Majalah PC Media 02/2011 & PCMAV 4.6
Telah hadir edisi terbaru Majalah PC Media 02/2011 dengan Super DVD 8 GB, yang menyertakan juga antivirus kebanggaan Indonesia, PCMAV 4.6. Saat ini, PCMAV merupakan satu-satunya antivirus yang mampu mengenali 3.809 virus dan variannya yang dilaporkan banyak menyebar di Indonesia.
Segera dapatkan PCMAV 4.6 Ragnarok3 terbaru yang telah disempurnakan hanya dari majalah PC Media 02/2011 yang telah terbit. Segera pesan dan dapatkan di kios/agen terdekat.
Pertanyaan teknis harap disampaikan langsung ke redaksi PC Media melalui e-mail dengan sebelumnya Anda telah membaca dan memahami isi README.TXT. Dan kami akan berterimakasih jika Anda dapat meluangkan waktu untuk memberikan komentar sebatas penggunaan PCMAV 4.6 ini sebagai masukan dalam pengembangannya.
APA YANG BARU?/CHANGE-LOG
- UPDATED! UPDATED! Ditambahkan database pengenal dan pembersih 105 virus lokal/asing/varian baru yang dilaporkan menyebar di Indonesia. Total 3809 virus beserta variannya.
- ADDED! Removal engine khusus untuk membersihkan secara tuntas virus Nami-Ternate, Poet-Kompti, VB-Shortcut-WLogon beserta variannya yang menyebar luas di Indonesia.
- IMPROVED! Optimalisasi engine RTP sehingga lebih compatible dengan program yang sedang berjalan.
- IMPROVED! Perbaikan tampilan RTP yang terkadang melebar.
- IMPROVED! Penghapusan pesan error instalasi service saat menjalankan PCMAV di akun non-administrator.
- IMPROVED! Perubahan nama virus mengikuti varian baru yang ditemukan.
- IMPROVED! Perbaikan beberapa minor bug dan improvisasi kode internal untuk memastikan bahwa PCMAV tetap menjadi antivirus kebanggaan Indonesia.
ARTIKEL REVERSE CODE ENGINEERING
Pada majalah PC Media 02/2011 ini, Anda dapat membaca artikel menyangkut Reverse Code Engineering (RCE):
Eksploitasi Shorcut Si Pemicu Malware.
Diawali dengan kemunculan worm Stuxnet pada pertengahan Juni 2010, teknik eksploitasi shortcut banyak diikuti oleh malware-malware berikutnya yang dengan cepat menyebar luas, antara lain VB-Shortcut dan variannya. Bagaimana cara kerja eksploitasi shortcut yang memicu malware, akan dibahas pada artikel ini.
Antivirus Palsu.
Software antivirus sudah menjadi software wajib ada untuk sebagian pengguna, hal ini ternyata juga dapat dimanfaatkan pihak-pihak yang ingin mengambil keuntungan dengan menyebarkan antivirus palsu. Kenali ciri antivirus palsu agar tidak tertipu dan menjadi korbannya!
Teknik Code Obfuscation.
Prinsip Security Through Obscurity berpendapat bahwa keamanan dapat diraih dengan merahasiakan mekanisme sistem. Salah satu implementasinya adalah dengan code obsfuscation yang dapat digunakan untuk melindungi karya intelektual dari usaha reverse code engineering pihak lain, walaupun bagi virus maker justru digunakan untuk menghindari pendeteksian antivirus ataupun mempersulit analisa. Beberapa teknik code obfuscation akan dibahas pada artikel ini.
akhirnya setelah ditunggu”..
terbit juga..
saat nya nyari di tukang cepet” nih..
Pantesan kemaren Dicari di agen belum ada,,,
Ternyata baru keluar…siap nyari di agen
terdekat dah…hahahhah..Bravo PCMAV…
Semoga PCMAV 4.6 sesuai harapan
@Jiebond
sama. sy juga tgl 17 januari nyari-nyari blum ada.
ternyata baru terbit sekarang.. okay
Akhirnya terbit juga ni majalah, segera ke TKP gan
uhuk uhuk
ini edisi ekonomisnya tgl brp bakal muncul? awal bulan dpn?
akhirnya keluar juga
Thank you so much PCMAV…
pc media telat terbitnya nih
mantap…
kita lht aksinya PCMAV 4.6 vs Sality/M.Variant
@Heri
masih tolol aja, wkwkw
udah nunggu dari tanggal 10 kemarin baru keluar sekarang tho….
