Beware Vcodec

Wondering how people get to these bogus security sites and download junk like SpyAxe?

Patrick Jordan and Adam Thomas on SunBelt spyware research team have been investigating Vcodec.com. This is a site that has a program called “VCodec v3.05b is new generation multimedia compressor/decompressor which registers into the Windows collection of multimedia drivers…”
This is bogus video utility. The file, VideoCodec3_05b, is a trojan which then starts the scam about “Your computer is infected!”.

I ran this through VirusTotal and here are the results (“No virus found” means the scanner did not detect the file as a trojan):

—————————————————————————————————

This is a report processed by VirusTotal on 12/14/2005 at 23:23:24 (CET) after scanning the file “VideoCodec3_05b.exe” file.

Antivirus Version Update Result
Kaspersky 4.0.2.24 12.14.2005 Trojan-Downloader.Win32.Zlob.cu
NOD32v2 1.1322 12.14.2005 probably a variant of Win32/TrojanDropper.Small.NCU
CAT-QuickHeal 8 12.13.2005 (Suspicious) – DNAScan
AntiVir 6.33.0.61 12.14.2005 no virus found
Avast 4.6.695.0 12.14.2005 no virus found
AVG 718 12.14.2005 no virus found
Avira 6.33.0.61 12.14.2005 no virus found
BitDefender 7.2 12.14.2005 no virus found
ClamAV devel-20051108 12.12.2005 no virus found
DrWeb 4.33 12.14.2005 no virus found
eTrust-Iris 7.1.194.0 12.14.2005 no virus found
eTrust-Vet 12.3.3.0 12.14.2005 no virus found
Fortinet 2.54.0.0 12.14.2005 no virus found
F-Prot 3.16c 12.13.2005 no virus found
Ikarus 0.2.59.0 12.14.2005 no virus found
McAfee 4650 12.14.2005 no virus found
Norman 5.70.10 12.14.2005 no virus found
Panda 8.02.00 12.14.2005 no virus found
Sophos 4.00.0 12.14.2005 no virus found
Symantec 8 12.14.2005 no virus found
TheHacker 5.9.1.055 12.14.2005 no virus found
VBA32 3.10.5 12.14.2005 no virus found

—————————————————————————————————

So,only Kaspersky (no surprise), NOD32 and CAT-QuickHeal are catching it.

Now available how to remove Vcodec trojan

by sunbeltblog