Multi-License Discount Quote

Change Region

English
Threat Database Adware Media Viewer

Media Viewer

By GoldSparrow in Adware

Threat Scorecard

Popularity Rank: 20,359
Threat Level: 20 % (Normal)
Infected Computers: 4,836
First Seen: March 5, 2014
Last Seen: January 22, 2026
OS(es) Affected: Windows

Media Viewer Image

Media Viewer is adware that may compromise online searches of the PC user by replacing search results in any well-known search engine with sponsored links forcibly redirecting the computer user to questionable websites that may be commercial. Media Viewer may insert a potentially unwanted add-on, plug-in or extension in Internet Explorer, Mozilla Firefox, and Google Chrome Web browsers when computer users install various free applications from suspicious download websites on the Internet. When computer users install any free programs from questionable download websites, they may also install Media Viewer on their PCs. Once installed, Media Viewer may take over and change an online search box in any genuine search provider and replace it with its own. Media Viewer may display intrusive pop-up advertisements and messages, and unwillingly reroute PC users to unknown websites created to possibly earn money from increased web traffic and ad clicks.
Media Viewer Image 2Media Viewer Image 3Media Viewer Image 4Media Viewer Image 5Media Viewer Image 6Media Viewer Image 7Media Viewer Image 8Media Viewer Image 9Media Viewer Image 10

SpyHunter Detects & Remove Media Viewer

File System Details

Media Viewer may create the following file(s):
Expand All | Collapse All
# File Name MD5 Detections
1. MediaViewerV1alpha5483Installer.exe 03a0699dc4d82fa200a7e0658ac97654 1

Registry Details

Media Viewer may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
SOFTWARE\MediaViewerV1
Software\Microsoft\Internet Explorer\Approved Extensions\{e92f9daa-428d-41e9-9505-913fb598fa87}
SOFTWARE\Mozilla\Firefox\Extensions\ext@MediaViewerV1alpha5483.net
SOFTWARE\Wow6432Node\MediaViewerV1
SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\ext@MediaViewerV1alpha5483.net

Directories

Media Viewer may create the following directory or directories:

%PROGRAMFILES%\MediaViewerV1
%PROGRAMFILES(X86)%\MediaViewerV1

Analysis Report

General information

Family Name: Adware.MediaViewer Ads
Signature status: No Signature

Known Samples

MD5: c9ae246e6e9e89540b1dc533e25888b4
SHA1: ce316f40c2188d526b6ceaec23b6637ff38113b1
SHA256: 9358F4A70AE2A2FD491D27166B6FACAD2ED6387116E46D52F56FF76997C26DF6
File Size: 647.88 KB, 647884 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name Media View
File Version 1.1
Product Name Media View alpha 1882
Product Version 1.1

File Traits

  • Installer Manifest
  • nosig nsis
  • x86

Files Modified

File Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ch\mediaviewv1alpha1882.crx Generic Write,Read Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ch\mediaviewv1alpha1882.crx Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome.manifest Generic Write,Read Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome.manifest Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\ffmediaviewv1alpha1882.js Generic Write,Read Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\ffmediaviewv1alpha1882.js Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\ffmediaviewv1alpha1882ffaction.js Generic Write,Read Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\ffmediaviewv1alpha1882ffaction.js Synchronize,Write Attributes
Show More
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\icons Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\icons\default Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\icons\default\mediaviewv1alpha1882_32.png Generic Write,Read Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\icons\default\mediaviewv1alpha1882_32.png Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\icons\thumbs.db Generic Write,Read Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\icons\thumbs.db Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\overlay.xul Generic Write,Read Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\chrome\content\overlay.xul Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\install.rdf Generic Write,Read Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ff\install.rdf Synchronize,Write Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\ie\mediaviewv1alpha1882.dll Generic Write,Read Attributes
c:\program files (x86)\mediaviewv1\mediaviewv1alpha1882\uninstall.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\aminsis.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nslbcfd.tmp\aminsis.dll Generic Write,Read Attributes

