Reboot and here’s what your desktop looks like after installing one of these.
All trojans — fake zlob media codecs.
The main page will show an error; as is standard practice these days, the binaries are actually downloaded from a subdirectory (usually something like /download(dot)php?id=4082).
Detection by all engines is very poor on these (Sunbelt Sandbox report on zsvcompany here, VT results here). We will have detections out shortly.