DI PC Media 09/2010 disebutkan bahwa saat menginstall linux langsung terinstal trojan, vulnarebity database linux memiliki 9963 kelemahan dan windows 1692 kelemahan. linux memiliki 819 di kernelnya dan windows memiliki 687 kelemahan. Microsoft sering diserang karena memang penggunanya lebih banyak dibanding OS yang lain, sehingga seolah-olah Microsoft software nya rentan virus.
Hem Pc Media dapat darimana nih info, kasih juga donk link nya, jangan cuman search aja di google, bener bener menyesatkan sekali, kalu bikin artikel yang bermutu dikit dong, jangan karena pcmedia mengupas windows terus terus membuat artikel seperti itu, pembaca anda bukan dari kalangan pengguna windows… weleh weleh
@apa apaan
Coba lihat di Secunia Advisory and Vulnerability Database
@apa apaan
saya sampai baca langsung majalahnya, ternyata ketahuan deh siapa yang menyesatkan
kalau mengutip, jangan setengah2 gan, itu baru namanya menyesatkan.
kan di artikelnya udah jelas2 ditulis:
“Jika Anda mencari melalui Secunia Advisory dan Vulerability Database, Anda akan menemukan lebih banyak kerentanan keamanan untuk “Linux” (9963)….” dst dst.. dari situ aja udah jelas dari mana sumbernya.
lain kali kalau comment yang bermutu dikit dong
saya pake avira premium cuma kalo saya gabungin dengan pcmav kok selalu crash ya?? Thanx atas info dari rekan rekan lain.
Tapi kenapa masih saja muncul pesan error ya kalau saya buka windows explorer. Error tersbut muncul jika RTP PCMAV aktif bersama antivirus lain.
Saya pakai OS MS Windows XP SP-3.
Mengharapkan nga da splash screen …. T.T
Mangap mau tanya,kok versi PCMAV berubah ubah terus ya?terus kalo mau download update PCMAV dimana link yang bisa dikunjungi,bisa ga update offline?jadi download update PCMAV terus ngupdate di komputer yang tidak tersambung ke internet….thx
setelah scan pake pcmav 4.6 banyak sekali file exe yang dianggap virus sality/m.variant, setelah dikarantina software nya jadi banyak yang tidak bisa digunakan karena di blokir oleh pcmav. bahkan ada beberapa yang harus install ulang, itupun baru bisa jalan kalo pcmav nya di non aktipkan, bagaimana solusinya ? ditunggu infonya, terima kasih
u/ PCMAV Valhalla Beta, ni AV punya fitur wat blokir website yg terindikasi mengandung malware/virus berbahaya ya…. Tapi kok waktu logoff sering freezing dan kalo waktu shutdown jadi sedikit lebih lama. Berikut isi file bugreport.txt :
date/time : 2011-01-21, 20:49:31, 46ms
computer name : HOME-PC
user name : User
registered owner : Personal User / Preferred Customer
operating system : Windows XP Service Pack 3 build 2600
system language : English
system up time : 14 hours 18 minutes
program up time : 1 hour 8 minutes
processors : 2x Intel(R) Pentium(R) D CPU 3.00GHz
physical memory : 1237/2046 MB (free/total)
free disk space : (C:) 192.53 GB
display mode : 1360×768, 32 bit
process id : $1764
allocated memory : 398.68 MB
executable : !PCM4V.exe
exec. date/time : 2011-01-17 13:33
version : 5.0.0.0
compiled with : Delphi 2006/07
madExcept version : 3.0l
!PCM4V.exe.mad : $00026104, $34333e31, $4c3be920
callstack crc : $5563e22d, $a233cd5f, $a233cd5f
exception number : 1
exception message : The application seems to be frozen.
