D.ini
Aksika.E
Aksika.E.txt
Aksika.F
Aksika.G
Aksika.H
Aksika.htt
Aksika.I
Aksika.ini
Aksika.J
Aksika.K
Aksika.L
Aksika.M
Aksika.msg
Aksika.N
Aksika.N.ini
Aksika.N.txt
Aksika.O
Aksika.P
Aksika.Q
Aksika.R
Aksika.R.htt
Aksika.R.ini
Aksika.R.txt
Aksika.R.vbs
Aksika.txt
Alcohol
Alicia-Mario.A
Alicia-Mario.B
Alicia-Mario.C
Alicia-Mario.htt
Alicia-Mario.ini.A
Alicia-Mario.ini.B
Aliciana
Aliciana.htm
Aliens
Alisa.A
Alisa.B
Alisa.C
Allya.vbs
Allya.vbs.inf
Alonso
Alsika-Qbo.txt
Alzheim
Amburadul.A
Amburadul.B
Amburadul.C
Amburadul.D
Amburadul.inf
AmIRobot
AmIRobot.bat
AmIRobot.bmp
AmIRobot.ini.A
AmIRobot.ini.B
AnakBuncit.A
AnakBuncit.B
AnakFK
Anf
Ang.vbs.A
Ang.vbs.B
Ang.vbs.inf
Angel
Angel.htt
Angel.ini
Angelo-Ankrink.A
Angelo-Ankrink.B
Angelo.A
Angelo.B
Angelo.C
AngeloCaliber.A
AngeloCaliber.B
Aniee-RainCity.vbs
Aniee-TunggulKawung.vbs.A
Aniee-TunggulKawung.vbs.B
Aniee-TunggulKawung.vbs.C
Aniee-TunggulKawung.vbs.D
Aniee-TunggulKawung.vbs.E
Aniee-TunggulKawung.vbs.F
Aniee.A
Aniee.B
Aniee.B.vbs
Aniee.bat.A
Aniee.bat.B
Aniee.C
Aniee.D
Aniee.E
Aniee.E.bat
Aniee.E.dll.A
Aniee.E.dll.B
Aniee.E.dll.C
Aniee.E.exe.A
Aniee.E.exe.B
Aniee.E.jpg
Aniee.E.vbs.A
Aniee.E.vbs.B
Aniee.F
Aniee.F.inf
Aniee.F.vbs
Aniee.G
Aniee.G.bat
Aniee.G.dll.A
Aniee.G.dll.B
Aniee.G.dll.C
Aniee.G.exe.A
Aniee.G.exe.B
Aniee.G.vbs
Aniee.H
Aniee.I
Aniee.J
Aniee.K
Aniee.K.dll.A
Aniee.K.dll.B
Aniee.K.dll.C
Aniee.L
Anjaaz
Anjaaz.exe
Anjaaz.txt
Antiusa
Apong
Apong-Valeria
Apple
Architect
ArialKotim
ArialKotim.txt
Aris.A
Aris.B
Armora.A
Armora.B
Armora.C
Armora.D
Armora.E
Armora.F
Armora.G
Armora.H
Armora.I
Artika
Artis
Arzon
AsSlamBey
AsSlamBey.bmp
AsSlamBey.ini
Autoit.A
Autoit.AA
Autoit.AB
Autoit.AC
Autoit.AC.inf
Autoit.AD
Autoit.AE
Autoit.AF
Autoit.AG
Autoit.AH
Autoit.AI
Autoit.AJ
Autoit.AK
Autoit.AL
Autoit.AM
Autoit.AN
Autoit.AO
Autoit.AO.inf
Autoit.AP
Autoit.AP.inf
Autoit.AQ
Autoit.AR
Autoit.AS
Autoit.AT
Autoit.AU
Autoit.AV
Autoit.AW
Autoit.AZ
Autoit.B
Autoit.B.ini.A
Autoit.B.ini.B
Autoit.BA
Autoit.BB
Autoit.BC
Autoit.BD
Autoit.BE
Autoit.BF
Autoit.BG
Autoit.BH
Autoit.BI
Autoit.BJ
Autoit.BK
Autoit.BL
Autoit.BM
Autoit.BN
Autoit.BO
Autoit.BP
Autoit.BQ
Autoit.C
Autoit.C.ini
Autoit.D
Autoit.E
Autoit.F
Autoit.F.ini
Autoit.G
Autoit.H
Autoit.I
Autoit.J
Autoit.J.inf
Autoit.K
Autoit.L
Autoit.L.inf
Autoit.M
Autoit.N
Autoit.N.inf
Autoit.O
Autoit.P
Autoit.Q
Autoit.Q.inf
Autoit.R
Autoit.S
Autoit.S.ini
Autoit.T
Autoit.T.bat
Autoit.U
Autoit.V
Autoit.W
Autoit.W.inf
Autoit.X
Autoit.X.inf
Autoit.Y
Autoit.Z
Autoply
Autoply.inf
Autoreg
Autoruner-Down
Autoruner.A
Autoruner.A.inf
Autoruner.B
Autoruner.B.inf
Autoruner.C
Autoruner.C.inf
Autorunme
Autorunme.inf
Awan
Awan.txt
Aziz.vbs
Aziz.vbs.inf
Babat-B.A
Babat-B.B
Babat-B.C
Babat-B.D
Babat-B.E
Babel
Babon
Babon.ini
Babon.txt
Bacalid
Bagle.A
Bagle.B
Bagle.B.htm
Bagle.B.vbs
Bagle.msg
Bagong.vbs.A
Bagong.vbs.B
Bali
Bali.msg
Balik
Bandot.A
Bandot.A.txt
Bandot.B
Bandot.B.txt
Banjir
Banjir.exe
Barsaka
Barsaka.exe
BatamIsland
Bazzoka
Bebek
Bercinta
Bersatu.vbs
Bha.vbs
Bha.vbs.inf
Bharatayuda.A
Bharatayuda.B
Bharatayuda.bat
Bharatayuda.bmp
Bharatayuda.C
Bharatayuda.C.htm
Bharatayuda.C.txt.A
Bharatayuda.C.txt.C
Bharatayuda.htm
Bharatayuda.htt
Bharatayuda.ini.A
Bharatayuda.ini.B
Bharatayuda.jpg
Bharatayuda.txt.A
Bharatayuda.txt.B
Bharatayuda.txt.C
BlackHole
BlackHole.exe.A
BlackHole.exe.B
BlackHole.txt.A
BlackHole.txt.B
BlackHole.txt.C
BlackLove.A
BlackLove.A.htm
BlackLove.B
BlackLove.B.htm
BlackLove.B.txt
BlackLove.C
BlackLove.C.bat
BlackLove.C.htm
BlackStar
BlackStar.ini
BlackSymbian
BlackSymbian.exe
BlackSymbian.html
Blangkon
BlitarHack
Bloon.vbs
BlueFantasy
BlueFantasy-Erikimo.A
BlueFantasy-Erikimo.B
BlueFantasy-Erikimo.B.Dropper
BlueFantasy-Erikimo.bat
BlueFantasy-Erikimo.C
BlueFantasy-Erikimo.C.inf
BlueFantasy-Erikimo.D
BlueFantasy-Erikimo.D.inf
BlueFantasy-Erikimo.dll
BlueFantasy-Erikimo.inf
BlueFantasy.msg
Bluventhexi.A
Bluventhexi.A.inf
Bluventhexi.A.txt
Boenk.A
Boenk.B
Boenk.C
Boenk.vbs
Boleh.vbs
Boleh.vbs.inf
Bolos
Bolozer.A
Bolozer.B
Bolozer.C
Bolozer.htm.A
Bolozer.htm.B
Bolozer.htt
Bolozer.inf
Bolozer.ini
Bone
Bone.txt
Boo
Bootmodifer
Bootmodifer.bat.A
Bootmodifer.bat.B
Bootmodifer.reg
Bootmodifer.txt
Borax.A
Borax.B
Borax.C
Borax.D
Borax.html
Borneo
Borneo.msg.A
Borneo.msg.B
Broact
Brontok-1.A
Brontok-1.B
Brontok-1.C
Brontok-1.D
Brontok-1.E
Brontok-10.A
Brontok-10.B
Brontok-10.C
Brontok-10.D
Brontok-10.E
Brontok-10.F
Brontok-11.A
Brontok-11.B
Brontok-11.C
Brontok-11.D
Brontok-12.A
Brontok-12.B
Brontok-12.C
Brontok-12.D
Brontok-12.E
Brontok-12.F
Brontok-12.G
Brontok-12.H
Brontok-12.I
Brontok-12.J
Brontok-12.K
Brontok-12.L
Brontok-12.M
Brontok-12.N
Brontok-12.O
Brontok-12.P
Brontok-12.Q
Brontok-12.R
Brontok-14.A
Brontok-14.B
Brontok-14.C
Brontok-14.D
Brontok-14.E
Brontok-14.F
Brontok-14.G
Brontok-15.A
Brontok-15.B
Brontok-15.C
Brontok-16.A
Brontok-16.B
Brontok-16.C
Brontok-16.D
Brontok-16.E
Brontok-16.F
Brontok-17.A
Brontok-17.B
Brontok-17.C
Brontok-17.D
Brontok-17.E
Brontok-17.F
Brontok-17.G
Brontok-17.H
Brontok-17.I
Brontok-17.J
Brontok-17.K
Brontok-18R.A
Brontok-18R.B
Brontok-18R.C
Brontok-18R.D
Brontok-18R.E
Brontok-18R.F
Brontok-18R.G
Brontok-18R.H
Brontok-18R.I
Brontok-18R.J
Brontok-20.MyBro
Brontok-21.A
Brontok-21.B
Brontok-21.C
Brontok-21.D
Brontok-21.E
Brontok-21.F
Brontok-21.G
Brontok-22.MyBro.A
Brontok-22.MyBro.B
Brontok-3.A
Brontok-3.B
Brontok-3.C
Brontok-3.D
Brontok-4
Brontok-5.A
Brontok-5.B
Brontok-8
Brontok-9
Brontok-Aditiya
Brontok-GavGent.A
Brontok-GavGent.B
Brontok-JoseRay.A
Brontok-JoseRay.B
Brontok-JoseRay.C
Brontok-JoseRay.D
Brontok-JoseRay.E
Brontok-JoseRay.F
Brontok-Joseray.G
Brontok-Laknats.A
Brontok-Laknats.B
Brontok-Laknats.C
Brontok-Sensasi.A
Brontok-Sensasi.B
Brontok-Sensasi.C
Brontok-Sensasi.D
Brontok-Sensasi.E
Brontok-Sensasi.F
Brontok-Sensasi.G
Brontok-Sensasi.H
Brontok-Sensasi.I
Brontok-Yitnoss
Brontok-Yitnoss.html
Brontok.Downloader
Brontok.Downloader.bat
Brontok.html
Brontok.msg
Brontok.MyBro.Downloader
Brontok.MyBro.Downloader.bat
Brontok.MyBro.msg
BudiLuhur
BudiLuhur.inf
Buf
Buff
Buff.B
Buff.bin.A
Buff.bin.B
Buff.bin.C
Buggie
BukBron.A
BukBron.B
BukBron.C
Buxto.A
Buxto.B
Buxto.htm.A
Buxto.htm.B
Buxto.inf
Buxto.jpg
Cacing
Cadaz
Cadaz.htm
Cage
Cage.bin
Cage.msg.A
Cage.msg.B
Canabis
Cantik
CatLuv
CeritaCinta
Cerpen
Cetix.A
Cetix.A.html
Cetix.A.inf
Cetix.A.txt
Cetix.B
Cetix.B.bat
Cetix.B.exe
Cetix.B.gif
Cetix.B.html
Cetix.B.txt
Cetix.C
Cetix.C.html
Cetix.D
Cetix.D.html
Cetix.D.inf
Cetix.D.txt
Cetix.E
Cetix.E.html
Cetix.E.txt
CeylonSpyNet.A
Chasnah.A
Chasnah.B
Chasnah.bat
Chasnah.C
Chasnah.D
Chasnah.D.bat
Chasnah.D.exe
Chasnah.exe.A
Chasnah.exe.B
Cilokdata
Cilokdata.inf
Cilunk-Rose
Cilunk-Rose.txt
CintaFitri.vbs
CintaLau
CintaLau.htm
Cisanggarung.vbs
Cisanggarung.vbs.inf
Cobain.vbs
Codex.A
Codex.B
Codex.C
Codex.D
Codex.D.htm.A
Codex.D.htm.B
Codex.E
Codex.E.htm.A
Codex.E.htm.B
Codex.F
Codex.msg
Comex.vbs
Comex.vbs.inf
Conotabz
Conotabz.bat
Conotabz.cmd
Conotabz.html
Conotabz.inf
CoolFace-Artika
CoolFace-Mutant.A
CoolFace-Mutant.B
CoolFace-Mutant.C
CoolFace-Mutant.D
CoolFace-Mutant.E
CoolFace-Mutant.F
CoolFace-Mutant.G
CoolFace-Mutant.htm
CoolFace-Mutant.inf
CopyA
Crywhoel.vbs
Cuex44
Cukul-Perdana.A
Cukul-Perdana.B
Cukul-Perdana.C
Cukul-Perdana.C.txt
Cukul-Perdana.D
Curhat.A
Curhat.A.inf
Curhat.B
Cvlu
Cvlu.inf
CyberComm
CyberSide
CyberSide.htm
Cymutz.bat
Cymutz.bat.ini
Cymutz.bat.reg
Cyrax-Apikes
Cyrax-HmteIsta
Cyrax-Nelly
Cyrax-Tutor.A
Cyrax-Tutor.B
Cyrax.A
Cyrax.B
Cyrax.C
Cyrax.D
Cyrax.E
Dago.A
DanaKorup
DanaKorup.txt
Danoe.vbs
Danoe.vbs.inf
DaraManis
DarkKnight
DarkKnight.doc
Datos
DeadEchoes
Dealova.A
Dealova.B
Dealova.bat
Dealova.htm
Dealova.txt
DeathRipper
DeathRipper.bat
DeathRipper.txt
Decoil
Decoil.exe.A
Decoil.exe.B
Delf.A
Delf.B
Delf.htt
Delf.ini
Desuna
DeulleDoX.A.107520
DeulleDoX.B.107520
DewaRace.vbs
Dhukun.inf
Dhukun.vbs
Diary.A
Diary.B
DiaryMimi.vbs
DiaryMimi.vbs.inf
Dira.A
Dira.B
Dira.B.htm
Dira.B.htt
Dira.B.ini.A
Dira.B.ini.B
Dira.B.ini.C
Dira.B.ini.D
Discusx.vbs.A
Discusx.vbs.B
Discusx.vbs.B.inf
Diskotik
Djigo
Dn12
Dn12.html.A
Dn12.html.B
Docicon
Dodol
Dodol.msg.A
Dodol.msg.B
Dodol.msg.C
Dodol.msg.D
Dodol.msg.E
Dokom
Dokom.inf
Dokom.ini
DoomBringer
Dora.A
Dora.B
Dora.ini
Dp
Dp.bat
Dp.reg
Drsunbo
DungCoi
Ego
Ego.msg
Eicar-Test-File
Eja
Ejamyve
Eknik.vbs
Elize
Elize.hosts
Elize.htm
Elize.inf
Emil
Emil.vbs
Enden
Enersys
Ericnmai
Escro
Escro.dll
Euis.A
Euis.B
Everything
Evocation
Evocation.inf
Evocation.vbs
ExploitKaht
Explorea.A
Explorea.B
Ezrael.vbs.A
Ezrael.vbs.A.inf
Ezrael.vbs.B
Ezrael.vbs.B.inf
Ezrael.vbs.C
Ezrael.vbs.C.inf
Ezrael.vbs.D
Feelcomz.A
Feelcomz.B
FeelComz.C
FeelComz.C.htm
FeelComz.D
FeelComz.D.htm
FeelComz.D.txt
Feelcomz.htm.A
Feelcomz.htm.B
Feelcomz.txt
Fendi.vbs
Fidaktk
Fisika
FKG
FKG.inf
Flashy
Flazh
FlowerJasmine
