Clínica de Hardware

Instalação, manutenção, reparação e assistência técnica a Hardware e Software

Últimos assuntos

» Ponto G em rato de computador
Sab 13 Fev 2010 - 1:08 por Admin

» Ponto G em rato de computador
Sab 13 Fev 2010 - 1:08 por Admin

» Panda Security's weekly report on viruses and intruders
Sex 22 Jan 2010 - 15:11 por Admin

» Estatísticas - Top 5 Browsers em Portugal
Qua 13 Jan 2010 - 17:36 por Admin

» Informe semanal de Panda Security sobre virus e intrusos
Qui 31 Dez 2009 - 16:15 por Admin

» Proteja o computador de prendas indesejadas
Dom 20 Dez 2009 - 2:54 por Admin

» Upgrades a duas máquinas de 32 e 64 bits
Sab 28 Nov 2009 - 2:16 por Admin

» Actualize o seu PC para Windows 7
Qua 18 Nov 2009 - 17:33 por Admin

» Firefox faz 5 anos
Seg 9 Nov 2009 - 17:31 por Admin


Fevereiro 2018


Calendário Calendário

Flux RSS


Top dos mais postadores


Os nossos membros postaram um total de 92 mensagens em 91 assuntos

Temos 1 usuário registrado

O último usuário registrado atende pelo nome de Admin

Quem está conectado

2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes


[ Ver toda a lista ]

O recorde de usuários online foi de 9 em Qui 10 Jun 2010 - 0:05


Esqueci minha senha

    Panda Security's weekly report on viruses and intruders


    Mensagens : 93
    Data de inscrição : 02/02/2009
    Localização : Estremadura

    Panda Security's weekly report on viruses and intruders

    Mensagem por Admin em Sex 31 Jul 2009 - 18:09

    Virus Alerts, by Panda Security (

    This week's PandaLabs report looks at the Koobface.EA worm, designed to spread using Facebook, the Pidief.A Trojan, which takes advantage of an Adobe vulnerability to infect users and P2Pworm.BJ, a worm designed to steal the information entered on online forms.

    To spread via Facebook, the Koobface.EA worm publishes a video on the infected users' Facebook page, for all their friends and contacts to see it. On trying to watch the video, users are redirected to a page similar to YouTube's.

    Then, they are asked to download an Adobe Flash version necessary to watch the video. This file is actually a copy of the worm.

    To make the attack even more dangerous, the worm downloads another malicious code to the infected computer: the AntiSpyware Pro 2009 fake antivirus. This malicious adware simulates a fake system scan detecting dozens of actually non-existing malware strains. Then, it offers users the option to eliminate them using a paid version of the fake antivirus.
    As you can see, the objective is to get financial returns from this malicious code.

    You can find images of the infection process here:

    The Pidief.A Trojan uses the Adobe CVE-2009-1862 vulnerability to infect users. The exploit takes advantage of a known vulnerability when trying to open a PDF document with an embedded flash object.

    The Acrobat file viewer has a feature to run flash objects included in .PDF files. Thanks to the authplay.dll library, the file reader can open the flash viewer and display the content. In this case, the information sent to the viewer includes the instruction to download a malware file (Trj/Pidief.A). Then, no flash object is displayed to the user.

    Pidief.A can be used by its creator to download more malware to the affected computer, or to gain total or partial control of the infected system.

    P2Pworm.BJ is a worm designed to steal the information entered on online forms through the Internet Explorer and Firefox browsers.

    The worm uses the following means to spread:

    - Peer-to-peer (P2P) file sharing programs: It creates copies of itself in the shared directories of several programs (Ares, BearShare, Emule, Imesh and Shareaza).

    The users of these programs can access the shared directories remotely and download some of the files belonging to P2Pworm.BJ to their computers.

    - Removable drives: It copies itself to the RECYCLER folder of removable drives. Also, it creates an AUTORUN.INF file on these drives to run every time they are accessed.

    - MSN Messenger: It sends messages with a copy of itself to the user's contacts connected at the time of the infection.

    More information about these and other malicious codes is available in the Panda Security Encyclopedia (

    You can also follow Panda Security's online activity on its Twitter

      Data/hora atual: Sex 23 Fev 2018 - 6:31