virus

A new threat named "Warezov Trojan horse" has hit the leading VOIP service provider Skype, the target Skype user receives a message stating "Check up this" and a link to the infected file "file_01.exe" with the Trojan payload, once a user is fooled into downloading this malicious file more files are downloaded automatically and installed. The infected computer now acts as the propagator and all their contacts are sent the same message to spread the Trojan.

Recently Torrent sites are getting spammed by malicious torrent uploads disguised as new movie releases, torrent users are reporting that they have downloaded various videos mostly claiming to be new movie releases or TV shows only to be confronted with a short video which advises them to download a new media player called 3wPlayer to view the rest of file. The few second clip show the Url to download this malware media player 3wPlayer.

The player installs a form of CIDHELP malware which is very hard to get rid of, The only solution to this problem is to make the user aware of this kind of tactic and reporting any such torrent to the torrent website for removal.

UPDATE:

Download & use this 3wplayer and similar video malware Auto-Fixer for windows to decode files (Special Direct Rapidshare Premium Link ~ 590 KB) >>

USAGE: decoder.exe 3wPlayerencodedfilename.avi outputfilename.avi

To decrypt the underlying video data you can the following perl script.