FluBurung.A
FluBurung.A.msg
FluBurung.B
FluBurung.C
FluBurung.D
FluIkan.A
FluIkan.B
FluIkan.bmp
FluIkan.C
FluIkan.C.bmp
FluIkan.C.exe
FluIkan.C.htm
FluIkan.hosts
FluIkan.htm
FluIkan.ini.A
FluIkan.ini.B
FluIkan.ini.C
Foldres
Formalin.A
ForrisWaitme.A
ForrisWaitme.B
ForrisWaitme.txt
FourTwoOne.dll
FourTwoOne.htm
FourTwoOne.inf
FourTwoOne.jpg
FourTwoOne.vbs
FourTwoOne.vbs.A
FourTwoOne.vbs.B
Freedom.vbs.A
Freedom.vbs.A.inf
Freedom.vbs.B
Freedom.vbs.B.inf
Freedom.vbs.C
Freedom.vbs.exe
FreeSys
Frezze
Fujack
FunLove.4099
Funxls
Funxls.inf
GadiHot.A
GadiHot.B
GadiHot.C
GadiHot.inf
GadiHot.ini
GadiHot.txt
Gadis
GadisSeksi
GalihPembebasan
Galuh.vbs
Galuh.vbs.inf
GameCape
GameCape.bat.A
GameCape.bat.B
GameCape.inf
GameVB.A
GameVB.B
Garuda
Gawean.A
Gawean.B
Gawean.C
Gawean.txt
GealGeol
GealGeol.htt
GealGeol.ini
GelasPecah.A
GelasPecah.B
Gen.BVCK-Bugi.bat.A
Gen.BVCK-Bugi.bat.B
Gen.BVCK-Bugi.inf
Gen.BVCK-Bugi.ini
Gen.BVCK-Bugi.sys
Gen.BVCK-Bugi.vbs
Gen.FFE-A
Gen.FFE-Asraycx
Gen.FFE-Asraycx.txt
Gen.FFE-B
Gen.FFE-B.inf
Gen.FFE-Dinda
Gen.FFE-Dinda.ini
Gen.FFE-Dinda.txt
Gen.FFE-Fajar
Gen.FFE-Fajar.ini
Gen.FFE-GuitarHero
Gen.FFE-GuitarHero.txt
Gen.FFE-Master
Gen.FFE-Master.txt
Gen.FFE-Mutant
Gen.FFE-Mutant.txt
Gen.FFE-Ooioi
Gen.FFE-Ooioi.txt
Gen.FFE-Raditz
Gen.FFE-Raditz.txt
Gen.FFE-Seta
Gen.FFE-Seta.txt
Gen.FFE-Tangkap
Gen.FFE-Tangkap.txt
Gen.FFE-Win
Gen.FFE-Win.txt
Gen.FFE-Ykcid
Gen.FFE-Ykcid.txt
Gen.FFE.A
Gen.FFE.A.zip
Gen.FFE.B
Gen.FFE.B.zip
Gen.FFE.inf
Gen.Rieysha
Gen.Rieysha.zip
Gen.TLabs.A
Gen.TLabs.A.exe.A
Gen.TLabs.A.exe.B
Gen.TLabs.B
Gen.TLabs.B.exe
Gen.TLabs.C
Gen.TLabs.C.exe
Gen.TLabs.D
Gen.TLabs.D.vbs
Gen.TLabs.E
Gen.TLabs.E.exe
Gen.TLabs.E.txt
Gen.TLabs.F
Gen.TLabs.F.vbs
Gen.Vbswg
Gen.Vbswg.chm
Gen.VBVimaker
Gen.VBVimaker.bat.A
Gen.VBVimaker.bat.B
Gen.VBVimaker.bmp
Gen.VBVimaker.dll
Gen.VBVimaker.exe.A
Gen.VBVimaker.exe.B
Gen.VBVimaker.exe.C
Gen.VBVimaker.html.A
Gen.VBVimaker.html.B
Gen.VBVimaker.ini
Gen.VBVimaker.jpg.A
Gen.VBVimaker.jpg.B
Gen.VBVimaker.man
Gen.VBVimaker.txt.A
Gen.VBVimaker.txt.B
Gen.VBVimaker.txt.C
Gen.VBVimaker.url
Gen.VBVimaker.vmps.A
Gen.VBVimaker.vmps.B
Gen.VBVimaker.vmps.C
Gen.VBVimaker.vmps.D
Gen.VBVimaker.vndy.E
Gen.VBVimaker.vndy.F
Gen.VBVimaker.vndy.G
Gen.VBVimaker.vndy.H
Gen.VBVimaker.vndy.I
Gen.VBVimaker.vndy.J
Gen.VBWG
Gen.VBWG-Intan
Gen.VBWG.doc
Gen.VBWG.zip
Gen.VirVBS
Gen.VirVBS-Cimot.vbs.inf
Gen.VirVBS-Halid.vbs.inf
Gen.VirVBS-Plankton.vbs.inf
Gen.VirVBS.jpg
Gen.VirVBS.rar
Gen.VirVBS.vbs
Gen.VMSharpSoft
Gen.VMSharpSoft.exe
Gen.VMSharpSoft.txt
Geratis.A
Geratis.B
Geratis.C
GerryBlack
GerryBlack.inf
GerryBlack.ini
GerryBlack.txt.A
GerryBlack.txt.B
GerryBlack.txt.C
Gethuk
Gethuk.htm
Gethuk.inf.F
Gethuk.reg.A
Gethuk.reg.B
Gethuk.reg.C
Gethuk.reg.D
Gethuk.reg.E
GetRaw.A
GetRaw.A.exe.A
GetRaw.A.exe.B
GetRaw.A.exe.C
GetRaw.A.exe.D
GetRaw.A.exe.E
GetRaw.A.exe.F
GetRaw.B
GetRaw.B.exe.A
GetRaw.B.exe.B
GetRaw.B.exe.C
GetRaw.B.exe.D
GetRaw.B.exe.E
GetRaw.B.exe.F
GetRaw.C
GetRaw.C.exe.A
GetRaw.C.exe.B
GetRaw.C.exe.C
GetRaw.C.exe.D
GetRaw.C.exe.E
GetRaw.D
GetRaw.E
Getrawen
Getrawen.vbs
GhostyNet.A
GhostyNet.B
GhostyNet.B.html
Gila
Gila.bat
Gila.vbs
GirlSurf
Godham
Godham-Princes
Godham-Princes.html
Godham.exe.A
Godham.exe.B
Godham.Inf
Gokil
Gombel
GonzHacK.A
GonzHack.B
GonzHacK.inf
GonzHacK.reg
Gotoany
Gover.A.vbs
Gover.B.url
Gover.B.vbs
GreyBird
GreyBird.inf
Grogotix.A.225792
Grogotix.B.225792
Grogotix.C.225792
Grogotix.D.225792
Grogotix.hosts
Grogotix.htm
Grogotix.zip
Guanggao
Gundar
Gundar.exe
Gundar.inf
Gundar.ini
Gutbai
Habd
HackDemo
Hackids
Hackids.bat.A
Hackids.bat.B
Hackids.ini.A
Hackids.ini.B
Hackids.vbs.A
Hackids.vbs.B
HaloBatam
HaloBatam.doc
Hampa
Hampa.hosts
Hampa.htm
Hampa.htt
Hampa.inf
Hampa.ini
Hampa.reg
Hampa.tmp.A
Hampa.tmp.B
Hampa.tmp.C
Hampa.tmp.D
Hampa.tmp.E
Hampa.tmp.F
Hampa.tmp.G
Hampa.tmp.H
Hampa.tmp.I
Hampa.tmp.J
Hampa.tmp.K
Hampa.tmp.L
Hampa.tmp.M
Hampa.tmp.N
Hampa.txt
Harpot.A
Harpot.B
Harpot.C
Harpot.D
Harpot.E
Harpot.F
Harpot.G
Harpot.H
Harpot.I
Harry
Harry.html
Harry.ini
HarunMaya
Heap.A
Heap.B
Heap.B.exe
Heap.inf
Heap.mp3
Heap.txt.A
Heap.txt.B
Heap.txt.C
Heap.txt.D
Heap.txt.E
Heap.txt.F
Heap.txt.G
HelloBaby.A
HelloBaby.B
HelloBaby.exe
HelloBaby.inf
Hentai
Hentai.inf
Hentai.txt
Heny
Himafi
Hinf.vbs.htt
Hokage
Hokage.htt
Hokage.inf
Hokage.ini
Hokage.txt
Honey
Honey.htm
Honey.ini
HotMandarin
Husa.vbs
Husa.vbs.inf
Hutan
Idhunks
IlusiShell.vbs
IlusiShell.vbs.inf
IlusiShell.vbs.txt
Indo.A
Indo.B
Indo.C
Influenza
Influenza.htm
Infolahta
Infolahta.doc
Infor
Infor.inf
Initialp
Initialp.ini
Initialp.vbs
Iphank.vbs
Iphank.vbs.inf
Irma
Irma.html
Itz
Itz.exe
Jablunt
Jablunt.inf
Jadwal.A
Jadwal.B
Jadwal.reg
Jambanmu.A
Jambanmu.B
Jaringan
Jeefo.36352
Jengah
Jengah.html
Jengah.vbs
Jengah.vbs.html
JeritanRakyat.A
JerukPurut
Joke.Hikaru
Joke.Kliker
Joke.Pokemon
Joke.Vibrate
Joniezz
Joniezz.inf
KabaLove
Kadaj.A
Kadaj.A.inf
Kadaj.B
Kalong.inf
Kalong.vbs.A
Kalong.vbs.B
Kalong.vbs.B.inf
Kalong.vbs.C
Kalong.vbs.D
Kalong.vbs.E
Kalong.vbs.E.inf
KamaSutra
KamaSutra.htt
KamaSutra.ini
KamaSutra.mim
Kangen.A
Kangen.B
Kangen.C
Kangen.D
Kangen.E
Kangen.F
Kangen.G
kangen.G.doc
Kangen.H
Kangen.H.doc
Kanibalindo.A
Kanibalindo.B.exe
Kanibalindo.reg
Karikatur
Keith.vbs.A
Keith.vbs.B
Keith.vbs.B.inf
Keith.vbs.C
Kidala
Kidding
Kill.vbs
Kloning
Kloning.B
Kloning.bmp.A
Kloning.bmp.B
Kloning.ini
Kohoin
Kohoin.bat
Kohoin.txt
Koplax
Koplax.htm
Koplax.htt
Koplax.inf.A
Koplax.inf.B
Koplax.ini
Koplax.txt.A
Koplax.txt.B
Koplaxz.A
Koplaxz.B
Koplaxz.htm.A
Koplaxz.htm.B
Koplaxz.htm.C
Koplaxz.inf
KotaGudeg.A
KotaGudeg.B
Kowai
Kowai.inf
Krempeng
Krempeng.inf
Krempeng.vbs
Kryptik
Kryptik.inf
KSpoold.A
KSpoold.A.dll
KSpoold.A.exe
KSpoold.B
KSpoold.B.dll
KSpoold.C
KSpoold.C.exe
KSpoold.D
KSpoold.D.dll
KSpoold.E
KSpoold.E.dll
KSpoold.E.htt
KSpoold.E.ini
KSpoold.F
KSpoold.G
KSpoold.G.dll
KSpoold.tmp
Kuserv.A
Kuserv.B
Kutching
Kutching.temp
Kutching.txt
Kuya
Kuya.txt
KyrEnt.A
KyrEnt.B
KyrEnt.bmp
KyrEnt.C
KyrEnt.D
KyrEnt.D.htm
KyrEnt.D.inf
KyrEnt.E
KyrEnt.F
KyrEnt.F.exe
KyrEnt.G
KyrEnt.H
KyrEnt.H.ini
KyrEnt.hta
KyrEnt.I
KyrEnt.ini.A
KyrEnt.ini.B
KyrEnt.J
KyrEnt.J.ini
KyrEnt.K
KyrEnt.L
KyrEnt.txt
Lambertus
Lambertus.doc
Lambertus.html
LampungCreative
Lancang
Landhita
Langgirri.A
Langgirri.A.rtf
Langgirri.A.vbs
Langgirri.B
Langgirri.B.txt
Lapindo.A
Lapindo.B
Lapindo.C
Lapindo.C.htm
Latifah-Melati.A
Latifah-Melati.B
Latifah-Melati.C
Latifah-Melati.htm.A
Latifah-Melati.htm.B
Lavos.vbs
Lavos.vbs.inf
Leacon
Leena.A
Leena.B
Leena.C
Leena.C.dl_
Leena.C.dll
Leena.C.doc
Leena.D
Leena.E
Leena.E.doc
Leena.E.html
Leena.F
Leena.F.doc
Leena.G
Leena.H
Leena.I
Leena.J
Leena.K
Leena.L
Lemorai
Lemorai.inf
LipGame
LoveHurts
LoveLetter.vbs.A
LoveLetter.vbs.B
LoveLetter.vbs.B.htm
LoveNina
LovePraja
LovePraja.inf
LovePraja.jpg
Lovesick
LTM
LTM.inf
Lucu
Lucu.bat
Lucu.htm
Lucu.reg.A
Lucu.reg.B
Lucu.reg.C
Lucu.reg.D
Lugu
Lugu.bat
Lz32.vbs
Lz32.vbs.inf
Maheswara
Majalah
Majnun
Majnun.hosts
Majnun.txt
Malingsi
Malingsi.dll.A
Malingsi.dll.B
Malingsi.exe
Malingsi.ini.A
Malingsi.ini.B
Malingsi.ini.C
Malingsi.ini.D
Malingsi.ini.E
Malingsi.ini.F
Malingsi.ini.G
Malingsi.ini.H
Malingsi.ini.I
Maniez
Maniez.htm
Maniez.htt
Maniez.ini.A
Maniez.ini.B
Manorblack
Marsand
Mate
Maxi
Mazda
Mazda.txt
Meme.A
Meme.B
Meme.bmp
Meme.C
Meme.D
Meme.txt
MeryPendekar
Mia
Mia.gif
Microso.A
Microso.A.dll.A
Microso.A.dll.B
Microso.B
Microso.B.bat
Microso.B.dll.A
Microso.B.dll.B
Microso.bat
Microso.vbs
Mig.A
Mig.B
Mig.C
Mig.txt
Modif
Modif.reg.A
Modif.reg.B
Moonlight-B.A
Moonlight-B.A.upd
Moonlight-B.AA
Moonlight-B.AB
Moonlight-B.AC
Moonlight-B.AD
Moonlight-B.AD.txt.A
Moonlight-B.AD.txt.B
Moonlight-B.AE
Moonlight-B.B
Moonlight-B.C
Moonlight-B.C.msg
Moonlight-B.D
Moonlight-B.E
Moonlight-B.F
Moonlight-B.F.msg.A
Moonlight-B.F.msg.B
Moonlight-B.G
Moonlight-B.G.msg
Moonlight-B.H
Moonlight-B.htt
Moonlight-B.I
Moonlight-B.J
Moonlight-B.K
Moonlight-B.L
Moonlight-B.M
Moonlight-B.msg.A
Moonlight-B.msg.B
Moonlight-B.msg.C
Moonlight-B.N
Moonlight-B.O
Moonlight-B.P
Moonlight-B.Q
Moonlight-B.R
Moonlight-B.S
Moonlight-B.T
Moonlight-B.txt
Moonlight-B.U
Moonlight-B.V
Moonlight-B.V.dll.A
Moonlight-B.V.dll.B
Moonlight-B.V.mid
Moonlight-B.V.txt
Moonlight-B.W
MoonLight-B.X
MoonLight-B.X.html
MoonLight-B.X.txt
Moonlight-B.Y
Moonlight-B.Y.txt
Moonlight-B.Z
Moonlight-B.Z.txt
MoontoxBro.A
MoontoxBro.A.cmd
MoontoxBro.A.hosts
MoontoxBro.A.htm
MoontoxBro.A.inf
MoontoxBro.A.mid
MoontoxBro.A.vbs
MoontoxBro.B
MoontoxBro.B.htm
MoontoxBro.B.vbs
MoonTracker
Moviemk
MrDeep.vbs
MrDeep.vbs.inf
Multiply
Museholic.txt
Museholic.vbs
Myday
Myday.exe
MyDoom
MyGenX
MyGenX.htm.A
MyGenX.htm.B
MyHeart
MySharona.A
MySharona.B
MySharona.C
MySharona.inf
MyTob.A
MyTob.B
MyTob.C
MyTob.D
MyTob.D.exe
MyTob.E
MyTob.F
MyTob.F.dll
Myztx
Myztx.bat
Nadyapriani
Nadyapriani.htm
Naga.A
Naga.B
