Word is spreading about a rumored WinMX trojan, so I thought I would take some time and clarify what it’s all about.
Early reports indicate the file must be downloaded from a host (fellow p2p user), then executed. Once the programs executes succesfully it searches your hard drive for every important text file (.dll, .log, .txt, etc..), converts the found files extension to ‘.avi’ and shares the files in a directory on your computer. The trojan also adds itself to the registry and researches your hard drive every 10 seconds.
I’ve heard speculation that the trojan sends the infected users WinMX username to the creators WinMX Hotlist, making it easy for him to download these files. But I have a hard time believing this, and there is no concrete proof. So beware and update your virus software if you think you are infected.
Now the important part to remember is that you must run this program (.exe, .scr) to infect yourself. You will not infect your computer by mearly downloading the file.
Also: When you are using ANY p2p program, downloaded with discression. Don’t just start clicking on everything you see.
