NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove MediaUpdate. Description and removal instructions

 
Title: MediaUpdate
Type: Browser Hijackers
Severity scale:MediaUpdate severity is 34  (34 / 100)
 
MediaUpdate is a browser hijacker that monitors user Internet activity and redirects Internet Explorer to advertising web resources. The threat can silently update itself via the Internet. MediaUpdate is bundled with some ad-supported programs. It can also be installed while visiting some insecure web sites. The parasite runs on every Windows startup.


FORUM:
Discuss MediaUpdate in
spyware removal forum

MediaUpdate properties:
• Changes browser settings
• Connects itself to the internet
• Hides from the user
• Stays resident in background

Automatic MediaUpdate removal:

remover for MediaUpdate

MediaUpdate manual removal:

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SafeSurfingUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UpdateMedia
HKEY_LOCAL_MACHINE\SOFTWARE\Invictus
HKEY_LOCAL_MACHINE\SOFTWARE\SafeSurfing
HKEY_CLASSES_ROOT\CLSID\{B8C0220D-763D-49A4-95F4-61DFDEC66EE6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8C0220D-763D-49A4-95F4-61DFDEC66EE6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8E25C53-9508-4F5C-9249-D98D438891D5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8C0220D-763D-49A4-95F4-61DFDEC66EE6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D8E25C53-9508-4F5C-9249-D98D438891D5}
HELP:
how to remove registry entries

Unregister DLLs:
medup[XVS].dll, ssurf[XVS].dll
HELP:
how to unregister malicious DLLs

Delete files:
medup[XVS].dll, ssurf[XVS].dll
HELP:
how to remove harmful files

Delete directories:
C:\Program Files\MediaUpdate
Misc:
[XVS] is the version number.

Listed MediaUpdate files can be located in C:\Windows\System, C:\Windows\System32 or C:\Winnt\System32 folder.

Other programs to remove MediaUpdate:

• SUPERAntiSpyware - Review - Download
• CounterSpy - Review - Download
• Windows Defender - Review - Download

Information added: 19/03/04
Information updated: 24/09/05

Additional resources related to MediaUpdate:

Attention: If you know or you have a website or page about MediaUpdate removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about MediaUpdate parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:


Comments from visitors:

1. by Robbie. 2004-03-02 23:10:34
Can silently download and execute arbitrary code from its controlling server, as a self-updating feature.
Related news:
Similar parasites:
Related articles:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.