Naga.C
Naga.exe
Naga.htt
Naga.ini
Nahital
Naiad.vbs
Nano
Naruto
Naruto.vbs
Naruto.vbs.inf
NarutoShip
NarutoShippuden
NarutoShippuden.vbs
NarutoUnnes
NarutoUnnes.htm
Natasha
NdraShell.vbs
NdraShell.vbs.inf
NdraShell.vbs.txt
Nemesis
Neo
NetLog.vbs
NetSky.C
Nighttalkerz.vbs
Nighttalkerz.vbs.inf
Nihilit.vbs
Nimda
Nina
Nina.txt
Ninta
Ninta.inf
Nita-Mahadewa.vbs.A
Nita-Mahadewa.vbs.B
Nita-Mahadewa.vbs.inf
Nita.A
Nita.B
Nita.vbs
Nita.vbs.inf
NitaILove
Nitaku.A
Nitaku.B
Noboe
Noboe.txt
Noge
Noge.htm
Noge.txt
Nohack.vbs
Nohack.vbs.inf
Noooh.A
Noooh.B
Notbron
Notbron.vbs
NoTelp
Novi.vbs
Novi.vbs.inf
NowHacked
Numkam
NunukanVixer
NunukanVixer.txt
Nuron
Nuron.bat
Nuron.inf
Oakley
Officestar
OnGames
OnGames.inf
Onye
Pacaran
Pacuks
Paesa.vbs
Paesa.vbs.inf
Parents
Parents.inf
Parents.txt
PasswordATM
PatahHati
PatahHati.msg
Payakumbuh.vbs
Payakumbuh.vbs.htm
Payakumbuh.vbs.inf
Pege
Pege.dll
Pege.inf
Pembawa
Pembawa.txt
PendekarBlank
PendekarBlank.txt
Pengging
Penyiar
Penyiar.htm
Perang
Perang.htm
Perang.htt
Perez
Perjaka
Perjaka.ini
Perjaka.txt
Perjuang
Perskype
Pesin.A
Pesin.B
Pesin.C
Pesin.D
Pesin.doc.A
Pesin.doc.B
Pesin.E
Pesin.F
Pesin.F.doc
Peta.A
Peta.B
Peta.C
Peta.D
PetBot
PicCindy.A
PicCindy.B
PicCindy.C
Piglet.A
Piglet.A.bat
Piglet.A.htt
Piglet.A.inf
Piglet.A.ini
Piglet.A.jpg.A
Piglet.A.jpg.B
Piglet.B
Piglet.B.bat
Piglet.B.htt
Piglet.B.inf
Piglet.B.ini
Piracy
Plaige
Plankton
Pln
Pln.txt
Pluto.A.104448
Pluto.B.85504
Pluto.bmp
PNGExploit
Poem
Poem.exe.A
Poem.exe.B
Poem.exe.C
Poem.inf
Poem.txt
Postgres
Pray.A
Pray.B
Pray.inf
Prethoryan
Prethoryan.htt.A
Prethoryan.htt.B
Prethoryan.ini
Prethoryan.txt
Pria
Pruztacy
Publikasi.A
Publikasi.B
Puisi
PuisiHati.A
PuisiHati.B
Purwo
QuanTrong
QuanTrong.inf
Quick
Rahasia
Raider.vbs.A
Raider.vbs.A.inf
Raider.vbs.B
Raider.vbs.B.inf
Raider.vbs.C
Raider.vbs.C.inf
Raider.vbs.D
Raider.vbs.E
Raider.vbs.F
Raider.vbs.F.inf
Rakun
Rapel
Rascal
Rascal.bmp
Rascal.dat
Rascal.ini
Ravmon
Ravmon.inf
RavMonLog
Recycler.A
Recycler.B
Recycler.C
Red.vbs
Red.vbs.inf
Redlof.vbs
RedWines
ReFuse
ReFuse.inf
Regestry
Reincarnation.A
Reincarnation.B
Reincarnation.C
Reincarnation.D
RemCon
RemCon.exe
Remotion
Remotion.B
Remotion.B.hosts
Remotion.B.htm
Remotion.bat
Remotion.C
Remotion.hosts
Remotion.htm.A
Remotion.htm.B
Renova.A
Renova.B
Renova.C
Renova.D
Renova.E
Renova.E.htm.A
Renova.E.htm.B
Renova.E.vbs.A
Renova.E.vbs.B
Renova.E.vbs.C
Renova.E.vxd
Renova.F
Renova.G
Renova.H
Renova.htm
Renova.I
Renova.J
Renova.txt
Repvblik.txt
Repvblik.vbs
Reva.vbs
Reva.vbs.inf
Reva.vbs.jpg
Rhex
Rhex.txt
Rian
Rian.exe
Rian.vbs
Rian.vbs.inf
Riand
Rieysha-Desa
Rieysha-Desa.htm
Rieysha-Desa.inf.A
Rieysha-Desa.inf.B
Rieysha-Hack.vbs
Rieysha-Hack.vbs.inf
Rieysha-Hack.vbs.txt
Rieysha-Jogja.A
Rieysha-Jogja.B
Rieysha-Jogja.inf
Rieysha-Jogja.txt
RikRikNong
Rikriknong
Ririn
Ririn.htm
Ririn.htt
Ririn.inf
Ririn.ini
Riyani
Robert
RomanticDevil.A
RomanticDevil.A.htm
RomanticDevil.A.pic
RomanticDevil.A.txt
RomanticDevil.B
RomanticDevil.B.htm
RomanticDevil.B.txt
RomanticDevil.bmp
RomanticDevil.C
RomanticDevil.C.htm
RomanticDevil.vbs
Romlah.A
Romlah.B
Romlah.B.ini
Romlah.B.txt
Romlah.txt
Ronkor
Ronkor.htt
Ronkor.ini.A
Ronkor.ini.B
Ronkor.txt
Rontok
RontokBro
RontokBrow.A
RontokBrow.B
RontokBrow.B.htt
RontokBrow.B.ini
RontokBrow.B.txt
RontokBrow.C
RontokBrow.D
RontokBrow.E
RontokBrow.E.txt
RontokBrow.F
RontokBrow.G
RontokBrow.H
RontokBrow.H.exe
RontokBrow.H.htt
RontokBrow.H.inf
RontokBrow.H.ini
RontokBrow.I
RontokBrow.I.exe
RontokBrow.I.htt
RontokBrow.I.inf
RontokBrow.I.txt.A
RontokBrow.I.txt.B
RontokBrow.J
Roro
Rose-Loren.A
Rose-Loren.B
Rose-Loren.bat.A
Rose-Loren.bat.B
Rose-Loren.bmp
Rose-Loren.C.A
Rose-Loren.C.B
Rose-Loren.C.html
Rose-Loren.C.ini
Rose-Loren.D
Rose-Loren.htm
Rose-Loren.ini
Rose-Loren.jpg
Rush
Rush.txt
Ruupp
Ryodan
Ryodan.htm
Salxls
Salxls.inf
SangPrw
Santri.vbs
Santri.vbs.inf
Satrio-Vita
Scala.vbs
Scala.vbs.inf
Scootr
Scootr.ini
Scootr.txt
SecretFolder.A
SecretFolder.B
SecretFolder.C
SecretFolder.D
SecretFolder.htt
SecretFolder.ini
SecurityAx
Semproel
Semproel.htm
Semut
Semut.vbs
Septemberends
Septemberends.bat.A
Septemberends.bat.B
Septemberends.bat.C
Septemberends.bat.D
Septemberends.bat.E
Septemberends.bat.F
Septemberends.bmp
Septemberends.dat
Septemberends.htm
Septemberends.inf
Septemberends.ini.A
Septemberends.ini.B
Septemberends.ini.C
Septemberends.reg
Septemberends.txt.A
Septemberends.txt.B
Septemberends.wav
ServMouse
ServMouse.inf
Shellynt
Sherry.A
Sherry.B
Sherry.C
Shindu.bmp
Shuriken.A
Shuriken.B
Shuriken.C
Shuriken.D
Shuriken.E
Shuriken.F
SidoarjoHot.vbs
SidoarjoHot.vbs.inf
Sina
Sky
Sky.inf
SkyDV.vbs
SkyDV.vbs.inf
SkyNet.A
SkyNet.A.b64
SkyNet.A.dll
SkyNet.A.zip1
SkyNet.A.zip2
SkyNet.A.zip3
SkyNet.A.zipped
SkyNet.B
SkyNet.C
SkyNet.D
SlowAndSilent.vbs
SlowAndSilent.vbs.inf
SlowButSure.vbs.A
SlowButSure.vbs.A.inf
SlowButSure.vbs.B
SlowButSure.vbs.B.inf
SlowButSure.vbs.C
SlowButSure.vbs.C.inf
SlowButSure.vbs.D
SlowButSure.vbs.D.inf
SlowButSure.vbs.E
SmanMadiun
SmanMadiun.bat.A
SmanMadiun.bat.B
SmanMadiun.reg
SmanMadiun.txt
Smart
Smasa
Smasa.ini
Smasa.txt
Smile
Smile.rtf
Smile.txt
SmsCinta.vbs
SmsCinta.vbs.inf
SmsLucu
SmsLucu.html
SmsLucu.htt
SmsLucu.inf
SmsLucu.ini
SoccerMania
SoccerMania.htm
SoccerMania.htt
SoccerMania.ini
Socks
Sohanad.A
Sohanad.B
Sohanad.C
Sohanad.C.hosts
Sohanad.D
Sohanad.E
Sohanad.E.hosts
Sohanad.F
Sohanad.G
Sohanad.H
Sohibq
Solidsn.vbs
Solidsn.vbs.inf
Spiderman
Spiderman.bat
SpiderX
Spoofer
SpoolsXplor.vbs
SpoolsXplor.vbs.inf
Spyder.A
Spyder.B
Spyex
Srikusnanti
Srvices
Stargate
Stargate.html
Stargate.inf
Stargate.ini
Starone
Stitna
Stitna.jpg.A
Stitna.jpg.B
Stitna.jpg.C
Stitna.txt
Strawhat.A
Strawhat.A.htm
Strawhat.B
Sujin.vbs
SuppMB
Svseehost
Syarah
Syarah.vbs
Sysabdas
Sysmngmt
System76
Systemil
TambalBand
TambalBand.txt
TamiFlu
Tati
Tati.inf
Tati.txt
Tawon
Terrorist.A
Terrorist.B
Terrorist.txt
Tesotak.A
Tesotak.B
Tesotak.inf
TestUsb
TestUsb.sys
TheBrother
TheCoolPics.A
TheCoolPics.B
TheCoolPics.C
TheCoolPics.D
TheCoolPics.E
TheCoolPics.inf
TheSunday
TheWorld
TheWorld.html
Thumbs
Thumbs.B
Thumbs.htt
Thumbs.inf
Thumbsdb.vbe.A
Thumbsdb.vbe.B
Thumbsdb.vbe.inf
Tiara-Alimah
Tiara-Alimah.bat
Tiara.A
Tiara.A.msg
Tiara.B
Tiara.C
Tiara.C.bat
Tiara.C.vbs
Tiara.D
Tiara.D.exe
Tiara.E
Tiara.F
Tiara.G
Tiara.H
Tiara.I
Tiara.J
Tiara.K
Tiara.L
Tibeulat
Tikoh
Tikoh.htt
Tikoh.ini
TikusLupus.A
TikusLupus.B
Tinutuan.A
Tinutuan.B
Tinutuan.C
Tinutuan.D
Tinutuan.E
Tinutuan.F
Tinutuan.msg
TiwiCute
TiwiCute.inf
TiwiCute.txt
Tokek
Toking
Tomero
Tomero.doc
Topinsutki-Moontok
Topinsutki-Moontok.vbs
Topinsutki.A
Topinsutki.B
Topinsutki.exe.A
Topinsutki.exe.B
Topinsutki.vbs
Toy
TQ.vbs
TQ.vbs.inf
Trojan.Dialer
Trojan.DialerHard
Trojan.IRCBot
Trojan.IRCBot.tar
Trojan.Live
Trojan.PassDump
Trojan.PerfKeyLog
Trojan.ProxyAgent
Trojan.Sinowal
Trojan.StartPage
Tsunami-Unmul.A
Tsunami-Unmul.B
Tsunami-Unmul.C
Tsunami-Unmul.D
Tsunami-Unmul.E
Tsunami-Unmul.F
Tugas.A
Tugas.B
TukulNdeso.VBS
TukulNdeso.VBS.hosts
TukulNdeso.VBS.html
TukulNdeso.VBS.inf
TukulNdeso.VBS.ini
Tuna.vbs.A
Tuna.vbs.B
Tuna.vbs.inf
Tutor.A
Tutor.B
Tutor.C
Udin
UdinLucu
Ultah
Unmul.D
Unmul.E
Unmul.E.doc
Usrhost
ValentineCrush
Valeria
Valium.vbs
ValoAchoto
ValoAchoto.bat.A
ValoAchoto.bat.B
ValoAchoto.inf
Vanpraja
Vanpraja.txt
VbForm
VCybe
VCybe.txt
Venom
Vergon
Vhack
Vimaker.A
Vimaker.A.htt
Vimaker.A.inf
Vimaker.A.ini
Vimaker.B
Vires.A
Vires.B
Vires.C
Vires.D
Vires.D.bat
Vires.E
Vires.F
Vires.G
Virgear.A
Virgear.A.inf
VirGear.B
Vitri
Vitri.htm
Vitri.txt
VlandCrime
VlandCrime.ini
VlandCrime.txt
Wayang-Bunga
Wayang-Bunga.bmp
Wayang-Bunga.bmp.C
Wayang-Bunga.hosts
Wayang-Bunga.htm
Wayang-Bunga.htt
Wayang-Bunga.ini
Wayang-Bunga.txt
Wayang-Pandawa.A
Wayang-Pandawa.B
Wayang-Pandawa.bmp
Wayang-Pandawa.hosts
Wayang-Pandawa.html
Wayang-Pandawa.htt
Wayang-Pandawa.inf
Wayang-Pandawa.ini.A
Wayang-Pandawa.ini.B
Wayang-Pandawa.txt
Wiez
Wiez.exe
WinDevils
WinDevils.ini
WinDevils.txt
Windx-Maxtrox
Windx.A
Windx.B
Windx.C
Windx.C.ini
Windx.C.txt
Windx.D
Windx.D.inf
Windx.gif
Windx.inf
Windx.ini
Wkyo.A
Wkyo.B
WMSuriA
Wolf
Wolf.htm
Wolf.inf
Wolf.ini
Wolf.jpg
Woot
Woot.exe
Worker
WSar.A
WSar.B
WSar.C
Wukill.A
Wukill.B
Wukill.C
Wukill.htt
Wukill.ini
Xanoa
Xanoa.bat
Xanoa.html
XAttack.vbs.A
XAttack.vbs.B
XAttack.vbs.B.inf
XFly.A
XFly.B
XFly.html
XFly.inf.A
XFly.inf.B
Xpower
XZoneBaliem
XZoneBaliem.htt
XZoneBaliem.ini
Yadoy
Yadoy.htt
Yadoy.inf
Yazzuke.vbs
Yazzuke.vbs.bat.A
Yazzuke.vbs.bat.B
Yazzuke.vbs.inf
Yoos
Yosa
Yoshitsune
Yoshitsune.html
Yoshitsune.jpg
Yoshitsune.ysh
Yudizat
Yulbitha.A
Yulbitha.B
Yulbitha.C
Yulbitha.D
Yulbitha.D.html
Yulbitha.htm.A
Yulbitha.htm.B
Zakia
Zakia.htt
Zakia.ini
Zakia.txt
ZeroUnknown
ZeroUnknown.inf
ZetKa
ZetKa.htm
ZetKa.inf
ZetKa.txt
Zifoe.A
Zifoe.B
Zifoe.txt.A
Zifoe.txt.B
Zndll
Zulanick
Zulanick.bmp
Zulu.vbs

