Trojan.Emcodec.E
Encyclopedia
Trojan.Emcodec.E is a trojan horse
that is mis-represented as an audio
and video codec
for Windows
-based PCs
. It exists in various variants with names such as Media Codec, Ecodec, Imediacodec, IntCodec, Pcodec, SVideocodec, Video iCodec, QualityCodec, Vcodec, Zip Codec, zCodec, ZCODEC and began to be widely used in spring 2005.
When visiting certain web sites, in particular pornographic sites, and attempting to view a video file on the site, the user will be directed to download this software, purportedly in order to allow viewing of the video. Furthermore, a number of websites have been set up to mis-represent this malware
as a legitimate codec, inviting the users to download the software, allegedly to allow for the playback of certain audio/video which claims to use the so-called codec.
Once executed, the trojan copies a program into the Program Files folder, changes some registry keys
and displays a fake EULA for the supposed codec.
zCodec reportedly changes the machine's DNS
settings, monitors the user's browsing and acts as adware
.
Some versions of the trojan install malware called Zlob
, which in turn may lead to the installation of malicious and fake "security programs" such as SpywareQuake
, SpyFalcon, WinFixer
or other malware; some variants also install a backdoor into the infected computer.
Trojan horse (computing)
A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but steals information or harms the system. The term is derived from the Trojan Horse story in Greek mythology.-Malware:A destructive program that masquerades as a benign...
that is mis-represented as an audio
Sound
Sound is a mechanical wave that is an oscillation of pressure transmitted through a solid, liquid, or gas, composed of frequencies within the range of hearing and of a level sufficiently strong to be heard, or the sensation stimulated in organs of hearing by such vibrations.-Propagation of...
and video codec
Video codec
A video codec is a device or software that enables video compression and/or decompression for digital video. The compression usually employs lossy data compression. Historically, video was stored as an analog signal on magnetic tape...
for Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
-based PCs
Personal computer
A personal computer is any general-purpose computer whose size, capabilities, and original sales price make it useful for individuals, and which is intended to be operated directly by an end-user with no intervening computer operator...
. It exists in various variants with names such as Media Codec, Ecodec, Imediacodec, IntCodec, Pcodec, SVideocodec, Video iCodec, QualityCodec, Vcodec, Zip Codec, zCodec, ZCODEC and began to be widely used in spring 2005.
When visiting certain web sites, in particular pornographic sites, and attempting to view a video file on the site, the user will be directed to download this software, purportedly in order to allow viewing of the video. Furthermore, a number of websites have been set up to mis-represent this malware
Malware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
as a legitimate codec, inviting the users to download the software, allegedly to allow for the playback of certain audio/video which claims to use the so-called codec.
Once executed, the trojan copies a program into the Program Files folder, changes some registry keys
Windows registry
The Windows Registry is a hierarchical database that stores configuration settings and options on Microsoft Windows operating systems. It contains settings for low-level operating system components as well as the applications running on the platform: the kernel, device drivers, services, SAM, user...
and displays a fake EULA for the supposed codec.
zCodec reportedly changes the machine's DNS
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
settings, monitors the user's browsing and acts as adware
Adware
Adware, or advertising-supported software, is any software package which automatically plays, displays, or downloads advertisements to a computer. These advertisements can be in the form of a pop-up. They may also be in the user interface of the software or on a screen presented to the user during...
.
Some versions of the trojan install malware called Zlob
Zlob trojan
The Zlob Trojan, identified by some antiviruses as Trojan.Zlob, is a trojan horse which masquerades as a needed video codec in the form of ActiveX...
, which in turn may lead to the installation of malicious and fake "security programs" such as SpywareQuake
SpywareQuake
SpywareQuake is a fake anti-malware program for Microsoft Windows. It is commonly installed by Trojan Horse programs, but can be manually installed.-Latest Update:...
, SpyFalcon, WinFixer
WinFixer
WinFixerAlso known under various other names including: WinAntiVirusPro, ErrorSafe, SystemDoctor, WinAntiSpyware, AVSystemCare, WinAntiSpy, Windows Police Pro, Performance Optimizer, StorageProtector, PrivacyProtector, WinReanimator, DriveCleaner, WinspywareProtect, PCTurboPro, FreePCSecure,...
or other malware; some variants also install a backdoor into the infected computer.
External links
- Removal tools: