According to anti-virus vendor Panda Software, two new Trojan horses -- dubbed WmvDownloader.a and WmvDownloader.b -- have been planted in video files seeded to peer-to-peer file-sharing networks like eMule and KaZaA. The Trojans take advantage of the new anti-piracy features in Windows Media Player 10 and Windows XP SP2 to trick users, said Panda.
When a user tries to play a protected Windows media file, the anti-piracy technology demands a valid license; if that license is not stored locally, the player looks for it on the Internet so the user can download or purchase it.
However, these Trojans only "pretend to download the corresponding license from certain Web pages," said Panda in its online alert. "What they actually do is redirect the user to other Internet addresses from which they download a large number of adware, spyware, dialers, and other viruses."
Others, including Kaspersky Labs and Ben Edelman, a Harvard student and spyware researcher, have confirmed the effects of the two Trojans.
Edelman's test of one of the Trojans on a clean PC demonstrated its impact.
"I pressed 'Yes' once to allow the installation. My computer quickly became contaminated with the most spyware programs I have ever received in a single sitting...all told, the infection added 58 folders, 786 files, and an incredible 11,915 registry entries to my computer."