Free Download Norton Antivirus 2009

2008-12-02T07:40:00.001-08:00

Symantec is confident with the ability of Norton Internet Security 2009 and Norton AntiVirus 2009. Results of the test product is made by several independent institutions add more confidence Symantec.

The company's independent testing of security systems, AV-Test, recently released the results of the analysis of the device software security protection in 2009 against malware attacks. AV-Test comparing Norton Internet Security 2009 beta version with 33 software packages other popular virus scanner.

The result is the Norton Internet Security 2009 beta occupy the highest ranking in the list with 98 percent to detect malware, detecting 95 percent of spyware and does not generate a diagnosis.

In addition to AV-Test, other independent institutions that also go Norton 2009 software is PasMark impact on the performance of Symantec security software products and competitors in the most important metrics-metrics. Testing of these institutions is done by using Windows Vista with the Intel Core 2 Duo 6300 and 1 GB of RAM.

Things that are protruding from the report PasMark is the installation of Norton Internet Security 2009 claimed the fastest time by 52 seconds. The use of working memory also considered, at least, with less than 7 MB or more precisely only 6.92 MB, while a quick scan can be completed in 33 seconds.

Effendy Ibrahim, Norton Business Leads South Asia Region, said, consider a number of the test results, the company is confident will be the ability of this Norton 2009.

"Because the results are satisfactory, not only from our lab, but also from the review of a number of outside parties that the result is very good," he says to a number of journalists, on the sidelines of the launch of Norton 2009, which took place at the Sepang International Circuit - Malaysia - Tuesday (23 / 9 / 2008).

Two security software from Symantec, Norton Internet Security (NIS) and Norton AntiVirus (Index) version 16 is entering the Beta Norton Internet Security 2009 and Norton AntiVirus 2009. In this version, states developed using a new architecture that will reduce the boot time, scan time, and also reduces memory consumption. The existence of a silent mode that features added, will be possible to disable the messages that aim to inform, but sometimes the problem will be disrupted if the messages appear at this time to run specific programs such as games.

Hoping the two feedback related software is being developed, Symantec is to provide can be downloaded and used.

To download and get the product key Norton Internet Security 2009, can access the page begins with the Norton Internet Security 2009 Beta and

country information and email address. Next click on the download button or directly via this address, while the product key will be sent through an email address. Similarly, with Norton AntiVirus 2009 Beta, only access charging is done in the form page Norton AntiVirus 2009 Beta and downloading via this address.

But unfortunately both the installer file size is large enough that is about 50 MB, and only provided on the FTP server that for most users do not enable downloading via the protocol. I was doing the remote upload both the installer file to Rapidshare that each can be accessed via the following address, a user account for a premium Rapidshare will be easier to download.

Norton Internet Security 2009

Norton Antivirus 2009 Download

Most Popular Local Virus 2008/2009

2008-12-02T07:33:00.001-08:00

The first quarter of 2008, a decrease in activity not seen the creation of a new virus in Indonesia. Compared to the year 2007, including the most active year for the VM (Virus Maker), on average each month Laboratory Vaksincom receive more than a hundred new viruses. As a note, this data is "only" sample of the virus received Vaksincom in Indonesia alone. Recorded names such as Rontokbro, Autorun, VBWorm, and the Republic of VB Troj which is a local production, but that is surprising is disbursed variants of the virus, which received foreign Vaksincom as Sohanad, Agent, SmallTroj, NSAnti, Bancos, Delf, Dloader and Solow.

