Emcodec
 | The topic of this article may not meet Wikipedia's general notability guideline. (April 2024) |
| Common name | Codec |
|---|---|
| Technical name |
|
Trojan.Emcodec.E is a trojan horse that is mis-represented as an audio and video codec for Windows-based PCs. It exists in various variants with names such as Media Codec, Ecodec, Imediacodec, IntCodec, Pcodec, SVideocodec, Video iCodec, QualityCodec, Vcodec, Zip Codec, zCodec, ZCODEC[1] and began to be widely used in spring 2005.
When visiting certain web sites, in particular pornographic sites, and attempting to view a video file on the site, the user will be directed to download this software, purportedly in order to allow viewing of the video. Furthermore, a number of websites have been set up to mis-represent this malware as a legitimate codec, inviting the users to download the software, allegedly to allow for the playback of certain audio/video which claims to use the so-called codec.
Once executed, the trojan copies a program into the Program Files folder, changes some registry keys and displays a fake EULA for the supposed codec.[2]
zCodec reportedly changes the machine's DNS settings, monitors the user's browsing and acts as adware.[3]
Some versions of the trojan install malware called Zlob, which in turn may lead to the installation of malicious and fake "security programs" such as SpywareQuake, SpyFalcon, WinFixer or other malware; some variants also install a backdoor into the infected computer.[4]
References[edit]
- ^ "Threat Display". research.sunbelt-software.com. Archived from the original on 2007-09-27. Retrieved 2006-09-18.
- ^ "Trojan.Emcodec.E - Symantec". Symantec. Archived from the original on March 28, 2007.
- ^ Techworld report on zCodec, 4 September 2006
- ^ "Trojan-Downloader.Zlob.Media-Codec (fs) Information and Removal". research.sunbelt-software.com. Archived from the original on 2021-04-20. Retrieved 2006-09-18.
External links[edit]
- Removal tools