Main Remote Support Services  Preferred Provider Network Online Backup Security Virus Information

Contact Us Prices Blog Pay Invoice Testimonials

Weekly Report on Viruses and Intruders


Madrid, August 10, 2007 - Shark 2, a Trojan creation tool, is the main subject
of this week’s PandaLabs report, which also covers Addon.B and MSNPoopy.A, two
worms that use MSN Messenger to spread.
Shark 2 is distributed for free in various Internet forums and is very easy to
use, which makes it particularly dangerous. The Trojans created with this
builder could steal all kinds of confidential data from users’ computers if they
are not well protected.
“These Trojans pose a threat to users’ privacy as cyber-crooks could activate
the victim’s  webcam, if they have one, and watch what they are doing”, explains
Luis Corrons, Technical Director of PandaLabs.
Shark 2 allows criminals to specify the server the Trojan must connect to, and
set the Trojan to run on every system restart, show error messages or run other
files. Also, the tool allows malicious users to perform specific actions for
processes and services, such as stop certain services, shut down or delete the
user server, etc.
Once it has infected a computer, the Trojan created by Shark 2 connects to the
server the hacker has chosen and displays a screen that allows them to take
various actions, including commanding the malware to steal all kinds of
passwords (for instant messaging services, email, banking services, etc.).
The cyber-criminal can also run a large number of utilities on the infected
computer, for example, to modify the registry or edit the host file. By doing
this, they could redirect users to phishing or infected pages. 
Trojans created with this tool can also take screenshots, capture audio and log
“Malware creators can use this tool to build Trojans capable of attacking users
on several fronts, but always with the same goal: get information that they can
easily turn into some kind of financial gain”, states Corrons.
The first worm covered in today’s report is Addon.B, a malware specimen that
sends a .zip file called Foto_celular by MSN Messenger. If the user opens it and
runs the file inside, they will be installing a copy of the worm on their
Addon.B copies itself to all drives under the name Foto_celular.scr. Once run,
this file downloads the second component of the worm, sexy.wm. This malware, in
turn, connects to two web pages waiting for commands ranging from downloading
other malicious codes onto the infected computer to updating itself.
MSNPoopy.A uses similar techniques to Addon.B to spread through MSN Messenger.
In this case, it uses sentences like “look @ my cute new puppy :-D” or
”look @ this picture of me, when I was a kid “ to entice users into opening the
attached file, which has names such as img1756 and is compressed in .zip format.
If the targeted user opens it and runs the file inside, they will become
infected. Also, all the users in the victim’s Address Book will receive the
message the worm sends, with the possibility of becoming infected.
MSNPoopy.A edits the Windows Registry to ensure it is run every time the system
is started up. It also tries to connect to other instant messaging channels to
send out information or continue spreading. 
“It shouldn’t surprise anyone that cyber-crooks are increasingly using instant
messaging to distribute their creations. These are services used by millions of
people every day, so they make a very easy and quick way of infecting a huge
number of users”, explains Corrons.
More information about these and other malicious codes at Panda Security’s


All users that want to know whether their computers have been attacked by these
or other malicious code can use ActiveScan, the free solution available at: It will carry out a complete inspection
of the computer should there be any hints of infection.


Download free evaluation software Platinum 2006 Internet Security



For Microsoft Windows® Desktops and Notebooks
Run the MA4 Computer Services System Analyzer by Webroot for a report on your computer's specific software security and capacity performance. Find out if your computer has:

Run System Analyzer






Protecting Yourself from Viruses


15 Tips to Stay Virus Free    

Users who know how to avoid Viruses & Crimeware are a critical layer of network protection. Train your staff with this FREE, easy-to-use, multimedia presentation.

and helps you to improve the level of your network


15 Tips for Keeping Virus Free (flash)

Download free evaluation software Platinum 2006 Internet Security

General Tips About Viruses

Get an anti-virus protection for your computer. Update it frequently and set
the options to scan e-mail as well as other files.

Don't open any attachment if you are not expecting it, even if they are from
people you know, unless you are certain that it's a legitimate file. If
you're not certain, ask them to confirm that they sent you an attachment.
Even then, there is a chance that the file could be infected.

Backup your data often (and keep a backup copy in a different location in
case of fire.)

Only download software from reputable sources.

Virus Alerts

New viruses appear every day. For information on some of the most recent
viruses, worms, and Trojan Horses, visit the Symantec and McAfee web sites.

* The Symantec AntiVirus Research Center Online Virus and Hoax
Encyclopedia is located at: OR
* The McAfee Virus Information Library is located at:

Worried About Viruses?

Get Real Time Virus Protection and save $5 on McAfee Security VirusScan Software.



Onsite Computer Repairs and Upgrades
Software/Hardware Installation
Memory Upgrades
Printer / Scanners / Cameras Installation & Configuration
Operating System Installation/Upgrades
Automated Back Up Systems
Virus Protection / Firewall Protection / Spyware Removal
Virus Removal and Repair
Disaster Recovery Prevention
Firewall Configurations
Privacy and Security Analysis
Spyware Removal, Prevention and Education
Home / Office Network Installation & Repair
Wired / Wireless Networks
File and Printer Sharing
Windows 2000 / Windows 2003 Server
Remote Monitoring / Maintenance


Phone Number: (510) 604-3811 / (925) 516-4054

Support Email:

MA4 Computer Services     
On-Site Computer Support

1155-C Arnold Drive. #217
Martinez, CA 94553-4108
Fax Number: 925.372.6507


We gladly accept
Solution Graphics


Sharon from Pleasant Hill, CA: Matsie was great and explained everything to me in terms I could understand.

Chris Siemens Business Services from Walnut Creek, CA: Fantastic response, great communications, look forward to working again.

Lexi CompUSA, Inc. Fairfield, CA: Tech was very knowledgeable!

Michael World Savings Lafayette, CA: Thanks for the great work!

Kathy from Walnut Creek, CA: Matsie is very professional and personable. He resolved our issues exactly as planned. He has just the right mix of professionalism and friendliness.

Lin from Antioch, CA: I'm so happy to have found you!  THANK YOU soooooo much for everything you helped me with.  I am very impressed with your skill & professionalism. 

San Francisco East Bay locations we serve:
Alamo, Antioch, Benicia, Brentwood, Clayton, Concord, Danville, Dublin, Fairfield, Lafayette,
Martinez, Pacheco, Pleasant Hill, Pleasanton, Orinda, Oakley, San Ramon, San Francisco,
Walnut Creek, Vacaville, Vallejo

On-Site Computer Repair, On-Site Computer Services, Computer Repair , Computer Services, Computer Repair Services, Bay Area Computer Services Repair On-Site Computer Repair



Download free evaluation software Panda Titanium 2006 Antivirus + Antispyware


  Main Backup Security Virus Information Pricing Testimonials Purchase Computers Remote Support Contact Us Blog