main thread ($bf0):
7c90d718 +00a ntdll.dll NtQueryAttributesFile
7c80b84d +061 kernel32.dll GetFileAttributesW
7c8115f4 +018 kernel32.dll GetFileAttributesA
0045841f +00b !PCM4V.exe segment%26 public%2473
005ea4d1 +14d !PCM4V.exe segment%249 public%11868
00490a7f +00f !PCM4V.exe segment%48 public%4323
00490963 +02b !PCM4V.exe segment%48 public%4318
00475b1c +014 !PCM4V.exe segment%31 public%3529
7e4196c2 +00a USER32.dll DispatchMessageA
004c4418 +0fc !PCM4V.exe segment%58 public%5996
004c4452 +00a !PCM4V.exe segment%58 public%5998
004c4763 +0b3 !PCM4V.exe segment%58 public%6003
00682294 +1f0 !PCM4V.exe segment%417 public%13104
thread $ec8 (TWndProc):
006652b3 +1f !PCM4V.exe segment%279 public%12695
thread $528:
7c90d9d8 +00a ntdll.dll NtReadFile
7c801873 +061 kernel32.dll ReadFile
005b0209 +1e5 !PCM4V.exe segment%204 public%10530
00452775 +00d !PCM4V.exe segment%23 public%2335
004527df +037 !PCM4V.exe segment%23 public%2336
>> created by thread $b2c at:
005b0478 +22c !PCM4V.exe segment%204 public%10531
thread $fb4:
7c90d218 +a ntdll.dll NtDelayExecution
thread $9b0:
7c90da48 +a ntdll.dll NtRemoveIoCompletion
thread $1208:
7c90df48 +a ntdll.dll NtWaitForMultipleObjects
thread $150c (TRegMonitorThread):
7c90df58 +0a ntdll.dll NtWaitForSingleObject
7c8025d5 +85 kernel32.dll WaitForSingleObjectEx
7c80253d +0d kernel32.dll WaitForSingleObject
0066c336 +12 !PCM4V.exe segment%284 public%12830
00452893 +2b !PCM4V.exe segment%23 public%2337
004743a8 +34 !PCM4V.exe segment%31 public%3422
004056f4 +28 !PCM4V.exe segment%0 public%250
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by main thread ($bf0) at:
0066c1e4 +18 !PCM4V.exe segment%284 public%12827
thread $99c (TRegMonitorThread):
7c90df58 +0a ntdll.dll NtWaitForSingleObject
7c8025d5 +85 kernel32.dll WaitForSingleObjectEx
7c80253d +0d kernel32.dll WaitForSingleObject
0066c336 +12 !PCM4V.exe segment%284 public%12830
00452893 +2b !PCM4V.exe segment%23 public%2337
004743a8 +34 !PCM4V.exe segment%31 public%3422
004056f4 +28 !PCM4V.exe segment%0 public%250
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by main thread ($bf0) at:
0066c1e4 +18 !PCM4V.exe segment%284 public%12827
thread $b70:
7c90d9d8 +00a ntdll.dll NtReadFile
7c801873 +061 kernel32.dll ReadFile
005b0209 +1e5 !PCM4V.exe segment%204 public%10530
00452775 +00d !PCM4V.exe segment%23 public%2335
004527df +037 !PCM4V.exe segment%23 public%2336
>> created by thread $1198 at:
005b0478 +22c !PCM4V.exe segment%204 public%10531
thread $ae8:
7c90df48 +00a ntdll.dll NtWaitForMultipleObjects
7c80958a +000 kernel32.dll WaitForMultipleObjectsEx
7c80a110 +013 kernel32.dll WaitForMultipleObjects
00452775 +00d !PCM4V.exe segment%23 public%2335
004527df +037 !PCM4V.exe segment%23 public%2336
>> created by main thread ($bf0) at:
769c887a +273 USERENV.dll RegisterGPNotification
thread $135c:
7c90df48 +0a ntdll.dll NtWaitForMultipleObjects
7c80958a +00 kernel32.dll WaitForMultipleObjectsEx
7e4195f3 +00 USER32.dll MsgWaitForMultipleObjectsEx
7e4196a3 +1a USER32.dll MsgWaitForMultipleObjects
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by thread $1198 at:
100047d3 +00 catchnet.dll
thread $d58 (TgtTimerThread):
7c90df58 +00a ntdll.dll NtWaitForSingleObject
