Rich Media View

By GoldSparrow in Potentially Unwanted Programs

Threat Scorecard

Popularity Rank:	12,314
Threat Level:	20 % (Normal)
Infected Computers:	12,408

First Seen:	May 16, 2014
Last Seen:	January 22, 2026
OS(es) Affected:	Windows

Rich Media View is a browser plug-in that may declare to enhance the online browsing activity by showing website content and ads associated with interests of a computer user. Rich Media View is categorized as adware or a potentially unwanted program (PUP). Rich Media View may propagate and enter the PC as an additional tool packaged with free programs. Upon installation on the Web browsers such as Internet Explorer, Google Chrome, and Mozilla Firefox, Rich Media View may create and show non-stop banner, pop-under, pop-up, and interstitial ads. Rich Media View may trace the PC user's online browsing activity by recording Internet service providers allocated to the device, IP addresses, web addresses of websites visited, anti-virus tools installed, and other data.

Table of Contents

Aliases

8 security vendors flagged this file as malicious.

Antivirus Vendor	Detection
AVG	Skodna.Generic_r.HW
AhnLab-V3	Adware/Win32.BetterSurf
McAfee-GW-Edition	Heuristic.BehavesLike.Win32.Suspicious.H
AntiVir	ADWARE/Adware.Gen
Comodo	Application.Win32.AdWare.BetterSurf.C
Sophos	BetterSurf
Kaspersky	not-a-virus:AdWare.Win32.BetterSurf.b
McAfee	Adware-BetterSurf

SpyHunter Detects & Remove Rich Media View

File System Details

Rich Media View may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	richmediaplayer.exe	4b3804a0b990f709ca35b612ae66872a	3,316
Name: richmediaplayer.exe MD5: 4b3804a0b990f709ca35b612ae66872a Size: 54.47 MB (54479128 bytes) Detections: 3,316 Type: Executable File Path: %LOCALAPPDATA% Group: Malware file Last Updated: March 7, 2023
2.	rmhelper.exe	59904d6482a7e497eedf988aa36f001a	3,045
Name: rmhelper.exe MD5: 59904d6482a7e497eedf988aa36f001a Size: 726.29 KB (726296 bytes) Detections: 3,045 Type: Executable File Path: C:\Users\<username>\AppData\Local\Rich Media Player\data\rmhelper.exe Group: Malware file Last Updated: April 8, 2023
3.	RichMediaViewV1release4004.dll	03aff03e5ee73519443645745ceff035	11
Name: RichMediaViewV1release4004.dll MD5: 03aff03e5ee73519443645745ceff035 Size: 87.55 KB (87552 bytes) Detections: 11 Type: Dynamic link library Path: %PROGRAMFILES%\RichMediaViewV1\RichMediaViewV1release4004\ie Group: Malware file Last Updated: June 13, 2014
4.	RichMediaViewV1release7051.dll	86125e747fb18236fcdb6a17122dd2c5	5
Name: RichMediaViewV1release7051.dll MD5: 86125e747fb18236fcdb6a17122dd2c5 Size: 87.55 KB (87552 bytes) Detections: 5 Type: Dynamic link library Path: %PROGRAMFILES%\RichMediaViewV1\RichMediaViewV1release7051\ie Group: Malware file Last Updated: June 13, 2014
5.	RichMediaViewV1release7527.dll	63b0292d4ca8c9d339fe89913b3290b4	4
Name: RichMediaViewV1release7527.dll MD5: 63b0292d4ca8c9d339fe89913b3290b4 Size: 87.55 KB (87552 bytes) Detections: 4 Type: Dynamic link library Path: %PROGRAMFILES%\RichMediaViewV1\RichMediaViewV1release7527\ie Group: Malware file Last Updated: June 13, 2014
6.	RichMediaViewV1release2655.dll	701189fba7f81302e4de4c89608ff1fc	4
Name: RichMediaViewV1release2655.dll MD5: 701189fba7f81302e4de4c89608ff1fc Size: 87.55 KB (87552 bytes) Detections: 4 Type: Dynamic link library Path: %PROGRAMFILES%\RichMediaViewV1\RichMediaViewV1release2655\ie Group: Malware file Last Updated: June 13, 2014

Registry Details

Rich Media View may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

Software\Microsoft\Internet Explorer\Approved Extensions\{e43fb0cb-fcdc-45d4-b693-1af634ba2cd7}

SOFTWARE\RichMediaViewV1

SOFTWARE\Wow6432Node\RichMediaViewV1

Directories

Rich Media View may create the following directory or directories:

%PROGRAMFILES%\RichMediaViewV1

%PROGRAMFILES(x86)%\RichMediaViewV1

Analysis Report

General information

Family Name:	Adware.Rich Media View
Signature status:	No Signature

Known Samples

MD5: 5f7a526ce201c284a21b00abbf6682ed

SHA1: 36ced823c89ae275ddaacf6e5edd89efdcd1d581

SHA256: D392884940CBFA37268EEFF2EB603FCE4568B7EDAA120396FE134D3818B8E073

File Size: 649.74 KB, 649740 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Company Name	Media Watch
File Version	1.1
Product Name	Media Watch home 2093
Product Version	1.1

