Microsoft Antispyware provided the following information on the adware:
Item Details
WindUpdates.MediaGateway
Type: Adware
Adware is generally software that displays advertisements. Some advertisers may covertly install adware on your system and generate a stream of unsolicited advertisements that can clutter your desktop and affect your productivity. The advertisements may also contain pornographic or other material that you might find inappropriate. The extra processing required to track you or to display advertisements can tax your computer and hurt your system performance.
Threat Level: High
Programs that might collect your personal information and negatively affect your privacy or damage your computer, for example, by collecting information or changing settings, typically without your knowledge or consent.
Author: windupdates.com
Description: WindUpdates is responsible for downloading adware.
Advice: High-risk items have a large potential for adverse effect, such as loss of computer control, and should be removed unless knowingly installed.
About Adware: In general, adware is software that displays advertisements, and may be beneficial by subsidizing a program or service. However, certain adware programs may lack authorization, such as installing without prominent notice or showing ads without clear attribution to their source.
When I looked in the system's registry at
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
,
which is one of the registry locations where Microsoft Antispyware found
a reference to this adware, I saw the following value:
Value Name: MediaGateway
Value Data: C:\Program Files\MediaGateway\MediaGateway.exe
I checked the MediaGateway folder under C:\Program Files
.
It had been created on January 19, 2006 at 11:27 A.M. However, there were no
files within the folder. Looking through the scan history for Microsoft
AntiSpyware, I found that it had found WindUpdates.MediaAccess Adware on
the system on January 19, 2006 and two items related to this adware had
been deleted then. The 3 registry entries I found today (Microsoft
AntiSpyware is listing four, but one of those
HKEY_LOCAL_MACHINE\Software\MediaGateway
, is listed twice) may have
been remnants left on the system then that later antispyware definitions
detected. Looking through the history, I found that three items for this adware
were detected on April 29, 2006, but only 1 deleted. Ever since April
30, it appears Microsoft AntiSpyware has been detecting 4 items related
to this adware, but the user has not been deleting them.
I had Microsoft AntiSpyware remove all of the entries it found. It removed
the "run" registry entry for the adware, but did not remove the folder
C:\Program Files\MediaGateway
. I removed the folder manually.