7c8025d5 +085 kernel32.dll WaitForSingleObjectEx
7c80253d +00d kernel32.dll WaitForSingleObject
00474863 +113 !PCM4V.exe segment%31 public%3433
0047490a +01e !PCM4V.exe segment%31 public%3434
004d1925 +01d !PCM4V.exe segment%64 public%6312
00452893 +02b !PCM4V.exe segment%23 public%2337
004743a8 +034 !PCM4V.exe segment%31 public%3422
004056f4 +028 !PCM4V.exe segment%0 public%250
00452775 +00d !PCM4V.exe segment%23 public%2335
004527df +037 !PCM4V.exe segment%23 public%2336
>> created by main thread ($bf0) at:
004d189f +01b !PCM4V.exe segment%64 public%6309
thread $1084 (TgtTimerThread):
7c90df58 +00a ntdll.dll NtWaitForSingleObject
7c8025d5 +085 kernel32.dll WaitForSingleObjectEx
7c80253d +00d kernel32.dll WaitForSingleObject
00474863 +113 !PCM4V.exe segment%31 public%3433
0047490a +01e !PCM4V.exe segment%31 public%3434
004d1925 +01d !PCM4V.exe segment%64 public%6312
00452893 +02b !PCM4V.exe segment%23 public%2337
004743a8 +034 !PCM4V.exe segment%31 public%3422
004056f4 +028 !PCM4V.exe segment%0 public%250
00452775 +00d !PCM4V.exe segment%23 public%2335
004527df +037 !PCM4V.exe segment%23 public%2336
>> created by main thread ($bf0) at:
004d189f +01b !PCM4V.exe segment%64 public%6309
thread $1524 (TgtTimerThread):
7c90df58 +00a ntdll.dll NtWaitForSingleObject
7c8025d5 +085 kernel32.dll WaitForSingleObjectEx
7c80253d +00d kernel32.dll WaitForSingleObject
00474863 +113 !PCM4V.exe segment%31 public%3433
0047490a +01e !PCM4V.exe segment%31 public%3434
004d1925 +01d !PCM4V.exe segment%64 public%6312
00452893 +02b !PCM4V.exe segment%23 public%2337
004743a8 +034 !PCM4V.exe segment%31 public%3422
004056f4 +028 !PCM4V.exe segment%0 public%250
00452775 +00d !PCM4V.exe segment%23 public%2335
004527df +037 !PCM4V.exe segment%23 public%2336
>> created by main thread ($bf0) at:
004d189f +01b !PCM4V.exe segment%64 public%6309
thread $fb0:
7c90daa8 +0a ntdll.dll NtReplyWaitReceivePortEx
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by main thread ($bf0) at:
77e7df36 +00 RPCRT4.dll
thread $15bc:
7c90d218 +0a ntdll.dll NtDelayExecution
7c8023eb +4b kernel32.dll SleepEx
7c802450 +0a kernel32.dll Sleep
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by main thread ($bf0) at:
7752fd64 +00 ole32.dll
thread $16dc:
7c90daa8 +0a ntdll.dll NtReplyWaitReceivePortEx
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by thread $fb0 at:
77e7df36 +00 RPCRT4.dll
thread $12d0:
7c90daa8 +0a ntdll.dll NtReplyWaitReceivePortEx
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by thread $16dc at:
77e7df36 +00 RPCRT4.dll
thread $1668:
7c90daa8 +0a ntdll.dll NtReplyWaitReceivePortEx
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by thread $16dc at:
77e7df36 +00 RPCRT4.dll
processes:
0000 Idle 0 0
0004 System 0 0 normal
038c smss.exe 0 0 normal C:\WINDOWS\system32
0578 csrss.exe 72 81 normal C:\WINDOWS\system32
05d8 winlogon.exe 61 11 high C:\WINDOWS\system32
0614 services.exe 4 0 normal C:\WINDOWS\system32
0620 lsass.exe 7 1 normal C:\WINDOWS\system32
06d4 nvsvc32.exe 8 1 normal C:\WINDOWS\system32
0738 svchost.exe 4 0 normal C:\WINDOWS\system32
0790 svchost.exe 4 0 normal C:\WINDOWS\system32
07bc svchost.exe 11 10 normal C:\WINDOWS\System32
