it consultancy

Medload malware

Medload details

  • Description

    Medload is an adware parasite that displays undesirable commercial pop-up advertisements, opens advertising web sites and installs main components of several dangerous adware threats. It also changes Internet Explorer security settings and creates multiple desktop shortcuts that lead to potentially unsafe web sites.

  • Exe

    medload.exemedload3.exeimbuddy2.exehisistheurls.exemm[X].exenewpop[X].exeseeve.exethin-[XVS].exeunstall.exe

  • Registry

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunloads.exeHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunseeve.exeHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunsixtysixHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunpopuppersHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunpopuppers64HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionSharedDLLs(Default)=percentWindirpercentSystem32objsafe.tlbHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionSharedDLLs(Default)=percentWindirpercentDownloaded Program Filesm[X]m.ocxHKEY_CURRENT_USERSoftwareWinRAR SFXC:Program Filesjoystick networkssetupHKEY_CURRENT_USERSoftwareWinRAR SFXC:Documents and Setttings[Current User]DesktopHKEY_CLASSES_ROOTIObjSafety.DemoCtlHKEY_CLASSES_ROOTCLSID{7149E79C-DC19-4C5E-A53C-A54DDF75EEE9}HKEY_CLASSES_ROOTCLSID{E0CE16CB-741C-4B24-8D04-A817856E07F4}HKEY_CLASSES_ROOTInterface{3E4BCF50-865B-4EF4-A0BC-BF57229EA525}HKEY_CLASSES_ROOTInterface{64A5BD22-8D8A-4193-9CF8-7DB5212ABB17}HKEY_CLASSES_ROOTInterface{674A6BD5-317A-49CF-9647-1E085E660CE0}HKEY_CLASSES_ROOTInterface{9F61CFDF-5C79-4D35-B4DA-766B28367223}HKEY_CLASSES_ROOTInterface{A9136CFD-FD01-41B8-9969-0B37720ED8AB}HKEY_CLASSES_ROOTInterface{AD29366C-63AA-4FF3-944F-91AD7193BCA2}HKEY_CLASSES_ROOTInterface{B2EEDA99-DA99-4D0D-9F7F-143C30521388}HKEY_CLASSES_ROOTInterface{E832FFDE-8ED2-47B7-BE50-729A238040A0}HKEY_CLASSES_ROOTTypeLib{466C63AC-F26E-49F1-861A-E07DA768A46A}HKEY_CLASSES_ROOTTypeLib{78A163D2-2358-464D-807B-0E2A078C7727}HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternetSettingsoneMapDomainsmedia-motor.netHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternetSettingsoneMapDomainspopuppers.comHKEY_LOCAL_MACHINESOFTWAREmmHKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{7149E79C-DC19-4C5E-A53C-A54DDF75EEE9}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionModuleUsageC:/Windows/System32/objsafe.tlbHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionModuleUsageC:/Windows/Downloaded Program Files/m[X]m.ocxHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallmedia-motor