Free PC Security

PC Security,Free Firewall, Free Security, Free Utilities, Free Programs and Free Advice. If this is helpful please comment, got a question? Please ask.

« Remove Crapware From Your PC
Save XP or Death of XP? »

P2P Networks Infected With Downloader-UA.h Trojan

Posted by cotojo on May 9, 2008

Half a million computers have been infected with Downloader-UA.h trojan since the beginning of May which has prompted McAfee to declare the latest Trojan threat the most significant malware threat since 2005. This has also been verified by other anti-virus vendors as a security risk.

It consists of a malicious MPEG or MP3 file which has been propagated through P2P networking sites and has inflicted major damage.

It uses different file sizes, different languages and different formats to fool individuals into running the software, and any attempt to play the file will result in ads being served to the infected computer.

File sizes vary as do the file names. Here are some of the samples file names:

preview-t-3545425-changing times earth wind .mp3
preview-t-3545425-girls aloud st trinnians.mp3
preview-t-3545425-heartbroken fast t2 ft jodie.mp3
t-3545425-dx vs randi orton 2007.mpg
t-3545425-para sayo freestyle.mp3
t-3545425-peanut butter jelly amende.mp3
t-3545425-stare at sun thrice.mp3

Any user attempting to load one of these MP3 and MPG files will not get the music/video they were hoping for, but get directed to download a file named PLAY_MP3.exe

If users agree to download and run PLAY_MP3.exe an End User License Agreement is displayed (EULA). Users accepting the terms of the EULA will have ‘FBrowsingAdvisor’ and ‘SurfingEnhancer’ installed as well as PlayMP3.exe which is a browser control

Download and install these two free programs:

Ad-Aware 2008 7.1.0.4 beta

a-squared Free

Turn off system restore - right click My Computer and select Properties, click the System restore Tab and tick the checkbox ‘Turn off System Restore on all drives’.

Reboot into Safe mode - keep tapping the F8 key and using the up and down arrows highlight Safe Mode then press ‘Enter’.

Run the two applications as well as any other anti-spyware, anti-trojan or anti-virus software you may have.

Empty the virus vaults and recycle bin. Restart in normal mode. Turn System Restore back on.

AddThis Social Bookmark Button

Add to Technorati Favorites

Join My Community at MyBloglog!

© Free PC Security 2008
Technorati Tags: , , , , ,

This entry was posted on May 9, 2008 at 12:46 am and is filed under Downloader-UA.h trojan, Free Tools, Security, trojans. Tagged: , , , , , , , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “P2P Networks Infected With Downloader-UA.h Trojan”

  1. Tammy Says:
    May 9, 2008 at 6:05 pm

    I’m going to try this now. It was Nickelback Phototgraph that did it to me off of Limewire.

  2. cotojo Says:
    May 9, 2008 at 7:12 pm

    Tammy - It should work as long as you follow the instructions and also run any other anti-virus and other anti-malware programs that you have.
    Limewire is one of the main ones for spreading this trojan, so in future don’t download any exe files or those that prompt for installation, if you do, do NOT run them simply delete them.
    Colin

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

« Remove Crapware From Your PC
Save XP or Death of XP? »