Sang Perawan Sang, between
Sang Perawan, between the first two months in 2008 to record greater success in spreading because it is not detected by antivirus software. Norman Virus Control mendeteksi. Norman Virus Control detected as W32/VBWorm.GZH, between the months since July 2007. Viruses are more popular known by the name W32/Sang Perawaj or between the maker of three-wheelers and in February 2008 is typically inject JPEG image files have a certain size (Photographics Joint Expert Group). The two variants are found, between this individual has the original size of 301 KB and 91 KB (see picture 1). Therefore, the JPEG file in the second injection of this virus will change and grow menjadi.EXE size of 301 KB or 91 KB (depending on the menginfeksi variants) and pick to win, the JPEG file into error and could not be opened again.
To restore the JPEG file that has "trust" by the virus, you can use the tools, "Chanal jpg Splitter" made by Yayat and can be found in this edition DVD Chip.

Stargate Stargate
. "If the Baruna Reaching the Want More Beautiful, put and do." That is the message that appears every time the computer is infected with the virus or W32/Agent.DRUU Stargate is running Internet Explorer that will open the file St4rgt.html.. Stargate will forge itself with the folder icon and the virus is difficult to be cleaned, including because it will redirect to make an executable file to run himself. In addition, this virus also try disabling several antivirus and could not function properly. One of the things that need to be a record that is interesting is the attention on this virus secpol.msc (Security Policy) and gpedit.msc (Group Policy Editor) is the author of this virus specifically to make a block on secpol and gpedit so that the infected computer will display a message Stargate error every time you run the second palikasi above. (lihat gambar 2) (see picture 2)

Hokage Hokage
The virus detected by Norman as a vbs / Repulik this action similar Kespo inject MS Office files. Bedanya kalau Kespo mengincar file di komputer, Kespo take the difference if the file on the computer, alter Repulik MS Office files in the Flash Disk and menginjeksinya with himself. File MS Word and Excel that the injection will increase size of 5 KB file and a virus, but also change the file extension into the double extension. For example, the original file has a name dokumen.doc, after the injection Repulik size will be 5 KB and the icon will be changed to vbs (Visual Basic Script) that are easily recognizable.
If you file in the injection by the virus, I do not despair, because you can get the tools to restore this file in the DVD Chip. Run the file "Splitter_VBS2DOC_XLS" to restore the original files you have in the injection by Repulik.

Amburadul Amburadul

Songs like "SMS" the popular songs that raise the "SMS answer." Creator Hokage virus originating from the manufacturer Shields possess other viruses that also comes from the Central Kalimantan and try to eradicate the virus other than the Hokage, the virus Amburadul is also promoting the city as a place Jima tour using the name Kahayan Bridge as the name of the file the virus. Viruses of falsifying themselves as the file JPG has enough variants that vary with the size, from 51 KB up to 56 KB and detected by Norman as W32/Autorun and W32/Agent. (lihat gambar 4) (see picture 4)

In addition to try to eradicate the virus Hokage and convey the message that the war can encourage the virus, Amburadul also try try to use the command "Taskkill" to disable antivirus and security programs and conduct on the website Ddos www.duniasex.com, www.data0.net and www.rasasayang. com.my.
From a total of 449 new viruses received by the laboratory virus Vaksincom from January 2008 up to April 2008, 32.74% are variants of the virus, which is made using the VB programming language, followed by variants of the virus that autorun as 15.14%, other 16.39 Rontokbro% and 2.67% one conclusion can be drawn that the sample virus still dominate the local> 50% of new viruses received by the laboratory virus Vaksincom. Although the virus sample local dominate more than 50% but not necessarily dominate the local spread of the virus in Indonesia since the virus, according to statistics on the spread of the virus obtained Vaksincom, the current spread of the virus in Indonesia is still dominated by the virus with foreign motor Delf, Viking and some spyware. The virus is still local but to speak while the virus must recognize the severity foreigners.. So in a world of the virus apparently more important than the quality of quantity. In the world of virus
variants are relatively few compared to new viruses, such as local Delf and Viking can still defeat the virus that local variants are very many.

Virus-Windx Matrox

2008-12-02T07:17:00.001-08:00

Virus-Windx matrox latest generation is quite a lot of readers reported by PC Media and widely spread in Indonesia. This virus is quite interesting technical challenges and has edited since brought in several new techniques, including the complex. how it is done the file and astute use of encryption techniques. Bahkan antivirus luar yang heuristiknya termasuk paranoid tidak mampu mendeteksi kehadiran virus ini di file yang terinfeksi. Even antivirus outside the not heuristiknya including paranoid able to detect the presence of this virus in the infected files.
As we, until the paper was made, none of antivirus software in the world that the virus is able to overcome this thoroughly, including restoring the infected executable files. Thus antivirus software that is currently even remove files that you have been infected Windx-Maxtrox.
Cleaning manual rant to some mass media in Indonesia we do not value much help overcome the virus completely. Unfortunately again, the intention of both parties in the virus is to inform the mass media is not balanced by good technical ability and adequate in the disassembly and downloading a virus that somehow this completely. As a result, some information to clear this virus is fatal even that will cause the infected files had disappeared, not restored.
Therefore, the Media PC PCMAV 1.6 Update Build3 which has been equipped with a special cleaner engines to overcome the virus-Windx matrox completely to the "radical" and able to recover a file that is infected, despite dienkrip, to return intact, 100%! Do not take the risk, only use Build3 PCMAV 1.6 for the virus to overcome this thoroughly.. In PCMAV 1.7 later this special cleaner engines have also been available. In addition, the article also features the results of the analysis complete virus Windx-Maxtrox to align some of the error analysis is that the virus was circulating in the media, both print and online.
For your users PCMAV 1.6 is recommended to update immediately, so that PCMAV you can identify and eradicate the virus more. Thus, the total virus that can be detected up to Build3 this time the virus is 38.
To obtain and use PCMAV this update, make sure the first PCMAV RealTime Protector is not active.. If so, you must close the application first. Then you simply run PCMAV Cleaner (PCMAV-CLN.exe), the computer must be switched on to connect to the Internet (non-proxy). Features GetUpdates from PCMAV will automatically give an address on the Internet where you can download the update files. Place the downloaded file (PCMAV.vdb) to the folder where PCMAV are.. If there has been a long update files, you simply drosysgrifo.. And later when you return PCMAV run, he is in condition pitch update.
But for that you want to update the files manually, you can download it through some of this address: SendSpace.com, Badongo.com (mirror), or UploadMB.com (mirror).

Virus Windx-Maxtrox : Windx virus-Maxtrox:
• Maxtrox intended by the creator of the virus is Maximum Troxer. String on the body of the virus.
• Project viruses use this form that he called MSystem, in the form, there are several components such as PictureBox, Label, and others. In addition to the form, of course, there are also in the module. Ia di- compile dengan metode P-code. He was last in the P-code method.
• Virus is suspected of strong local originating from regions such as North Sulawesi previous variants. Moreover, this is supported by the existence of the identifier string in the body that is "UNKLAB" suspected to appoint one of the universities there.
• This virus does not use the icon, but he has the ability to get the program icon from the diinfeksinya.
• When Infected, this virus will file folder on the mainland \ Windows \ system32 with the name CommandPrompt.Sysm, Desktop.sysm and Windows 3D.scr. With previous, he has to make me-or register a new extension that is. And MSD. SYSM which will be run as which shows the files. EXE.
• He also created the master file to run to be active in memory, which is saved in "C: \ Documents and Settings \% username% \ Application Data \ Microsoft" or "C: \ Documents and Settings \% username% \ My Network Places \ Network Connections \ ", using a different name, taken from a combination of the following strings: UX, vc, sc, ds, cs, iz, am, d, n, a, w, h, n,. Exe, g.exe , W.exe, a.exe, v.exe, p.exe, t.exe.
• Can be Active for automatically, he created the registry in the "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run \" with the name VisualStyle.
• He uses encryption techniques to protect the string-string in it. Encryption techniques are used, namely Caesar Cipher, by adding a forward or a character.
• He created a file maxtrox.txt in the system32 directory that contains only the string "UNKLAB."
• If this provision is eligible "if (Month (Now) mode 4) = 0) and (Day (Now) <7) then" (The date of 1-6 in April, August and December), then, he will do some things as follows:
- -- Changing the desktop wallpaper image to be Battosai, there are at the top of the date of the day, and at the bottom there is writing "Hello% username%! If you have seen me, you are same as a fool guy!". If you have seen me, you are a fool same guy! ". % username% is the username that are active at that time.
- -- Checking the computer if the user running the sex, then it will terminate, and writing in the wallpaper changed to "Antivirus Detected! Sorry, now it isn't running anymore! ". Sorry, now it is not running anymore! ". Or if the user PCMAV run, there will be written like this "you try to kill me with PCMAV? Try with your ultime version! ". Try your ultime version ". This virus is known to have a database that stores string-string some antivirus products, and the string are also in the pitch-encryption. Among others: McAfee, Norton, virusscan, PCMAV, spyware, Norman, caspersky, chaspersky, Symantec, antivirus, scanvirus, esafe, avast, inoculan, f-secure, Utilities virus, anti slices, kaspersky, dr. Solomon, netshield, groupshield, thunderbyte, panda antivirus, global virus, vi-spy, sophos anti, interscan, viruswall, webprotect, officescan, scanmail, serverprotect, pc-cillin. Solomon, netshield, groupshield, thunderbyte, panda antivirus, a global
virus, vi-spy, anti sophos, InterScan, VirusWall, webprotect, officescan, scanmail, serverprotect, pc-cillin.
- -- Changing the wallpaper system32 folder, by using the same picture, as it is to change the desktop wallpaper, with the writing "I t'sa pleasure to meet you,% username%. Oh, nice vacation place. ". Oh, nice vacation place.. " And in the upper right corner there is a paper, "Maximum Troxer."
- -- The virus is also writing in the autorun registry for safe-mode, at:
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlterneShell HKLM\SYSTEM\ControlSet001\Control\SafeBoot\AlterneShell
HKLM\SYSTEM\ControlSet002\Control\SafeBoot\AlterneShell
- -- He also checks continuously, when the window was found with the caption "Windows Task Manager" will also terminate it.

Infeksi file .EXE: Infection files. EXE:
This virus will try menginfeksi executable files in the Program Files folder with the infected:
• he will first determine whether a file is the target of the executable files, how to read the first 2-byte file from the target. File executable yang valid, pada 2 byte pertama adalah "MZ" (4D5Ah). Executable file a valid, on 2-byte first is the "MZ" (4D5Ah).
• Then he will read the entire body of the target files to check his own signature, "0xA0 0xA0 0xA0 0 × 00 0xA0 0 × 00 0xA0 0xA0 0xA0" (hexa), to determine whether the file has been infected or not.
• Then he will mempersipakan buffer to inject new virus in the file to the target. Pada buffer tersebut, ia akan meletakan tubuhnya di awal, dan cerdiknya ia juga mengambil bagian resource yang terdiri dari icon dan version information dari file target. So any infected files will have the icon and version information is the same as the original file. Thus, the sequence diagram into the file: the file the virus, the target resource file, the virus signature, the contents of the file targets.
• In the contents of the file it does not target any paste it, because the header he has changed his previous, namely, to overwrite the first 2 bytes from 0 × 4D5A become 0xA0A0. And the start of the Offset Printing 0 × 2 to 0 × 97, he encryption every byte it uses Caesar Cipher with the addition of 2.
• When infected files are executed, he first will be to extract the files from the diinfeksikannya in the body in the same directory, the file name is slightly differentiated by its original name of the file, because the file name and extension is not separated by dots, but space, for instance from "wmplayer . exe "to" wmplayer exe ".. Then, extract the files it is results that will be run.

Glossary of VirusTerms

2008-12-02T06:51:00.001-08:00

ActiveX ActiveX controls are software modules based on the Microsoft® Component Object Model (COM) architecture. They add functionality to software applications by seamlessly incorporating pre-made modules with the basic software package. Modules can be interchanged but still appear as parts of the original software.

On the Internet, ActiveX controls can be linked to web pages and downloaded by an ActiveX-compliant browser. ActiveX controls turn web pages into software pages that perform like any other program launched from a server. ActiveX controls can have full system access. In most instances this access is legitimate, but one should be cautious of malicious ActiveX applications.

Adware Adware is a legitimate, non-replicating program designed to display ads to the end user, often based on monitoring of browsing habits, and often in exchange for the right to use a program without paying for it (a take on the shareware concept).

Algorithm An algorithm is a sequence of steps needed to solve logical or mathematical problems. Certain cryptographic algorithms are used to encrypt or decrypt data files and messages and to sign documents digitally.
Anti-antivirus virus Anti-antivirus viruses attack, disable, or infect specific anti-virus software. Also see: retrovirus.