00b0 svchost.exe 4 0 normal C:\WINDOWS\system32
010c svchost.exe 4 0 normal C:\WINDOWS\system32
01d0 spoolsv.exe 4 0 normal C:\WINDOWS\system32
021c svchost.exe 4 0 normal C:\WINDOWS\system32
023c avgwdsvc.exe 4 1 normal C:\Program Files\AVG\AVG10
024c BCUService.exe 4 0 normal C:\Program Files\DeviceVM\Browser Configuration Utility
025c mDNSResponder.exe 4 0 normal C:\Program Files\Bonjour
02d0 dirmngr.exe 4 0 normal C:\Program Files\GNU\GnuPG
0358 inetinfo.exe 4 1 normal C:\WINDOWS\system32\inetsrv
037c jqs.exe 4 0 idle C:\Program Files\Java\jre6\bin
0484 sqlservr.exe 4 0 normal c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn
04c8 RTPSvc.exe 4 0 normal C:\WINDOWS\system32
0538 sqlwriter.exe 4 0 normal c:\Program Files\Microsoft SQL Server\90\Shared
056c squid.exe 4 0 normal C:\squid\sbin
05b0 svchost.exe 4 0 normal C:\WINDOWS\system32
0624 unlinkd.exe 4 0 normal c:\squid\libexec
00b8 YahooAUService.exe 4 2 normal C:\Program Files\Yahoo!\SoftwareUpdate
0280 avgnsx.exe 4 0 normal C:\Program Files\AVG\AVG10
0290 avgemcx.exe 4 0 normal C:\Program Files\AVG\AVG10
029c AVGIDSAgent.exe 4 0 normal C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin
09cc avgtray.exe 131 32 normal C:\Program Files\AVG\AVG10
09dc BCU.exe 8 3 normal C:\Program Files\DeviceVM\Browser Configuration Utility
09e8 HDeck.exe 350 105 normal C:\Program Files\VIA\VIAudioi\HDADeck
09f0 ctfmon.exe 33 9 normal C:\WINDOWS\system32
0ac0 avgidsmonitor.exe 4 0 normal C:\Program Files\AVG\AVG10\Identity Protection\agent\bin
0bfc wmiprvse.exe 7 4 normal C:\WINDOWS\system32\wbem
0ef4 alg.exe 4 0 normal C:\WINDOWS\System32
01fc tcpz.exe 114 127 normal C:\Documents and Settings\User\My Documents\TCP-Z
0a04 frd.exe 83 25 normal C:\Program Files\Java\jre6\launch4j-tmp
1764 !PCM4V.exe 279 167 normal C:\Documents and Settings\User\My Documents\PC Media Valhalla Alpha2
17a8 avgchsvx.exe 0 0 normal C:\Program Files\AVG\AVG10
0588 avgrsx.exe 0 0 normal C:\Program Files\AVG\AVG10
13b0 avgcsrvx.exe 0 0 normal C:\Program Files\AVG\AVG10
0600 explorer.exe 429 231 normal C:\WINDOWS
disassembling:
7c90d70e public NtQueryAttributesFile: ; function entry point
7c90d70e mov eax, $8b
7c90d713 mov edx, $7ffe0300
7c90d718 > call dword ptr [edx] ; KiFastSystemCall (ntdll.dll)
7c90d71a ret 8
date/time : 2011-01-22, 23:56:18, 718ms
computer name : HOME-PC
user name : User
registered owner : Personal User / Preferred Customer
operating system : Windows XP Service Pack 3 build 2600
system language : English
system up time : 30 minutes 48 seconds
program up time : 30 minutes 14 seconds
processors : 2x Intel(R) Pentium(R) D CPU 3.00GHz
physical memory : 1437/2046 MB (free/total)
free disk space : (C:) 192.24 GB
display mode : 1360×768, 32 bit
process id : $914
allocated memory : 214.01 MB
command line : “C:\Documents and Settings\User\My Documents\PC Media Valhalla Alpha2\!PCM4V.exe” /RTP
executable : !PCM4V.exe
exec. date/time : 2011-01-17 13:33
version : 5.0.0.0
compiled with : Delphi 2006/07
madExcept version : 3.0l
!PCM4V.exe.mad : $00026104, $34333e31, $4c3be920
callstack crc : $8d7f6f94, $8855605f, $8855605f
count : 5
exception number : 5
exception message : The application seems to be frozen.
