Threat Database Malware Web-MediaPlayer


By Sumo3000 in Malware

Web-MediaPlayer is a bogus media player that is distributed at the website. Free media players are among some of the most common applications that inexperienced computer users will search for online. Criminals often take advantage of this by creating fake media applications designed to infect their victims with malware. This will usually happen in one of two ways: either the media application itself is actually a malware delivery system, or the malware will be delivered by the online player disguised as a bogus video codec. Web-MediaPlayer itself is designed to spy on your online activity and download and install malicious software onto your computer. While retaining some very basic media player capabilities, Web-MediaPlayer actually wreaks havoc on your computer system. ESG security researchers have analyzed the Web-MediaPlayer installation process and have detected several dangerous Windows Registry modifications that a normal media player should have no business doing. Web-MediaPlayer messes with your email settings, with the way your computer goes online, and at the same time changes your security settings so that your computer system becomes vulnerable to a malware infection. Because of this, ESG security researchers strongly recommend staying away from Web-MediaPlayer or from its associated website. If you have had any contact with Web-MediaPlayer or its website, it is almost certain that your computer system has become infected with malware. ESG security researchers recommend using a reliable anti-virus to scan your computer system, detect any Web-MediaPlayer-related malware and remove Web-MediaPlayer from your computer immediately.

Web-MediaPlayer Gives other Malware a Helping Hand into Your Computer

By their very nature, Trojans are not able to spread on their own. Unlike a worm (which can spread over a network from computer to computer) or a virus (which can corrupt files and spread from one computer to another through an infected file), a Trojan requires help from another malware infection or from the user himself in order to make its way into the victim's computer system. A Trojan requires the victim to open the doors and let it in so that it can deliver its dangerous payload. This is where applications like Web-MediaPlayer come into play. Social engineering attacks are the most common Trojan delivery method. This is simply another word for using deception to trick a computer user into downloading either a Trojan or a malicious application (like Web-MediaPlayer) designed to install a Trojan onto the victim's computer system.

File System Details

Web-MediaPlayer may create the following file(s):
# File Name Detections
1. WebMediaPlayer.exe

Registry Details

Web-MediaPlayer may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Identities\{43AECEA6-69DE-474B-AC86-21D837FC310A}\Software\Microsoft\Outlook Express\5.0\News
HKEY_CURRENT_USER\Identities\{43AECEA6-69DE-474B-AC86-21D837FC310A}\Software\Microsoft\Outlook Express\5.0\Mail
HKEY_CURRENT_USER\Identities\{43AECEA6-69DE-474B-AC86-21D837FC310A}\Software\Microsoft\Outlook Express\5.0\Trident
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\[RANDOM CHARACTERS]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\?"?[RANDOM CHARACTERS]?"? = ?"?c:\documents and settings\administrator\local settings\application data\[RANDOM CHARACTERS].exe?"?
HKEY_CURRENT_USER\Identities\{43AECEA6-69DE-474B-AC86-21D837FC310A}\Software\Microsoft\Outlook Express\5.0\Rules


Most Viewed