Anti-virus software Anti-virus software scans a computer's memory and disk drives for viruses. If it finds a virus, the application informs the user and may clean, delete, or quarantine any files, directories, or disks affected by the malicious code. Also see: anti-virus scanner.

Anti-virus virus Anti-virus viruses specifically look for and remove other viruses.

Applet An applet is any miniature application transported over the Internet, especially as an enhancement to a web page. Authors often embed applets within the HTML page as a foreign program type.

Java applets are usually only allowed to access certain areas of the user's system. Computer programmers often refer to this area as the sandbox.

Armored virus An armored virus tries to prevent analysts from examining its code. The virus may use various methods to make tracing, disassembling, and reverse engineering its code more difficult.
ASCII ASCII stands for American Standard Code for Information Interchange. Usually, it refers to a coding system that assigns numerical values to characters such as letters, numbers, punctuation, and other symbols.

Basic ASCII allows only 7 bits per character (for a total of 128 characters). The first 32 characters are "unprintable" (line feed, form feed, etc.). Extended ASCII adds an additional 128 characters that vary between computers, programs and fonts. Computers use these extra characters for accented letters, graphical characters or other special symbols.

ASCII files ASCII files are usually text files consisting of only ASCII characters. With effort, it is possible to write program files consisting only of printable characters (See: EICAR Standard Anti-virus Test File). Windows® batch (BAT) files and Visual Basic Script (See: Batch Files, VBS) files are also typically pure text, and program files.

Because of the danger macro viruses can pose, using ASCII files in email communications may by less risky. While it is possible for ASCII files to contain program code, and thus to contain viruses, ASCII files let you control both content and layout exactly, ensuring your email is legible by the most email programs.

Attack An attack is an attempt to subvert or bypass a system's security. Attacks may be passive or active. Active attacks attempt to alter or destroy data. Passive attacks try to intercept or read data without changing it. Also see: brute-force attack, Denial of Service, hijacking, password attacks, password sniffing.

Attributes Attributes are characteristics assigned to all files and directories. Attributes include: read-only, archive, hidden, or system.

Back door A back door is a feature programmers often build into programs to allow special privileges normally denied to users of the program. Often programmers build back doors so they can fix bugs. If hackers or others learn about a back door, the feature may pose a security risk. This is also called a trap door.

Back orifice Back Orifice is a program developed and released by The Cult of the Dead Cow (cDc). It is not a virus; instead, it is a remote administration tool with the potential for malicious misuse. If installed by a hacker, it has the ability to give a remote attacker full system administrator privileges to your system. It can also "sniff" passwords and confidential data and quietly email them to a remote site. Back Orifice is an extensible program—programmers can change and enhance it over time. Also see: password sniffing.

Background scanning Background scanning is a feature in some anti-virus software to automatically scan files and documents as they are created, opened, closed, or executed.

Background task A background task is a task executed by the system that generally remains invisible to the user. The system usually assigns background tasks a lower priority than foreground tasks. Some malicious software is executed by a system as a background task so the user does not realize unwanted actions are occurring.

Backup n. A backup is a duplicate copy of data made for archiving purposes or for protection against damage and loss.

v. A backup is also the process of creating duplicate data. Some programs back up data files while maintaining both the current version and the preceding version on disk. However, a backup is not considered secure unless it is stored in a location separate from the original.

Batch files Batch files are text files containing one MS-DOS command on each line of the file. When run, each line executes in sequential order. The batch file AUTOEXEC.BAT is executed when the computer is booted, and it loads a series of controls and programs. This file type has the extension BAT.

Bayesian filter A Bayesian filter is a program that uses Bayesian logic (also called Bayesian analysis) to evaluate the header and content of an incoming email message to determine the probability that it constitutes spam.

Bimodal virus A bimodal virus infects both boot records and files. It is also called a bipartite virus. Also see: boot-sector infector, file virus, multipartite.

BIOS BIOS stands for Basic Input/Output System. It is the part of the operating system that identifies the set of programs used to boot the computer before it locates the system disk. The BIOS is located in the ROM (Read-Only Memory) area of system and is usually stored permanently.
Blog A blog is a web site where users regularly post up-to-date journal entries of their thoughts on any subject they choose. It is readable by anyone on the web.

Boot To boot a computer is to start (a cold boot) or reset (warm boot) the system so it is ready to run programs for the user. Booting the computer executes various programs to check and prepare the computer for use. Also see: cold boot, warm boot.

Boot record The boot record is the program recorded in the boot sector. This record contains information on the characteristics and contents of the disk and information needed to boot the computer. If a user boots a PC with a floppy disk, the system reads the boot record from that disk. Also see: boot sector.

Boot sector The boot-sector is an area located on the first track of floppy disks and logical disks that contains the boot record. Boot sector usually refers to this specific sector of a floppy disk, whereas the term master boot sector usually refers to the same section of a hard disk. Also see: master boot record.

Boot sector infector A boot-sector infector virus places its starting code in the boot sector. When the computer tries to read and execute the program in the boot sector, the virus goes into memory where it can gain control over basic computer operations. From memory, a boot-sector infector can spread to other drives (floppy, network, etc.) on the system. Once the virus is running, it usually executes the normal boot program, which it stores elsewhere on the disk. It is also called a boot virus, boot-sector virus, or BSI.

Bot network A bot network is a network of hijacked zombie computers controlled remotely by a hacker. The hacker uses the network to send spam and launch Denial of Service attacks, and may rent the network out to other cyber criminals. Also see: zombie.

Browser hijacker A browser hijacker is a type of spyware that allows the hacker to spy on the infected PC's browsing activity, to deliver pop-up ads, to reset the browser homepage, and to redirect the browser to other unexpected sites. Also see: spyware.

Brute-force attack A brute-force attack is an attack in which each possible key or password is attempted until the correct one is found. Also see: attack.

BSI See: boot-sector infector.

Bug A bug is an unintentional fault in a program that causes actions that neither the user nor the program author intended.

Cavity virus A cavity virus overwrites a part of its host file without increasing the length of the file while also preserving the host's functionality.

Checksum A checksum is an identifying number calculated from file characteristics. The slightest change in a file changes its checksum.

Clean adj. A computer, file, or disk that is free of viruses is considered clean.

v. To clean is to remove a virus or other malicious software from a computer, file, or disk. Also see: disinfection.

Cluster virus Cluster viruses modify the directory table entries so the virus starts before any other program. The virus code only exists in one location, but running any program runs the virus as well. Because they modify the directory, cluster viruses may appear to infect every program on a disk. They are also called file system viruses.

Cold boot To cold boot is to start the computer by cycling the power. A cold boot using a rescue disk (a clean floppy disk with boot instructions and virus scanning capabilities) is often necessary to clean or remove boot-sector infectors. Also see: boot, warm boot.

COM file A COM file is a type of executable file limited to 64 kb. These simple files are often used for utility programs and small routines. Because COM files are executable, viruses can infect them. This file type has the extension COM.

Companion virus Companion viruses use a feature of DOS that allows software programs with the same name, but with different extensions, to operate with different priorities. Most companion viruses create a COM file which has a higher priority than an EXE file with the same name.

Thus, a virus may see a system contains the file PROGRAM.EXE and create a file called PROGRAM.COM. When the computer executes PROGRAM from the command line, the virus (PROGRAM.COM) runs before the actual PROGRAM.EXE. Often the virus will execute the original program afterwards so the system appears normal.

Compromise To compromise a system is to access or disclose information without authorization. Top
Cookie Cookies are blocks of text placed in a file on your computer's hard disk. Web sites use cookies to identify users who revisit their site.

Cookies might contain login or registration information, "shopping cart" information or user preferences. When a server receives a browser request that includes a cookie, the server can use the information stored in the cookie to customize the web site for the user. Cookies can be used to gather more information about a user than would be possible without them.

Crimeware Crimeware is malicious software such as viruses, Trojan horses, spyware, deceptive scripts, and other programs used to commit crimes on the Internet including identity theft and fraud. Also see: malware.

Cyber gangs Cyber gangs are groups of hackers, crackers, and other cyber criminals that pool their resources to commit crimes on the Internet. Organized crime is often involved in cyber gang activity. Also see: cyber criminals.

Cyber criminals Cyber criminals are hackers, crackers, and other malicious users that use the Internet to commit crimes such as identity theft, PC hijacking, illegal spamming, phishing and pharming, and other types of fraud. Also see: cyber gangs.

Default password A default password is the password on a system when it is first delivered or installed.

Denial of service (DoS) A Denial of Service (DoS) attack is an attack specifically designed to prevent the normal functioning of a system and thereby to prevent lawful access to the system by authorized users.

Hackers can cause Denial of Service attacks by destroying or modifying data or by overloading the system's servers until service to authorized users is delayed or prevented. Also see: attack.
Dialer Dialers are programs that use a system, without your permission or knowledge, to dial out through the Internet to a 900 number or FTP site, typically to accrue charges.

Direct action virus A direct-action virus works immediately to load itself into memory, infect other files, and then to unload itself. Top
Disinfection Most anti-virus software carries out disinfection after reporting the presence of a virus to the user. During disinfection, the virus may be removed from the system and, whenever possible, any affected data is recovered.

DNS DNS stands for Domain Name System or Domain Name Server. A DNS server helps users find their way around the Internet by translating each web site's IP address, which is a string of numbers, into its easy-to-remember domain name.

DOC file A DOC file is a Microsoft Word Document File. In the past, these files contained only document data, but with many newer versions of Microsoft Word, DOC files also include small programs called macros. Many virus authors use the macro programming language to associate macros with DOC files. This file type has the extension DOC. Top
DOS DOS stands for Disk Operating System. This is generally any computer operating system, though the term is often used as shorthand for MS-DOS—the operating system used by Microsoft before Windows was developed.
Dropper A dropper is a carrier file that installs a virus on a computer system. Virus authors often use droppers to shield their viruses from anti-virus software. The term injector often refers to a dropper that installs a virus only in memory.

EICAR EICAR stands for European Institute of Computer Anti-Virus Research. In conjunction with several anti-virus software companies, EICAR has developed a test file for anti-virus software. Also see: EICAR Standard Anti-Virus Test File.

EICAR Standard Anti-Virus Test File The EICAR Standard Anti-Virus Test File consists of one line of printable characters; if saved as EICAR.COM, it can be executed and displays the message: "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!" This provides a safe and simple way of testing the installation and behavior of anti-virus software without using a real virus.

Encrypted virus An encrypted virus's code begins with a decryption algorithm and continues with scrambled or encrypted code for the remainder of the virus. Each time it infects, it automatically encodes itself differently, so its code is never the same. Through this method, the virus tries to avoid detection by anti-virus software.
Encryption Encryption is the scrambling of data so that it becomes difficult to unscramble and interpret.

EXE file An EXE is an executable file. Usually, it is executed by double-clicking its icon or a shortcut on the desktop, or by entering the name of the program at a command prompt. Executable files can also be executed from other programs, batch files, or various script files. The vast majority of known viruses infect executable files. This is also called a program file.

False negative A false negative error occurs when anti-virus software fails to indicate that an infected file is truly infected. False negatives are more serious than false positives, although both are undesirable. False negatives are more common with anti-virus software because the may miss a new or a heavily modified virus. Also see: false positive.

False positive A false positive error occurs when anti-virus software wrongly claims that a virus is infecting a clean file. False positives usually occur when the string chosen for a given virus signature is also present in another program. Also see: false negative.

Fast infector Fast infector viruses, when active in memory, infect not only executed programs, but also other programs that are open at the same time. Thus, running an application, such as anti-virus software, which opens many programs but does not execute them, can result in all programs becoming infected. Also see: slow infector.

FAT An FAT is a File Allocation Table. Under MS-DOS, Windows 3.x, 9x, and NT (in some cases), the FAT is located in the boot sector of the disk and stores the addresses of all the files contained on a disk. Viruses and other malicious programs, as well and normal use and extended wear and tear, can damage the FAT. If the FAT is damaged or corrupted, the operating system may be unable to locate files on the disk.

FDISK/MBR If you have MS-DOS version 5.0 or later, the command FDISK/MBR can remove viruses that infect the master boot sector but do not encrypt it. Using this command can produce unexpected results and cause unrecoverable damage.

File viruses File viruses usually replace or attach themselves to COM and EXE files. They can also infect files with the extensions SYS, DRV, BIN, OVL, and OVY.

File viruses may be resident or non-resident, the most common being resident or TSR (terminate-and-stay-resident) viruses. Many non-resident viruses simply infect one or more files whenever an infected file runs. These are also called parasitic viruses, file infectors, or file infecting viruses.

Firewall A firewall prevents computers on a network from communicating directly with external computer systems. A firewall typically consists of a computer that acts as a barrier through which all information passing between the networks and the external systems must travel. The firewall software analyzes information passing between the two and rejects it if it does not conform to pre-configured rules.
Fram Spam forwarded to you by a family member, friend or colleague.

Good times See: virus hoaxes.

Hacker A hacker is a person who creates and modifies computer software and hardware, including computer programming, administration, and security-related items. This can be done for either negative or positive reasons. Criminal hackers create malware in order to commit crimes. Also see: malware, cyber criminals, cyber gangs.