main thread ($918):
7c90df48 +00a ntdll.dll NtWaitForMultipleObjects
7c80958a +000 kernel32.dll WaitForMultipleObjectsEx
7e4195f3 +000 USER32.dll MsgWaitForMultipleObjectsEx
7e4196a3 +01a USER32.dll MsgWaitForMultipleObjects
00474a1b +04f !PCM4V.exe segment%31 public%3439
0067ed14 +200 !PCM4V.exe segment%287 public%12970
004d083e +056 !PCM4V.exe segment%62 public%6294
004d0cd4 +48c !PCM4V.exe segment%62 public%6295
004d0fa1 +049 !PCM4V.exe segment%62 public%6296
00414f38 +168 !PCM4V.exe segment%9 public%1249
7c90e470 +010 ntdll.dll KiUserCallbackDispatcher
7e42a436 +0f6 USER32.dll PeekMessageA
004c4330 +014 !PCM4V.exe segment%58 public%5996
004c4452 +00a !PCM4V.exe segment%58 public%5998
004c4763 +0b3 !PCM4V.exe segment%58 public%6003
00682294 +1f0 !PCM4V.exe segment%417 public%13104
thread $fbc (TgtTimerThread):
7c90df58 +0a ntdll.dll NtWaitForSingleObject
7c8025d5 +85 kernel32.dll WaitForSingleObjectEx
7c80253d +0d kernel32.dll WaitForSingleObject
004d1918 +10 !PCM4V.exe segment%64 public%6312
00452893 +2b !PCM4V.exe segment%23 public%2337
004743a8 +34 !PCM4V.exe segment%31 public%3422
004056f4 +28 !PCM4V.exe segment%0 public%250
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by main thread ($918) at:
004d189f +1b !PCM4V.exe segment%64 public%6309
thread $fc0 (TWndProc):
006652b3 +1f !PCM4V.exe segment%279 public%12695
thread $fcc:
7c90d9d8 +00a ntdll.dll NtReadFile
7c801873 +061 kernel32.dll ReadFile
005b0209 +1e5 !PCM4V.exe segment%204 public%10530
00452775 +00d !PCM4V.exe segment%23 public%2335
004527df +037 !PCM4V.exe segment%23 public%2336
>> created by thread $fc4 at:
005b0478 +22c !PCM4V.exe segment%204 public%10531
thread $fe4 (TgtTimerThread):
7c90df58 +0a ntdll.dll NtWaitForSingleObject
7c8025d5 +85 kernel32.dll WaitForSingleObjectEx
7c80253d +0d kernel32.dll WaitForSingleObject
004d1918 +10 !PCM4V.exe segment%64 public%6312
00452893 +2b !PCM4V.exe segment%23 public%2337
004743a8 +34 !PCM4V.exe segment%31 public%3422
004056f4 +28 !PCM4V.exe segment%0 public%250
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by main thread ($918) at:
004d189f +1b !PCM4V.exe segment%64 public%6309
thread $d84:
7c90d218 +a ntdll.dll NtDelayExecution
thread $3d0:
7c90da48 +a ntdll.dll NtRemoveIoCompletion
thread $3f8:
7c90df48 +a ntdll.dll NtWaitForMultipleObjects
thread $ac4 (TRegMonitorThread):
7c90df58 +0a ntdll.dll NtWaitForSingleObject
7c8025d5 +85 kernel32.dll WaitForSingleObjectEx
7c80253d +0d kernel32.dll WaitForSingleObject
0066c336 +12 !PCM4V.exe segment%284 public%12830
00452893 +2b !PCM4V.exe segment%23 public%2337
004743a8 +34 !PCM4V.exe segment%31 public%3422
004056f4 +28 !PCM4V.exe segment%0 public%250
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by main thread ($918) at:
0066c1e4 +18 !PCM4V.exe segment%284 public%12827
thread $ad8 (TRegMonitorThread):
7c90df58 +0a ntdll.dll NtWaitForSingleObject
7c8025d5 +85 kernel32.dll WaitForSingleObjectEx
7c80253d +0d kernel32.dll WaitForSingleObject
0066c336 +12 !PCM4V.exe segment%284 public%12830
00452893 +2b !PCM4V.exe segment%23 public%2337
