What is mediafix70700en02.exe, How to remove mediafix70700en02.exe


mediafix70700en02.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: mediafix70700en02
Filename: mediafix70700en02.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | mediafix70700en02.exe

Command: %AppData%\{RANDOM}\mediafix70700en02.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [mediafix70700en02.exe] C:\Documents and Settings\User\Application Data\CA196E3D0F2D18F19323483E318BCFD5\mediafix70700en02.exe

DDS Line:

uRun: [mediafix70700en02.exe] C:\Documents and Settings\User\Application Data\CA196E3D0F2D18F19323483E318BCFD5\mediafix70700en02.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“mediafix70700en02.exe”=C:\Documents and Settings\User\Application Data\CA196E3D0F2D18F19323483E318BCFD5\mediafix70700en02.exe

Description: core component of Antimalware Doctor (rogue antispyware)

How to remove: use the Antimalware Doctor removal guide or the steps below.

1. Download HijackThis from here and save it to your desktop.

2. Run HijackThis. Main menu opens. Click to “Do a system scan only” button. After HijackThis completes the system scan, check the box to the left of the following items:

O4 – HKCU\..\Run: [mediafix70700en02.exe] C:\Documents and Settings\User\Application Data\CA196E3D0F2D18F19323483E318BCFD5\mediafix70700en02.exe

Please be very careful, do NOT check any other boxes! Next, click on Fix checked on the bottom left side of the HijackThis screen. Close HijackThis.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

One Response to “What is mediafix70700en02.exe, How to remove mediafix70700en02.exe”

  1. Pete Says:

    I’ve tried Malwarebytes and Super anti spyware, but they didn’t clear it out. At present I’ve got MSconfig on selective startup with mediafix and antimal unticked. This is holding it off. I’ve manually deleted all references in the folders and registry, except one. When I search the C: drive for mediafix, it comes up with 1 entry. I can’t delete it or open its location. From properties, it gives its location as dlmenow.in/medifix70700en02.exe. I don’t know why this comes in a search of the C: drive and I don’t want to turn off the selective startup until I know how to fix. Previously, turning the selective startup off, even with all its references deleted, just reinstalled the software. Thanks

Leave a Reply