There are two iPods in my family, and we get our music from Apple’s iTunes Store. I have resisted the call of free music from those Peer to Peer (P2P) networks, partly out of concern for viruses and other malware. Sure enough, security company McAfee recently reported that up to half a million of its subscribers were infected with a Trojan disguised as an MP3 file.

The malware was mostly picked up from file-sharing sites such as eDonkey and (as of this writing, the eDonkey site is not available). A Trojan, generally speaking, is a program which you expect to perform a certain action, but which actually does something else entirely, usually malicious – remember your Greek mythology!

This latest Trojan is known as Downloader-UA.h, and can have many different file names. The MP3 or media file containing the malware is worthless, and has no music or video. When you try to play it, the file PLAY_MP3.exe is downloaded to your computer.

If you try to run or install it, you will be greeted with a long, tiresome End User License Agreement (EULA). When you read it (and most people don’t, unfortunately), you will see a line saying that Third Party Software will/may be installed.

Any time you see that in an , it is time to head for the exits quick, and delete the whole mess. But note that some versions of this malicious file contain no EULA at all. Once infected, your computer will throw ads at you. The Trojan also instructs some media players to go to a certain URL, often fastmp3player.com, which appears to be the actual adware installer.

If you have fallen victim to this type of malware, your security programs should now be able to clean it right up. Update your antivirus and antispyware programs, and then run them all, one at a time of course. If problems persist, reboot Windows into Safe Mode, and run all the scans again. Safe Mode is Windows in its bare bones, minimalist state, so it will look odd. But it therefore leaves malware more vulnerable to attack and cleaning. Having trouble getting into Safe Mode in Windows XP? Read my blog post here: http://mypcsecurityblog.com/featured/safe-mode-revisited

Ultimately, where you get your music from is up to you. At least, be aware of the dangers free music can bring you.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online. He has been keeping Internet surfers safe and secure since the last century. Find out how he does it; protect your own computer with five layers of protection right here: = > http://MyPCSecuritySite.com

You may include these Tips in your Web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and Web site. You can also get a direct URL to this post. Click the title, then copy the URL in the browser address bar.

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!