004743a8 +34 !PCM4V.exe segment%31 public%3422
004056f4 +28 !PCM4V.exe segment%0 public%250
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by main thread ($918) at:
0066c1e4 +18 !PCM4V.exe segment%284 public%12827
thread $fa4:
7c90d9d8 +00a ntdll.dll NtReadFile
7c801873 +061 kernel32.dll ReadFile
005b0209 +1e5 !PCM4V.exe segment%204 public%10530
00452775 +00d !PCM4V.exe segment%23 public%2335
004527df +037 !PCM4V.exe segment%23 public%2336
>> created by thread $ad0 at:
005b0478 +22c !PCM4V.exe segment%204 public%10531
thread $a9c:
7c90df48 +0a ntdll.dll NtWaitForMultipleObjects
7c80958a +00 kernel32.dll WaitForMultipleObjectsEx
7e4195f3 +00 USER32.dll MsgWaitForMultipleObjectsEx
7e4196a3 +1a USER32.dll MsgWaitForMultipleObjects
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by thread $ad0 at:
100047d3 +00 catchnet.dll
thread $d28 (TgtTimerThread):
7c90df58 +0a ntdll.dll NtWaitForSingleObject
7c8025d5 +85 kernel32.dll WaitForSingleObjectEx
7c80253d +0d kernel32.dll WaitForSingleObject
004d1918 +10 !PCM4V.exe segment%64 public%6312
00452893 +2b !PCM4V.exe segment%23 public%2337
004743a8 +34 !PCM4V.exe segment%31 public%3422
004056f4 +28 !PCM4V.exe segment%0 public%250
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by thread $ad0 at:
004d189f +1b !PCM4V.exe segment%64 public%6309
thread $e14:
7c90daa8 +0a ntdll.dll NtReplyWaitReceivePortEx
00452775 +0d !PCM4V.exe segment%23 public%2335
004527df +37 !PCM4V.exe segment%23 public%2336
>> created by main thread ($918) at:
77e7df36 +00 RPCRT4.dll
thread $248 (TScanThis):
7c90d718 +00a ntdll.dll NtQueryAttributesFile
7c80b84d +061 kernel32.dll GetFileAttributesW
7c8115f4 +018 kernel32.dll GetFileAttributesA
004583fb +00b !PCM4V.exe segment%26 public%2472
0065f4d4 +3f0 !PCM4V.exe segment%277 public%12666
00658580 +034 !PCM4V.exe segment%275 public%12570
00658827 +003 !PCM4V.exe segment%275 public%12573
00452893 +02b !PCM4V.exe segment%23 public%2337
004743a8 +034 !PCM4V.exe segment%31 public%3422
004056f4 +028 !PCM4V.exe segment%0 public%250
00452775 +00d !PCM4V.exe segment%23 public%2335
004527df +037 !PCM4V.exe segment%23 public%2336
>> created by main thread ($918) at:
006587d4 +040 !PCM4V.exe segment%275 public%12571
processes:
000 Idle 0 0
004 System 0 0 normal
2d0 smss.exe 0 0 normal C:\WINDOWS\system32
498 csrss.exe 72 81 normal C:\WINDOWS\system32
4f8 winlogon.exe 38 11 high C:\WINDOWS\system32
534 services.exe 4 0 normal C:\WINDOWS\system32
540 lsass.exe 7 1 normal C:\WINDOWS\system32
5fc nvsvc32.exe 8 1 normal C:\WINDOWS\system32
65c svchost.exe 4 0 normal C:\WINDOWS\system32
6b0 svchost.exe 4 0 normal C:\WINDOWS\system32
6d8 svchost.exe 11 10 normal C:\WINDOWS\System32
71c svchost.exe 4 0 normal C:\WINDOWS\system32
790 svchost.exe 4 0 normal C:\WINDOWS\system32
084 spoolsv.exe 4 0 normal C:\WINDOWS\system32
0e8 svchost.exe 4 0 normal C:\WINDOWS\system32
10c avgwdsvc.exe 4 1 normal C:\Program Files\AVG\AVG10
140 BCUService.exe 4 0 normal C:\Program Files\DeviceVM\Browser Configuration Utility