Registry Modifications

Key::Value Data API Name
HKLM\software\wow6432node\microsoft\windows\currentversion\explorer\browser helper objects\{f9f543fe-c63c-41de-967c-19175a159e45}:: MediaViewV1alpha1882 RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\explorer\browser helper objects\{f9f543fe-c63c-41de-967c-19175a159e45}::noexplorer  RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{f9f543fe-c63c-41de-967c-19175a159e45}:: MediaViewV1alpha1882 RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{f9f543fe-c63c-41de-967c-19175a159e45}\inprocserver32:: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1882\ie\MediaViewV1alpha1882.dll RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{f9f543fe-c63c-41de-967c-19175a159e45}\inprocserver32::threadingmodel Apartment RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{f9f543fe-c63c-41de-967c-19175a159e45}\typelib:: {49f3071d-a55f-46ed-bd3c-b8b9f99cc0c4} RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{f9f543fe-c63c-41de-967c-19175a159e45}\version:: 1.1 RegNtPreCreateKey
HKLM\software\classes\typelib\{49f3071d-a55f-46ed-bd3c-b8b9f99cc0c4}\1.1:: MediaViewV1alpha1882Lib RegNtPreCreateKey
HKLM\software\classes\typelib\{49f3071d-a55f-46ed-bd3c-b8b9f99cc0c4}\1.1\flags:: 0 RegNtPreCreateKey
HKLM\software\classes\typelib\{49f3071d-a55f-46ed-bd3c-b8b9f99cc0c4}\1.1\0\win32:: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1882\ie\MediaViewV1alpha1882.dll RegNtPreCreateKey
Show More
HKLM\software\classes\typelib\{49f3071d-a55f-46ed-bd3c-b8b9f99cc0c4}\1.1\helpdir:: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1882\ie RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{4f3fc949-76e7-4a59-861b-db19e383cc3c}:: IMediaViewV1alpha1882BHO RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{4f3fc949-76e7-4a59-861b-db19e383cc3c}\proxystubclsid32:: {00020424-0000-0000-C000-000000000046} RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{4f3fc949-76e7-4a59-861b-db19e383cc3c}\typelib:: {49F3071D-A55F-46ED-BD3C-B8B9F99CC0C4} RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{4f3fc949-76e7-4a59-861b-db19e383cc3c}\typelib::version 1.1 RegNtPreCreateKey
HKLM\software\classes\interface\{4f3fc949-76e7-4a59-861b-db19e383cc3c}:: IMediaViewV1alpha1882BHO RegNtPreCreateKey
HKLM\software\classes\interface\{4f3fc949-76e7-4a59-861b-db19e383cc3c}\proxystubclsid32:: {00020424-0000-0000-C000-000000000046} RegNtPreCreateKey
HKLM\software\classes\interface\{4f3fc949-76e7-4a59-861b-db19e383cc3c}\typelib:: {49F3071D-A55F-46ED-BD3C-B8B9F99CC0C4} RegNtPreCreateKey
HKLM\software\classes\interface\{4f3fc949-76e7-4a59-861b-db19e383cc3c}\typelib::version 1.1 RegNtPreCreateKey
HKLM\software\wow6432node\mediaviewv1alpha1882\components::ie 1 RegNtPreCreateKey
HKLM\software\wow6432node\google\chrome\extensions\oclaikekpiejoapgkglknhjhfngfgkpo::path C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1882\ch\MediaViewV1alpha1882.crx RegNtPreCreateKey
HKLM\software\wow6432node\google\chrome\extensions\oclaikekpiejoapgkglknhjhfngfgkpo::version 1.1 RegNtPreCreateKey
HKLM\software\wow6432node\mediaviewv1alpha1882\components::ch 1 RegNtPreCreateKey
HKLM\software\wow6432node\mozilla\firefox\extensions::ext@mediaviewv1alpha1882.net C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1882\ff RegNtPreCreateKey
HKLM\software\wow6432node\mediaviewv1alpha1882\components::ff 1 RegNtPreCreateKey
HKLM\software\wow6432node\mediaviewv1\media view::installed 1 RegNtPreCreateKey
HKLM\software\wow6432node\mediaviewv1alpha1882::path C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1882 RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediaviewv1alpha1882::displayname Media View RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediaviewv1alpha1882::displayversion 1.1 RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediaviewv1alpha1882::publisher Media View RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediaviewv1alpha1882::urlinfoabout RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediaviewv1alpha1882::displayicon C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1882\uninstall.exe RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediaviewv1alpha1882::uninstallstring C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1882\uninstall.exe RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediaviewv1alpha1882::nomodify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediaviewv1alpha1882::norepair  RegNtPreCreateKey
HKCU\software\microsoft\internet explorer\approved extensions::{f9f543fe-c63c-41de-967c-19175a159e45} 晑決ᵌᬻ廮阂ҷ炈坓坛嫙 RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{f9f543fe-c63c-41de-967c-19175a159e45}:: Media View RegNtPreCreateKey
HKCU\software\microsoft\internet explorer\approved extensions::{f9f543fe-c63c-41de-967c-19175a159e45} 晑決ᵌᬻ廮阂ҷ炈坓坛嫙 RegNtPreCreateKey

Windows API Usage

Category API
Process Manipulation Evasion
  • NtUnmapViewOfSection
Process Shell Execute
  • CreateProcess

Shell Command Execution

regsvr32 "C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1882\ie\MediaViewV1alpha1882.dll" /s
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NULL)

Related Posts

Trending

Most Viewed

Loading...