Main Remote Support Services  Preferred Provider Network Online Backup Security Virus Information

Contact Us Prices Blog Pay Invoice Testimonials

Weekly Report on Viruses and Intruders

Madrid, August 10, 2007 - Shark 2, a Trojan creation tool, is the main subject

of this week’s PandaLabs report, which also covers Addon.B and MSNPoopy.A, two

worms that use MSN Messenger to spread.

Shark 2 is distributed for free in various Internet forums and is very easy to

use, which makes it particularly dangerous. The Trojans created with this

builder could steal all kinds of confidential data from users’ computers if they

are not well protected.

“These Trojans pose a threat to users’ privacy as cyber-crooks could activate

the victim’s  webcam, if they have one, and watch what they are doing”, explains

Luis Corrons, Technical Director of PandaLabs.

Shark 2 allows criminals to specify the server the Trojan must connect to, and

set the Trojan to run on every system restart, show error messages or run other

files. Also, the tool allows malicious users to perform specific actions for

processes and services, such as stop certain services, shut down or delete the

user server, etc.

Once it has infected a computer, the Trojan created by Shark 2 connects to the

server the hacker has chosen and displays a screen that allows them to take

various actions, including commanding the malware to steal all kinds of

passwords (for instant messaging services, email, banking services, etc.).

The cyber-criminal can also run a large number of utilities on the infected

computer, for example, to modify the registry or edit the host file. By doing

this, they could redirect users to phishing or infected pages. 

Trojans created with this tool can also take screenshots, capture audio and log

keystrokes.

“Malware creators can use this tool to build Trojans capable of attacking users

on several fronts, but always with the same goal: get information that they can

easily turn into some kind of financial gain”, states Corrons.

The first worm covered in today’s report is Addon.B, a malware specimen that

sends a .zip file called Foto_celular by MSN Messenger. If the user opens it and

runs the file inside, they will be installing a copy of the worm on their

computer.

Addon.B copies itself to all drives under the name Foto_celular.scr. Once run,

this file downloads the second component of the worm, sexy.wm. This malware, in

turn, connects to two web pages waiting for commands ranging from downloading

other malicious codes onto the infected computer to updating itself.

MSNPoopy.A uses similar techniques to Addon.B to spread through MSN Messenger.

In this case, it uses sentences like “look @ my cute new puppy :-D” or

”look @ this picture of me, when I was a kid “ to entice users into opening the

attached file, which has names such as img1756 and is compressed in .zip format.

If the targeted user opens it and runs the file inside, they will become

infected. Also, all the users in the victim’s Address Book will receive the

message the worm sends, with the possibility of becoming infected.

MSNPoopy.A edits the Windows Registry to ensure it is run every time the system

is started up. It also tries to connect to other instant messaging channels to

send out information or continue spreading. 

“It shouldn’t surprise anyone that cyber-crooks are increasingly using instant

messaging to distribute their creations. These are services used by millions of

people every day, so they make a very easy and quick way of infecting a huge

number of users”, explains Corrons.

More information about these and other malicious codes at Panda Security’s

Encyclopedia

All users that want to know whether their computers have been attacked by these

or other malicious code can use ActiveScan, the free solution available at:

http://www.pandasoftware.es/activescan. It will carry out a complete inspection

of the computer should there be any hints of infection.

Download free evaluation software Platinum 2006 Internet Security

------------------------------------------------------------

FREE SYSTEM ANALYSIS!
For Microsoft Windows® Desktops and Notebooks
Run the MA4 Computer Services System Analyzer by Webroot for a report on your computer's specific software security and capacity performance. Find out if your computer has:

Run System Analyzer

Protecting Yourself from Viruses

15 Tips to Stay Virus Free    

Users who know how to avoid Viruses & Crimeware are a critical layer of network protection. Train your staff with this FREE, easy-to-use, multimedia presentation.

and helps you to improve the level of your network
security

15 Tips for Keeping Virus Free (flash)

Download free evaluation software Platinum 2006 Internet Security

General Tips About Viruses

Get an anti-virus protection for your computer. Update it frequently and set
the options to scan e-mail as well as other files.

Don't open any attachment if you are not expecting it, even if they are from
people you know, unless you are certain that it's a legitimate file. If
you're not certain, ask them to confirm that they sent you an attachment.
Even then, there is a chance that the file could be infected.

Backup your data often (and keep a backup copy in a different location in
case of fire.)

Only download software from reputable sources.

Virus Alerts

New viruses appear every day. For information on some of the most recent
viruses, worms, and Trojan Horses, visit the Symantec and McAfee web sites.

* The Symantec AntiVirus Research Center Online Virus and Hoax
Encyclopedia is located at: http://securityresponse.symantec.com/ OR
http://www.sarc.com/
* The McAfee Virus Information Library is located at: http://us.mcafee.com/virusInfo/default.asp/

Worried About Viruses?

Get Real Time Virus Protection and save $5 on McAfee Security VirusScan Software.

HERE ARE JUST SOME OF THE ON-SITE SERVICES TECHNICIANS CAN PERFORM:

Onsite Computer Repairs and Upgrades Software/Hardware Installation Memory Upgrades Printer / Scanners / Cameras Installation & Configuration Operating System Installation/Upgrades Automated Back Up Systems	Virus Protection / Firewall Protection / Spyware Removal Virus Removal and Repair Disaster Recovery Prevention Firewall Configurations Privacy and Security Analysis Spyware Removal, Prevention and Education
Home / Office Network Installation & Repair Wired / Wireless Networks File and Printer Sharing Windows 2000 / Windows 2003 Server Remote Monitoring / Maintenance

Phone Number: (925) 516-4054

Support Email: realpeople@ma4pc.com

MA4 Computer Services     
On-Site Computer Support

OVER TWELVE YEARS OF EXPERIENCE
1155-C Arnold Drive. #217
Martinez, CA 94553-4108
Fax Number: 925.372.6507

We gladly accept

Testimonials

Sharon from Pleasant Hill, CA: Matsie was great and explained everything to me in terms I could understand.

Chris Siemens Business Services from Walnut Creek, CA: Fantastic response, great communications, look forward to working again.

Lexi CompUSA, Inc. Fairfield, CA: Tech was very knowledgeable!

Michael World Savings Lafayette, CA: Thanks for the great work!

Kathy from Walnut Creek, CA: Matsie is very professional and personable. He resolved our issues exactly as planned. He has just the right mix of professionalism and friendliness.

Lin from Antioch, CA: I'm so happy to have found you!  THANK YOU soooooo much for everything you helped me with.  I am very impressed with your skill & professionalism. 

San Francisco East Bay locations we serve:
Alamo, Antioch, Benicia, Brentwood, Clayton, Concord, Danville, Dublin, Fairfield, Lafayette,
Martinez, Pacheco, Pleasant Hill, Pleasanton, Orinda, Oakley, San Ramon, San Francisco,
Walnut Creek, Vacaville, Vallejo

Download free evaluation software Panda Titanium 2006 Antivirus + Antispyware

  Main Backup Security Virus Information Pricing Testimonials Purchase Computers Remote Support Contact Us Blog