Heuristic analysis Heuristic analysis is behavior-based analysis of a computer program by anti-virus software to identify a potential virus. Often heuristic scanning produces false alarms when a clean program behaves as a virus might.

Hijacking Hijacking is an attack whereby an active, established session is intercepted and used by the attacker. Hijacking can occur locally if, for example, a legitimate user leaves a computer unprotected. Remote hijacking can occur via the Internet.

Hole A hole is a vulnerability in the design software and/or hardware that allows circumvention of security measures.

Host Host is a term often used to describe the computer file to which a virus attaches itself. Most viruses run when the computer or user tries to execute the host file.

In the wild (ITW) A virus is "in the wild" (ITW) if it is verified as having caused an infection outside a laboratory situation. Most viruses are in the wild and differ only in prevalence. Also see: zoo virus. Top
Infection Infection is the action a virus carries out when it enters a computer system or storage device.

Injector See: dropper.

JavaScript JavaScript is a scripting language that can run wherever there is a suitable script interpreter such as web browsers, web servers, or the Windows Scripting Host. The scripting environment used to run JavaScript greatly affects the security of the host machine: A web page with JavaScript runs within a web browser in much the same way as Java applets and does not have access to host machine resources.

An Active Server Page (ASP) or a Windows Scripting Host (WSH) script containing JavaScript is potentially hazardous since these environments allow scripts unrestricted access to machine resources (file system, registry, etc.) and application objects.

Joke programs Joke programs are not viruses, but may contain a virus if infected or otherwise altered. These are also called practical joke programs.

Key The Windows Registry uses keys to store computer configuration settings. When a user installs a new program or the configuration settings are otherwise altered, the values of these keys change. If viruses modify these keys, they can do damage.

Keylogger Keyloggers are malicious programs that record the key strokes a user types on their PC, including instant message and email text, email addresses, web sites visited, passwords, credit card and account numbers, addresses, and other private data.

Library file Library files contain groups of often-used computer code that different programs can share. Programmers who use library code make their programs smaller since they do not need to include the code in their program. A virus that infects a library file automatically may appear to infect any program using the library file.

In Windows systems, the most common library file is the Dynamic Link Library; its extension is DLL.

Logic bomb A logic bomb is a type of Trojan horse that executes when specific conditions occur. Triggers for logic bombs can include a change in a file, a particular series of keystrokes, or a specific time or date. Also see: time bomb.

Macro A macro is a series of instructions designed to simplify repetitive tasks within a program such as Microsoft Word, Excel, or Access. Macros execute when a user opens the associated file. Microsoft's latest macro programming language is simple to use, powerful, and not limited to Word documents. Macros are in mini-programs and can be infected by viruses. Also see: macro virus.

Macro virus A macro virus is a malicious macro. Macro viruses are written in a macro programming language and attach to a document file such as Word or Excel. When a document or template containing the macro virus is opened in the target application, the virus runs, does its damage, and copies itself into other documents. Continual use of the program results in the spread of the virus.

Mail bomb A mail bomb is an excessively large email (typically many thousands of messages) or one large message sent to a user's email account. This is done to crash the system and prevent genuine messages from being received.

Malicious code Malicious code is a piece of code designed to damage a system and the data it contains, or to prevent the system from being used in its normal manner.

Malware Malware is a generic term used to describe malicious software such as viruses, Trojan horses, spyware, and malicious active content.

Mapped drives Mapped drives are network drives assigned local drive letters that are locally accessible. For example, the directory path \\MAIN\JohnDoe\ might be mapped as drive G: on a computer.
Master boot record The master boot record (MBR) is the 340-byte program located in the master boot sector. This program reads the partition table, determines what partition to boot, and transfers control to the program stored in the first sector of that partition. There is only one master boot record on each physical hard disk. It is also called the partition table. Also see: boot record.

Master boot sector The master boot sector is the first sector of a hard disk. This sector is located at sector 1, head 0, track 0. The sector contains the master boot record. Also see: master boot record.

Master boot sector virus Master boot-sector viruses infect the master boot sector of hard disks, though they spread through the boot record of floppy disks. The virus stays in memory, waiting for DOS to access a floppy disk. It then infects the boot record on each floppy disk DOS accesses. They are also called master boot-record viruses. Also see: boot record.

MBR See: Master boot record.
Memory-resident virus A memory-resident virus stays in memory after it executes, and it infects other files when certain conditions are met. In contrast, non-memory-resident viruses are active only while an infected application runs.

MP3 File MP3 files are Moving Picture Experts Group Audio Layer 3 files. They are highly compressed audio tracks, and are very popular on the Internet. MP3 files are not programs, and viruses cannot infect them. This file type has the extension MP3.

MS-DOS MS-DOS is the Microsoft Disk Operating System. Microsoft developed this operating system for the IBM platform before Windows. Windows operating systems rely heavily on MS-DOS and can execute most MS-DOS commands.

Multipartite virus Multipartite viruses use a combination of techniques including infecting documents, executables and boot sectors to infect computers. Most multipartite viruses first become resident in memory and then infect the boot sector of the hard drive. Once in memory, multipartite viruses may infect the entire system.

Removing multipartite viruses requires cleaning both the boot sectors and any infected files. Before you attempt the repair, you must have a clean, write-protected rescue disk.

Mutant See: variant.
Mutating virus A mutating virus changes, or mutates, as it progresses through its host files making disinfection more difficult. The term usually refers to viruses that intentionally mutate, though some experts also include non-intentionally mutating viruses. Also see: polymorphic virus.

Newsgroup A newsgroup is an electronic forum where readers post articles and follow-up messages on a specified topic. An Internet newsgroup allows people from around the world discuss common interests. Each newsgroup name indicates the newsgroup's subject in terms of increasingly narrow categories, such as alt.comp.virus.

Not in the wild Viruses "not in the wild" are in the real world but fail to spread successfully. Also see: in the wild, zoo virus.
NTFS: NTFS is the NT File System; a Windows NT file system used to organize and keep track of files. Also see: FAT.

On-access scanner An on-access scanner is a real-time virus scanner that scans disks and files automatically in the background as the computer accesses the files.

On-demand scanner An on-demand scanner is a virus scanner the user starts manually. Most on-demand scanners allow the user to set various configurations and to scan specific files, folders, and disks.

Operating system The operating system (OS) is the underlying software that enables you to interact with the computer. The operating system controls computer storage, communications, and task management functions. Examples of common operating stems are MS-DOS, MacOS, Linux, and Windows 98.

Overwriting virus An overwriting virus copies its code over its host file's data, thus destroying the original program. Disinfection is possible, although files cannot be recovered. It is usually necessary to delete the original file and replace it with a clean copy.
Password attacks A password attack is an attempt to obtain or decrypt a legitimate user's password. Hackers can use password dictionaries, cracking programs, and password sniffers in password attacks. Defense against password attacks is rather limited but usually consists of a password policy including a minimum length, unrecognizable words, and frequent changes. Also see: password sniffing.

Password Sniffing Password sniffing is the use of a sniffer to capture passwords as they cross a network. The network could be a local area network, or the Internet itself. The sniffer can be hardware or software. Most sniffers are passive and only log passwords. The attacker must then analyze the logs later. Also see: sniffer.

Payload Payload refers to the effects produced by a virus attack. It sometimes refers to a virus associated with a dropper or Trojan horse.

Peer-to-peer (P2P) networking Peer-to-peer (P2P) networking is a distributed system of file sharing where any PC on the network can see any other PC on the network. Users access each others' hard drives to download files. This type of file sharing is valuable, but it brings up copyright issues for music, movies, and other shared media files. Users are also vulnerable to viruses, Trojans, and spyware hiding in files. Also see: Trojan horse, spyware.

PGP PGP stands for Pretty Good Privacy. It is considered the strongest program for encrypting data files and/or email messages on PCs and Macintosh computers. PGP includes authentication to verify the sender of a message and non-repudiation to prevent someone denying they sent a message.
Pharming Pharming is the exploitation of a vulnerability in DNS server software that allows a hacker to redirect a legitimate web site's traffic to a counterfeit web site. The spoofed site is designed to steal personal information such as usernames, passwords, and account information.
Phishing Phishing is a form of criminal activity using social engineering techniques through email or instant messaging. Phishers attempt to fraudulently acquire other people's personal information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication.
Piggyback To piggyback is to gain unauthorized access to a system by exploiting an authorized user's legitimate connection.

Polymorphic virus Polymorphic viruses create varied (though fully functional) copies of themselves as a way to avoid detection by anti-virus software. Some polymorphic virus use different encryption schemes and require different decryption routines. Thus, the same virus may look completely different on different systems or even within different files. Other polymorphic viruses vary instruction sequences and use false commands in the attempt to thwart anti-virus software. One of the most advanced polymorphic viruses uses a mutation engine and random-number generators to change the virus code and its decryption routine. Also see: mutating virus.
Program infector A program infector virus infects other program files once an infected application is executed and the activated virus is loaded into memory.

Ransomware Ransomware is malicious software that encrypts the hard drive of the PC that it infects. The hacker then extorts money from the PC's owner in exchange for decryption software to make the PC's data usable again.

Real-time scanner A real-time scanner is an anti-virus software application that operates as a background task, allowing the computer to continue working at normal speed while it works. Also see: on-access scanner.

Redirect A redirect is an action used by some viruses to point a command to a different location. Often this different location is the address of the virus and not the original file or application.

Rename A rename is an action by which a user or program assigns a new name to a file. Viruses may rename program files and take the name of the file so that running the program inadvertently runs the virus. Anti-virus programs may rename infected files, making them unusable until they are manually cleaned or deleted.

Replication Replication is the process by which a virus makes copies of itself in order to carry out subsequent infections. Replication is one of major criteria separating viruses from other computer programs. Top
Reset To reset is to restart a computer without turning it off. This is also called a warm boot.

Resident virus A resident virus loads into memory and remains inactive until a trigger event. When the event occurs, the virus activates, either infecting a file or disk, or causing other consequences. All boot viruses are resident viruses and so are the most common file viruses.

Resident extension A resident extension is a memory-resident portion of a program that remains active after the program ends. It essentially becomes an extension to the operating system. Many viruses install themselves as resident extensions.

Rogue program A rogue program is a term the media uses to denote any program intended to damage programs or data, or to breach a system's security. It includes Trojan horse programs, logic bombs, and viruses.

RTF file RTF stands for Rich Text Format. It is an alternative format to the DOC file type supported by Microsoft Word. RTF files are ASCII text files and include embedded formatting commands. RTF files do not contain macros and cannot be infected with a macro virus.

This makes RTF files a good document format for communicating with others via email. However, some macro viruses attempt to intercept saving a file as an RTF file and instead save it as a DOC file with an RTF extension. Users can catch this trick by first reading the file in a simple text editor like Notepad. DOC files will be nearly unreadable, while RTF files will be readable.

Scanner A scanner is a virus detection program that searches for viruses. Also see: anti-virus software, on-demand scanner, on-access scanner.

Sector viruses See: boot-sector infector, master boot-sector virus.

Self-encrypting virus Self-encrypting viruses attempt to conceal themselves from anti-virus programs. Most anti-virus programs attempt to find viruses by looking for certain patterns of code (known as virus signatures) that are unique to each virus. Self-encrypting viruses encrypt these text strings differently with each infection to avoid detection. Also see: self-garbling virus, encrypted virus.

Self-extracting files A self-extracting file decompresses part of itself when executed. Software authors and others often use this file type to transmit files and software via the Internet since compressed files conserve disk space and reduce download time. Some anti-virus products may not search self-extracting file components. To scan these components, you must first extract the files and then scan them.

Self-garbling Viruses A self-garbling virus attempts to hide from anti-virus software by garbling its own code. When these viruses spread, they change the way they are encoded so anti-virus software cannot find them. A small portion of the virus code decodes the garbled code when activated. Also see: self-encrypting virus, polymorphic virus.

Shared Drive A shared drive is a disk drive available to other computers on the network. Shared drives use the Universal Naming Convention (UNC) to differentiate themselves from other drives. Also see: mapped drives.

Shareware Shareware is software distributed for evaluation without cost, but that requires payment to the author for full rights. If, after trying the software, you do not intend to use it, you simply delete it. Using unregistered shareware beyond the evaluation period is pirating.

Signature A signature is a search pattern—often a simple string of characters or bytes—expected to be found in every instance of a particular virus. Usually, different viruses have different signatures. Anti-virus scanners use signatures to locate specific viruses.

Slow infector Slow infectors are active in memory and only infect new or modified files. Also see: fast infector.
SMTP SMTP stands for Simple Mail Transport Protocol. It is the Internet email delivery format for transmitting email messages between servers.
Sniffer A sniffer is a software program that monitors network traffic. Hackers use sniffers to capture data transmitted over a network.

Spam Spam is unsolicited or undesired bulk electronic messages. There is email spam, instant messaging spam, Usenet newsgroup spam, web search-engine spam, spam in blogs, and mobile phone-messaging spam. Spam includes legitimate advertisements, misleading advertisements, and phishing messages designed to trick recipients into giving up personal and financial information.

