Tuesday, February 3, 2009

NewMediaCodec Trojan

How To Remove NewMediaCodec?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
NewMediaCodec is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
NewMediaCodec It also known as:

[Other]Trojan.Emcodec,Trojan-Downloader.Win32.Agent.bjc

NewMediaCodec Symptoms:

Files:
[%DESKTOP%]\Error Cleaner.url
[%DESKTOP%]\Privacy Protector.url
[%DESKTOP%]\Spyware&Malware Protection.url
[%FAVORITES%]\Error Cleaner.url
[%FAVORITES%]\Privacy Protector.url
[%FAVORITES%]\Spyware&Malware Protection.url
[%PROFILE_TEMP%]\serverhost.exe
[%PROFILE_TEMP%]\serversyn.exe
[%WINDOWS%]\ddesupport.dll
[%WINDOWS%]\mgrs.exe
[%WINDOWS%]\msdde.dll
[%WINDOWS%]\msole.dll
[%WINDOWS%]\nsduo.dll
[%WINDOWS%]\nsduo.VVdll
[%DESKTOP%]\Error Cleaner.url
[%DESKTOP%]\Privacy Protector.url
[%DESKTOP%]\Spyware&Malware Protection.url
[%PROFILE_TEMP%]\mslogger.exe
[%PROFILE_TEMP%]\msmss.exe
[%WINDOWS%]\mslog.exe
[%DESKTOP%]\Error Cleaner.url
[%DESKTOP%]\Privacy Protector.url
[%DESKTOP%]\Spyware&Malware Protection.url
[%FAVORITES%]\Error Cleaner.url
[%FAVORITES%]\Privacy Protector.url
[%FAVORITES%]\Spyware&Malware Protection.url
[%PROFILE_TEMP%]\serverhost.exe
[%PROFILE_TEMP%]\serversyn.exe
[%WINDOWS%]\ddesupport.dll
[%WINDOWS%]\mgrs.exe
[%WINDOWS%]\msdde.dll
[%WINDOWS%]\msole.dll
[%WINDOWS%]\nsduo.dll
[%WINDOWS%]\nsduo.VVdll
[%DESKTOP%]\Error Cleaner.url
[%DESKTOP%]\Privacy Protector.url
[%DESKTOP%]\Spyware&Malware Protection.url
[%PROFILE_TEMP%]\mslogger.exe
[%PROFILE_TEMP%]\msmss.exe
[%WINDOWS%]\mslog.exe

Folders:
[%PROGRAM_FILES%]\NewMediaCodec
[%WINDOWS%]\privacy_danger

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{150ea8e7-a97c-4816-ad02-4865eef8c5ff}
HKEY_CLASSES_ROOT\CLSID\{49CF52D7-8D58-4E22-A874-AAD721F5B523}
HKEY_CLASSES_ROOT\CLSID\{88418AA3-16F5-4FC2-A9D8-90B1266DF841}
HKEY_CLASSES_ROOT\clsid\{baba5bdb-4eff-48db-b443-679651d37128}
HKEY_CLASSES_ROOT\interface\{b6a3935f-8fe4-49a4-b987-a1c09e53589f}
HKEY_CLASSES_ROOT\interface\{ef94a58f-599b-4602-9c34-99683c5859b1}
HKEY_CLASSES_ROOT\msvps.msvpsapp
HKEY_CLASSES_ROOT\newmediacodec.videosupport
HKEY_CLASSES_ROOT\typelib\{cdc0999c-999c-4ee1-875b-5c3542641768}
HKEY_LOCAL_MACHINE\software\microsoft\videoextension
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49CF52D7-8D58-4E22-A874-AAD721F5B523}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88418AA3-16F5-4FC2-A9D8-90B1266DF841}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewMediaCodec
HKEY_CLASSES_ROOT\clsid\{0d1bf8de-58dd-4a25-b50d-14c25d123547}
HKEY_CLASSES_ROOT\clsid\{1dd312cb-6c89-41af-b930-2d01662e83e7}
HKEY_CLASSES_ROOT\clsid\{3b89fee6-392b-41d4-8442-d814f016b932}
HKEY_CLASSES_ROOT\clsid\{49cf52d7-8d58-4e22-a874-aad721f5b523}
HKEY_CLASSES_ROOT\clsid\{88418aa3-16f5-4fc2-a9d8-90b1266df841}
HKEY_CLASSES_ROOT\clsid\{cc4daeb6-2aab-41eb-8b5e-adad9180081f}
HKEY_CLASSES_ROOT\clsid\{f4cf814f-970f-405d-a42c-0ce06eb97373}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{49cf52d7-8d58-4e22-a874-aad721f5b523}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{88418aa3-16f5-4fc2-a9d8-90b1266df841}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f4cf814f-970f-405d-a42c-0ce06eb97373}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\newmediacodec

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\msdns
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\msdns
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\msdns
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\msdns
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\winsp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\winsp

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
DarkSky.Server Trojan Removal instruction
Win32.Mitglieder Trojan Removal instruction
Watch.Right Spyware Removal
Pigeon.AVGK Trojan Removal

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)