NewMediaCodec Trojan

NewMediaCodec virus description
Technical details:
Categories: Trojan
NewMediaCodec Aliases:
[Other]Trojan.Emcodec,Trojan-Downloader.Win32.Agent.bjc

NewMediaCodec Folders:
[%PROGRAM_FILES%]\NewMediaCodec
[%WINDOWS%]\privacy_danger

NewMediaCodec Files:
[%DESKTOP%]\Error Cleaner.url
[%DESKTOP%]\Privacy Protector.url
[%DESKTOP%]\Spyware&Malware Protection.url
[%FAVORITES%]\Error Cleaner.url
[%FAVORITES%]\Privacy Protector.url
[%FAVORITES%]\Spyware&Malware Protection.url
[%PROFILE_TEMP%]\serverhost.exe
[%PROFILE_TEMP%]\serversyn.exe
[%WINDOWS%]\ddesupport.dll
[%WINDOWS%]\mgrs.exe
[%WINDOWS%]\msdde.dll
[%WINDOWS%]\msole.dll
[%WINDOWS%]\nsduo.dll
[%WINDOWS%]\nsduo.VVdll
[%DESKTOP%]\Error Cleaner.url
[%DESKTOP%]\Privacy Protector.url
[%DESKTOP%]\Spyware&Malware Protection.url
[%PROFILE_TEMP%]\mslogger.exe
[%PROFILE_TEMP%]\msmss.exe
[%WINDOWS%]\mslog.exe
[%DESKTOP%]\Error Cleaner.url
[%DESKTOP%]\Privacy Protector.url
[%DESKTOP%]\Spyware&Malware Protection.url
[%FAVORITES%]\Error Cleaner.url
[%FAVORITES%]\Privacy Protector.url
[%FAVORITES%]\Spyware&Malware Protection.url
[%PROFILE_TEMP%]\serverhost.exe
[%PROFILE_TEMP%]\serversyn.exe
[%WINDOWS%]\ddesupport.dll
[%WINDOWS%]\mgrs.exe
[%WINDOWS%]\msdde.dll
[%WINDOWS%]\msole.dll
[%WINDOWS%]\nsduo.dll
[%WINDOWS%]\nsduo.VVdll
[%DESKTOP%]\Error Cleaner.url
[%DESKTOP%]\Privacy Protector.url
[%DESKTOP%]\Spyware&Malware Protection.url
[%PROFILE_TEMP%]\mslogger.exe
[%PROFILE_TEMP%]\msmss.exe
[%WINDOWS%]\mslog.exe

NewMediaCodec Registry Keys:
HKEY_CLASSES_ROOT\clsid\{150ea8e7-a97c-4816-ad02-4865eef8c5ff}
HKEY_CLASSES_ROOT\CLSID\{49CF52D7-8D58-4E22-A874-AAD721F5B523}
HKEY_CLASSES_ROOT\CLSID\{88418AA3-16F5-4FC2-A9D8-90B1266DF841}
HKEY_CLASSES_ROOT\clsid\{baba5bdb-4eff-48db-b443-679651d37128}
HKEY_CLASSES_ROOT\interface\{b6a3935f-8fe4-49a4-b987-a1c09e53589f}
HKEY_CLASSES_ROOT\interface\{ef94a58f-599b-4602-9c34-99683c5859b1}
HKEY_CLASSES_ROOT\msvps.msvpsapp
HKEY_CLASSES_ROOT\newmediacodec.videosupport
HKEY_CLASSES_ROOT\typelib\{cdc0999c-999c-4ee1-875b-5c3542641768}
HKEY_LOCAL_MACHINE\software\microsoft\videoextension
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49CF52D7-8D58-4E22-A874-AAD721F5B523}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88418AA3-16F5-4FC2-A9D8-90B1266DF841}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewMediaCodec
HKEY_CLASSES_ROOT\clsid\{0d1bf8de-58dd-4a25-b50d-14c25d123547}
HKEY_CLASSES_ROOT\clsid\{1dd312cb-6c89-41af-b930-2d01662e83e7}
HKEY_CLASSES_ROOT\clsid\{3b89fee6-392b-41d4-8442-d814f016b932}
HKEY_CLASSES_ROOT\clsid\{49cf52d7-8d58-4e22-a874-aad721f5b523}
HKEY_CLASSES_ROOT\clsid\{88418aa3-16f5-4fc2-a9d8-90b1266df841}
HKEY_CLASSES_ROOT\clsid\{cc4daeb6-2aab-41eb-8b5e-adad9180081f}
HKEY_CLASSES_ROOT\clsid\{f4cf814f-970f-405d-a42c-0ce06eb97373}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{49cf52d7-8d58-4e22-a874-aad721f5b523}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{88418aa3-16f5-4fc2-a9d8-90b1266df841}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f4cf814f-970f-405d-a42c-0ce06eb97373}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\newmediacodec

NewMediaCodec Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\msdns
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\msdns
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\msdns
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\msdns
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\winsp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\winsp

NewMediaCodec indications of infection

This symptoms of NewMediaCodec detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Kitten.Free.Sex Adware Cleaner
Remove Virtumonde.by Adware
JD.A Spyware Cleaner

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)