$ 11.99|https://store.pandasecurity.com/300/purl-vpn?currencies=USS&x-track=55499&cart=iA001PVPNS05&language=en&quantity=1&enablecoupon=false&coupon=1STMOFFPD&x-coupon=1STMOFFPD&x-market=usa&x-track=190478|$ 0.00|$;PREFIX;.;,;11;99;0;00

Start the year on the right foot

Renew your protection now with this limited-time offer

-50%Renew my protection

*Home users only

Get 50% discount!

Discover the plan that suits you best!

-50%See offer

Get 50% discount!

Discover the plan that suits you best!

-50%See offer

This Christmas will be different

but we want to continue helping you protect your loved ones

-50%Renew my protection*

*Home users only

This Christmas will be different

but we want to continue helping you protect your loved ones

-50%View offer

Get 50% discount! Discover the plan that suits you best!

See offer

Get 50% discount! Discover the plan that suits you best!

See offer

Get 50% discount! Discover the plan that suits you best!

See offer

Renew and get 50% off*

Only available for 48 hours!

::

*For home users only

Renew at a discount
::

Renew and get 50% off*

Renew
*Home users only

*For home users only Renew and get 50% off*

::
Renew

Special offer: Renew and get 50% off**

Only available for 48 hours!

::

*For home users only

Renew at a discount

*For home users only Special offer: Renew and get 50% off*

::04
Renew

Hello!

You’re about to visit our web page in English
Would you like to continue?

Yes, I want to visit the web page in English No, I want to visit the web page in

If this is not what you’re looking for,

Visit our Welcome Page!

Call us 24/7 and get a free diagnosis 951 203 528

Active Scan. Scan your PC free

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Chir.B

 
Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Chir.B
Technical name:W32/Chir.B
Threat level:Low
Alias:I-Worm.Runouce.b,, Win32/ChiHack, PE_CHIR.B
Type:Virus
Effects:  It overwrites files with certain extensions and exploits two vulnerabilities in Internet Explorer.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Aug. 1, 2002
Detection updated on:June 17, 2010
StatisticsNo
Proactive protection:
Yes, using TruPrevent Technologies

Brief Description 

    

Chir.B is a worm that reaches computers in an e-mail attachment called PP.EXE. The subject of this message consists of the sender's name followed by the text is coming!.

It is easy to get infected with this worm, as it activates automatically when the message is opened or just viewed through Outlook's Preview Pane.

In order to do so, it exploits two vulnerabilities: Exploit/iFrame and Exploit/MIME. These vulnerabilities allow files attached to e-mail messages to be run automatically.

This is a dangerous worm, as it infects files with the following extensions: EXE, SCR, HTM and HTML. Besides, Chir.B has destructive effects, as on the first day of each month it overwrites the first 4,660 bytes of files with the following extensions: ADC, R.DB, DOC and XLS.

Visible Symptoms 

    

A clear indication that you have received Chir.B is a message with the following characteristics:

  • Sender: one of the following:
    %sender's name%@yahoo.com
    Imissyou@btamail.net.cn
  • Subject:
    %sender's name% is coming!
  • Message: it does not contain any text.
  • Attachments:
    PP.EXE

ARE YOU FACING ANY PC OR INTERNET RELATED PROBLEMS?
FREE SUPPORT INCLUDED. CALL US 24/7

powered by Anytech365

0203 769 3439