Spam Filter A spam filter is a program used to detect unsolicited email to prevent spam from making it to a user's inbox. Filters use heuristics, keyword scans, whitelists and blacklists, and other processes. The filters are placed on email and ISP servers, in anti-spam software, and in anti-phishing browsers. Also see: Bayesian filter, heuristic analysis.
Spim Spim is spam for instant messaging. The messages can be simple unsolicited ads, or fraudulent phishing mail. Also see: spam, phishing.

Sparse infector viruses use conditions before infecting files. Examples include files infected only on the 10th execution or files that have a maximum size of 128kb. These viruses use the conditions to infect less often and therefore avoid detection. They are also called sparse viruses.

Spoofed web site A spoofed web site is one that mimics a real company's site—mainly financial services sites—in order to steal private information (passwords, account numbers) from people that are tricked into visiting it. Phishing emails contain links to the counterfeit site, which looks exactly like the real company's site, down to the logo, graphics, and detailed information. Also see: phishing.

Spyware Spyware is a wide range of unwanted programs that exploit infected computers for commercial gain. They can deliver unsolicited pop-up advertisements, steal personal information (including financial information such as credit card numbers), monitor web-browsing activity for marketing purposes, or route HTTP requests to advertising sites.

Stealth virus Stealth viruses attempt to conceal their presence from anti-virus software. Many stealth viruses intercept disk-access requests, so when an anti-virus application tries to read files or boot sectors to find the virus, the virus feeds the program a "clean" image of the requested item. Other viruses hide the actual size of an infected file and display the size of the file before infection.

Stealth viruses must be running to exhibit their stealth qualities. They are also called interrupt interceptors.

String A string is a consecutive series of letters, numbers, and other characters. "afsH(*&@~" is a string; so is "The Mad Hatter." Anti-virus applications often use specific strings, called virus signatures, to detect viruses. Also see: signature.
System boot record See: Boot record.

Template Certain applications use template files to pre-load default configurations settings. Microsoft Word uses a template called NORMAL.DOT to store information about page setup, margins, and other document information.

Time bomb A time bomb is a malicious action triggered at a specific date or time. Also see: logic bomb.

Timestamp The timestamp is the time of creation or last modification recorded on a file or another object. Users can usually find the timestamp in the Properties section of a file.

TOM TOM stands for Top of Memory. It is a design limitation at the 640kb mark on most PCs. Often the boot record does not completely reach top of memory, thus leaving empty space. Boot-sector infectors often try to conceal themselves by hiding around the top of memory. Checking the top of memory value for changes can help detect a virus, though there are also non-viral reasons this value changes.

Triggered event A triggered event is an action built into a virus that is set off by a specific condition. Examples include a message displayed on a specific date or reformatting a hard drive after the 10th execution of a program.

Trojan horse A Trojan horse is a malicious program that pretends to be a benign application. It purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but they can be just as destructive.

TSR TSR stands for Terminate and Stay Resident. TSR programs stay in memory after being executed. They allow the user to quickly switch back and forth between programs in a non-multitasking environment, such as MS-DOS. Some viruses are TSR programs that stay in memory to infect other files and program. They are also called memory resident programs.

Tunneling Tunneling is a virus technique designed to prevent anti-virus applications from working correctly. Anti-virus programs work by intercepting the operating system before it can execute a virus. Tunneling viruses try to intercept the actions before the anti-virus software can detect the malicious code. New anti-virus programs can recognize many viruses with tunneling behavior.

UNC UNC stands for Universal Naming Convention. This is the standard for naming network drives. For example, a UNC directory path has the following form: \\server\resource-pathname\subfolder\filename.

Vaccination Vaccination is a technique some anti-virus programs use to store information about files in order to notify the user about file changes. Internal vaccines store the information within the file itself, while external vaccines use another file to verify the original for possible changes.

Variant A variant is a modified version of a virus. It is usually produced on purpose by the virus author or another person amending the virus code. If changes to the original are small, most anti-virus products will also detect variants. However, if the changes are large, the variant may go undetected by anti-virus software.

VBS Visual Basic Script. Visual Basic Script is a programming language that can invoke any system function--including starting, using and shutting down other applications without--user knowledge. VBS programs can be embedded in HTML files and provide active content via the Internet. Since not all content is benign, users should be careful about changing security settings without understanding the implications. This file type has the extension VBS.

Virus A virus is a computer program file capable of attaching to disks or other files and replicating itself repeatedly, typically without user knowledge or permission. Some viruses attach to files so when the infected file executes, the virus also executes. Other viruses sit in a computer's memory and infect files as the computer opens, modifies, or creates the files. Some viruses display symptoms, and others damage files and computer systems, but neither is essential in the definition of a virus; a non-damaging virus is still a virus.

There are computer viruses written for several operating systems including DOS, Windows, Amiga, Macintosh, Atari, UNIX, and others. McAfee.com presently detects more than 57,000 viruses, Trojans, and other malicious software. Also see: boot sector infector, file viruses, macro virus, companion virus, worm.

Virus Hoaxes Virus hoaxes are not viruses, but are usually emails warning people about a virus or other malicious software program. Some hoaxes cause as much trouble as viruses by causing massive amounts of unnecessary email.

Most hoaxes contain one or more of the following characteristics:

* Warnings about alleged new viruses and their damaging consequences
* Demands that the reader forward the warning to as many people as possible
* Pseudo-technical "information" describing the virus
* Bogus comments from officials: FBI, software companies, news agencies, etc.

If you receive an email message about a virus, check with a reputable source to ensure the warning is real. Click here to learn about hoaxes and the damage they cause. Sometimes hoaxes start out as viruses and some viruses start as hoaxes, so both viruses and virus hoaxes should be considered a threat.

Warm Boot Warm booting is restarting a computer without first turning off the power. Using CTL+ALT+DEL or the reset button on many computers can warm boot a machine. Also see: cold boot, reset.

Windows Scripting Windows Scripting Host (WSH) is a Microsoft-integrated module that lets programmers use any scripting language to automate operations throughout the Windows desktop.

Worm Worms are parasitic computer programs that replicate, but unlike viruses, do not infect other computer program files. Worms can create copies on the same computer, or can send the copies to other computers via a network. Worms often spread via Internet Relay Chat (IRC).

ZIP File A ZIP file is a compressed file. A zip archive contains compressed collections of zipped files. ZIP files are popular on the Internet because users can deliver multiple files in a single container, and the compressed files save disk space and download time. A ZIP file can contain viruses if any of the files packaged in it contain viruses, but the ZIP file itself is not directly dangerous. Other archive files include RAR, and LHA files. This file type has the extension ZIP.

Zombie A zombie is a PC that has been infected with a virus or Trojan horse that puts it under the remote control of an online hijacker. The hijacker uses it to generate spam or launch Denial of Service attacks. Also see: spam, Denial of Service.

Zoo A zoo is a collection of viruses used for testing by researchers. Also see: in the wild, zoo virus.

Zoo Virus A zoo virus exists in the collections of researchers and has never infected a real-world computer system. Also see: in the wild.

Protect Your PC: Five-Step Guide to secure Your PC

2008-12-02T06:28:00.001-08:00

At PC Pitstop, we get a lot of email from people having trouble with their computers. At least a couple of times a day, people unwittingly send us email that is infected with a virus or worm.

These can be nasty, nasty infections, and can cost you hours or days while you stop your work to disinfect your computer. In some cases, they can also wipe out your data. It's also incredibly embarrassing to have to call all your friends to explain why your computer sent them an infected email.

We can't stress strongly enough how important it is for you to do five things for every computer you own:

1. Secure your e-mail client against running unwanted scripts. If you use Outlook or Outlook Express and have not secured them, the main PC Pitstop tests will detect the situation and recommend that you apply the appropriate AutoFix.

2. Scan your computers at least weekly to make sure they aren't harboring viruses or worms. PC Pitstop's virus scanner, which uses a small "in-the-wild" virus list, will do a quick job of this. If you want a thorough virus scan or virus repairs we suggest CA Anti-Virus for complete safety. Also try CA Internet Security Suite for the complete protection.

3. Keep your AntiVirus software up-to-date. AntiVirus software vendors update their virus lists on a regular basis. Make sure you visit your vendor's Web site at least once a week to download the update. Most virus software offers an auto-update feature which will grab the updates for you; make sure this feature is enabled (if available) in your software.

4. Avoid running attachments (especially .EXE files) that come in your e-mail, even if they come from your friends, relatives or colleagues. The warped minds now writing e-mail viruses will do their best to lure you into running their viruses and worms by making them look like love letters, jokes or pornography. Once you or one of your friends succumbs to this temptation, the script will mail itself to everyone on that computer's address list.

5. Make frequent backups of your data files, and keep some of your backups out of your computer. We like to burn CD-R backup discs on a regular schedule; CD-RW and Zip discs also work well.

If your computer does succumb to a virus infection, you can find help at any anti-virus vendor. In many cases, the vendor will have free cleanup programs that you can download. Clean your computer as quickly as possible and break the chain! Keep the phone number of your anti-virus software support desk where you can find it when needed.

Minerva

2008-12-02T06:15:00.001-08:00

Minerva. Virus berukuran sekitar 340.981 bytes untuk Minerva.A dan 347.965 bytes untuk Minerva.B ini menggunakan tipuan sebagai flash games, dengan menggunakan icon yang mirip standar file flash. Jika user tergoda, dan tanpa sengaja mengaktifkan virus ini, yang muncul memang sebuah games. Dan games nya acak, bisa Mario Bros, Single Puzzle Hangman, atau yang lainnya. Ia memang menyimpan beberapa games pada tubuhnya. Yang tentunya ia lakukan untuk mengalihkan perhatian, padahal disatu sisi virus itu telah merasuki komputer sang korban, disaat user sedang asik memainkan games-nya. Virus ini mencoba masuk, dan me-register dirinya pada HKLM\System\CurrentControlSet\Services dengan nama Minerva, berharap bisa running sebagai services. Anda pun bisa menemukan file induknya dengan mudah pada folder StartUp dengan nama minerva.com. So, hati-hati jika mendapatkan file games berbentuk flash games, periksa terlebih dahulu.

Daftar tambahan virus PCMAV 1.9 Update Build3:
Aksika-Jatim
Aksika-Jatim.html
Aksika-Jatim.htt
Aksika.ini.B
Apong.B
Autoit.BT
Autoit.BU
DeathDrive
DeathDrive.inf
DeathDrive.ini
DeathDrive.txt
Formalin.C
Formalin.D
GadiHot.D
GetRaw.F
Hatred
Hatred.bat
Hatred.htt
Hatred.inf
Hatred.ini
HideTernate
HideTernate.bat
HideTernate.txt
Minerva.A
Minerva.B
Minerva.B.exe.A
Minerva.B.exe.B
Minerva.B.exe.C
Minerva.B.exe.D
Minerva.wav.A
Minerva.wav.B
Purwo.B
SkyEye
SkyEye.bak
Sumba
Sumba.htm
Sumba.inf
Sysabdas.B

Norton AntiVirus for Windows 2000/XP/Vista

2008-12-01T08:44:00.000-08:00

Supports the following versions of Symantec antivirus software:

* Norton Antivirus 2009 for Windows XP Home/XP Pro/Vista
* Norton Internet Security 2009 for Windows XP/Home/XP Pro/Vista
* Norton Antivirus 2008 for Windows XP Home/XP Pro/Vista
* Norton Internet Security 2008 for Windows XP/Home/XP Pro/Vista
* Norton 360 version 2.0 for Windows XP/Vista
* Symantec Endpoint Protection 11.0

20081201-006-v5i32.exe

Supports the following versions of Symantec antivirus software:

Norton AntiVirus 2003 Professional Edition
Norton AntiVirus 2003 for Windows 2000/XP Home/XP Pro
Norton AntiVirus 2004 Professional Edition
Norton AntiVirus 2004 for Windows 2000/XP Home/XP Pro
Norton AntiVirus 2005 for Windows 2000/XP Home/XP Pro
Norton AntiVirus 2006 for Windows 2000/XP Home/XP Pro
Norton AntiVirus 2007 for Windows XP Home/XP Pro/Vista
Norton 360 version 1.0 for Windows XP/Vista
Norton AntiVirus for Microsoft Exchange (Intel)
Norton SystemWorks (all versions)
Symantec AntiVirus 3.0 for CacheFlow Security Gateway
Symantec AntiVirus 3.0 for Inktomi Traffic Edge
Symantec AntiVirus 3.0 for NetApp Filer/NetCache
Symantec AntiVirus 9.0 Corporate Edition Client
Symantec AntiVirus 10.0 Corporate Edition Client
Symantec AntiVirus 10.1 Corporate Edition Client
Symantec AntiVirus 10.2 Corporate Edition Client
Symantec Mail Security for Domino v 5.x
Symantec Mail Security for Microsoft Exchange v 5.x

20081201-006-i32.exe