File Traits

Installer Manifest
nosig nsis
x86

Files Modified

File	Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ch\mediawatchv1home2093.crx	Generic Write,Read Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ch\mediawatchv1home2093.crx	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome.manifest	Generic Write,Read Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome.manifest	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\ffmediawatchv1home2093.js	Generic Write,Read Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\ffmediawatchv1home2093.js	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\ffmediawatchv1home2093ffaction.js	Generic Write,Read Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\ffmediawatchv1home2093ffaction.js	Synchronize,Write Attributes

c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\icons	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\icons\default	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\icons\default\mediawatchv1home2093_32.png	Generic Write,Read Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\icons\default\mediawatchv1home2093_32.png	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\icons\thumbs.db	Generic Write,Read Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\icons\thumbs.db	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\overlay.xul	Generic Write,Read Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\chrome\content\overlay.xul	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\install.rdf	Generic Write,Read Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ff\install.rdf	Synchronize,Write Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\ie\mediawatchv1home2093.dll	Generic Write,Read Attributes
c:\program files (x86)\mediawatchv1\mediawatchv1home2093\uninstall.exe	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\aminsis.txt	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsxa861.tmp\aminsis.dll	Generic Write,Read Attributes

Registry Modifications

Key::Value	Data	API Name
HKLM\software\wow6432node\microsoft\windows\currentversion\explorer\browser helper objects\{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}::	MediaWatchV1home2093	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\explorer\browser helper objects\{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}::noexplorer		RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}::	MediaWatchV1home2093	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}\inprocserver32::	C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2093\ie\MediaWatchV1home2093.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}\inprocserver32::threadingmodel	Apartment	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}\typelib::	{26aaf2fc-9f1b-4496-ae14-b02f7cd1f4de}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}\version::	1.1	RegNtPreCreateKey
HKLM\software\classes\typelib\{26aaf2fc-9f1b-4496-ae14-b02f7cd1f4de}\1.1::	MediaWatchV1home2093Lib	RegNtPreCreateKey
HKLM\software\classes\typelib\{26aaf2fc-9f1b-4496-ae14-b02f7cd1f4de}\1.1\flags::	0	RegNtPreCreateKey
HKLM\software\classes\typelib\{26aaf2fc-9f1b-4496-ae14-b02f7cd1f4de}\1.1\0\win32::	C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2093\ie\MediaWatchV1home2093.dll	RegNtPreCreateKey

HKLM\software\classes\typelib\{26aaf2fc-9f1b-4496-ae14-b02f7cd1f4de}\1.1\helpdir::	C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2093\ie	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{e7a917f4-8e09-47e5-a06e-25e309a48b5f}::	IMediaWatchV1home2093BHO	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{e7a917f4-8e09-47e5-a06e-25e309a48b5f}\proxystubclsid32::	{00020424-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{e7a917f4-8e09-47e5-a06e-25e309a48b5f}\typelib::	{26AAF2FC-9F1B-4496-AE14-B02F7CD1F4DE}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\interface\{e7a917f4-8e09-47e5-a06e-25e309a48b5f}\typelib::version	1.1	RegNtPreCreateKey
HKLM\software\classes\interface\{e7a917f4-8e09-47e5-a06e-25e309a48b5f}::	IMediaWatchV1home2093BHO	RegNtPreCreateKey
HKLM\software\classes\interface\{e7a917f4-8e09-47e5-a06e-25e309a48b5f}\proxystubclsid32::	{00020424-0000-0000-C000-000000000046}	RegNtPreCreateKey
HKLM\software\classes\interface\{e7a917f4-8e09-47e5-a06e-25e309a48b5f}\typelib::	{26AAF2FC-9F1B-4496-AE14-B02F7CD1F4DE}	RegNtPreCreateKey
HKLM\software\classes\interface\{e7a917f4-8e09-47e5-a06e-25e309a48b5f}\typelib::version	1.1	RegNtPreCreateKey
HKLM\software\wow6432node\mediawatchv1home2093\components::ie	1	RegNtPreCreateKey
HKLM\software\wow6432node\google\chrome\extensions\efpjfejngggajkjodmlnhgaagafiknjm::path	C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2093\ch\MediaWatchV1home2093.crx	RegNtPreCreateKey
HKLM\software\wow6432node\google\chrome\extensions\efpjfejngggajkjodmlnhgaagafiknjm::version	1.1	RegNtPreCreateKey
HKLM\software\wow6432node\mediawatchv1home2093\components::ch	1	RegNtPreCreateKey
HKLM\software\wow6432node\mozilla\firefox\extensions::ext@mediawatchv1home2093.net	C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2093\ff	RegNtPreCreateKey
HKLM\software\wow6432node\mediawatchv1home2093\components::ff	1	RegNtPreCreateKey
HKLM\software\wow6432node\mediawatchv1\media watch::installed	1	RegNtPreCreateKey
HKLM\software\wow6432node\mediawatchv1home2093::path	C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2093	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediawatchv1home2093::displayname	Media Watch	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediawatchv1home2093::displayversion	1.1	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediawatchv1home2093::publisher	Media Watch	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediawatchv1home2093::urlinfoabout		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediawatchv1home2093::displayicon	C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2093\uninstall.exe	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediawatchv1home2093::uninstallstring	C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2093\uninstall.exe	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediawatchv1home2093::nomodify		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\mediawatchv1home2093::norepair		RegNtPreCreateKey
HKCU\software\microsoft\internet explorer\approved extensions::{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}	晑決ᵌᬻ㊂㫀ֶ쎐︟植	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}::	Media Watch	RegNtPreCreateKey
HKCU\software\microsoft\internet explorer\approved extensions::{22d32f92-a4d7-40df-8ecf-55be0c2ba3ef}	晑決ᵌᬻ㊂㫀ֶ쎐︟植	RegNtPreCreateKey

Windows API Usage

Category	API
Process Manipulation Evasion	NtUnmapViewOfSection
Process Shell Execute	CreateProcess

Shell Command Execution


							regsvr32 "C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2093\ie\MediaWatchV1home2093.dll" /s


							C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NULL)

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Rich Media View

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Rich Media View

File System Details

Registry Details

Directories

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

Trojan.Agent.LFB

Trojan.PrintSpoofer.D

Trojan.Agent.IFSC

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen

How to Fix 'macOS cannot verify that this app is...