150 mDNSResponder.exe 4 0 normal C:\Program Files\Bonjour
160 dirmngr.exe 4 0 normal C:\Program Files\GNU\GnuPG
2b0 inetinfo.exe 4 1 normal C:\WINDOWS\system32\inetsrv
2b4 jqs.exe 4 0 idle C:\Program Files\Java\jre6\bin
2cc Explorer.EXE 150 70 normal C:\WINDOWS
3b4 sqlservr.exe 4 0 normal c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn
40c RTPSvc.exe 4 0 normal C:\WINDOWS\system32
474 sqlwriter.exe 4 0 normal c:\Program Files\Microsoft SQL Server\90\Shared
4a0 squid.exe 4 0 normal C:\squid\sbin
4d0 svchost.exe 4 0 normal C:\WINDOWS\system32
544 unlinkd.exe 4 0 normal c:\squid\libexec
614 YahooAUService.exe 4 2 normal C:\Program Files\Yahoo!\SoftwareUpdate
6f0 AVGIDSAgent.exe 4 0 normal C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin
8d8 avgtray.exe 131 24 normal C:\Program Files\AVG\AVG10
8e0 BCU.exe 8 3 normal C:\Program Files\DeviceVM\Browser Configuration Utility
8e8 HDeck.exe 280 104 normal C:\Program Files\VIA\VIAudioi\HDADeck
8f4 ctfmon.exe 25 9 normal C:\WINDOWS\system32
914 !PCM4V.exe 260 142 normal C:\Documents and Settings\User\My Documents\PC Media Valhalla Alpha2
9a4 avgnsx.exe 4 0 normal C:\Program Files\AVG\AVG10
9d4 avgemcx.exe 4 0 normal C:\Program Files\AVG\AVG10
c6c avgidsmonitor.exe 4 0 normal C:\Program Files\AVG\AVG10\Identity Protection\agent\bin
dc8 wmiprvse.exe 7 4 normal C:\WINDOWS\system32\wbem
260 alg.exe 4 0 normal C:\WINDOWS\System32
e74 avgchsvx.exe 0 0 normal C:\Program Files\AVG\AVG10
538 avgrsx.exe 0 0 normal C:\Program Files\AVG\AVG10
ff0 avgcsrvx.exe 0 0 normal C:\Program Files\AVG\AVG10
disassembling:
7c90df3e public NtWaitForMultipleObjects: ; function entry point
7c90df3e mov eax, $10e
7c90df43 mov edx, $7ffe0300
7c90df48 > call dword ptr [edx] ; KiFastSystemCall (ntdll.dll)
7c90df4a ret $14
@ prayitno
dapet darimana mas PCMAV Valhalla Beta?
@kaha26
masuk FORUM DISKUSI! login/daftar dulu…
@prayitno
thanx mas, tapi pas liat ko masih alpha 2 ya…
thanks mas atas AVnya..!!! apalagi sudah ada official websitenya…!! jadi nggak untuk susah” cari PCMAV lg deh…!!! jaya terus..!!!
geon from Jayapura…!!!
PCMAV berantas virus shortcut hingga keakar-akarnya……
adakah yang punya link Download PCMAV Valhalla Beta [alpha 2]..??
Aukh… AHhhhh Elap…
cuih!
Terimakasih selalu mendapat Reader dari Web History saya.
Maju terus PC Media/PC Mild bersama komunitas VirusIndonesia.com
emang dah PCMedia Jempolan antivirus lokal, yang lain boleh ngaku2 tapi PCMAV mampu membuktikan yang terbaik…
dah ngga sabar pengen kebet majalahnya…
PCMAV memang sangat bagus..
saya dari dulu make dan tidak pernah ada virus indonesia yang lolos..,,
maju terus PCMAV
yang lain ngaku2….
wah mantep nih gan, besok beli majalahnya ah.
punyaku masih yang lawas PCMAV nya,hehe,,,
yg dikenal kq hanya Local Disk, Removeable Disk kq tdk muncul? Why…???
@Nanda
klik kanan refresh
wah… dah ada pcmav terbaru nih. segera menuju toko majalah langganan..
mantap……….. coba cari yang gratisan ah…
PC Media 03 2011 kok belum terbit sih, padahal di PC Media 02 dikatakan bahwa PC Media 02 akan hadir sebelum tanggal 10 Februari.