1. Symantec/
  2. Security Response/
  3. Adware.Mpgcom

Adware.Mpgcom - Removal

February 13, 2007 11:36:28 AM
Risk Impact:
File Names:
Systems Affected:

The following instructions pertain to all Symantec antivirus products that support Security Risk detection.
  1. Update the definitions.
  2. Unregister the .dll files so that they can be deleted.
  3. Restart the computer in Safe mode or VGA mode.
  4. Run a full system scan and delete any files detected as Adware.Mpgcom.
  5. Delete the value that was added to the registry.

For specific details on each of these steps, read the following instructions.

1. Updating the definitions
This detection was reclassified from a Trojan horse (it was originally named Trojan.Narat) to a security risk on January 2, 2004.

2. Unregistering the .dll files
  1. Click Start, and then click Run. (The Run dialog box appears.)
  2. Type, or copy and paste, the following text:

    regsvr32 /u "%Windir%\mpgcom.dll"

    then click OK.

    Note: If you type the text (instead of copying and pasting it), make sure that you type it exactly as shown and that you include the quotes.

  3. After a few seconds, you should see one of the following messages:

    (Load Library Failed, <filename>.dll was not registered)

    (Load Library Succeeded)

    In either case, click OK.

3. Restarting the computer in Safe mode or VGA mode

Shut down the computer and turn off the power. Wait for at least 30 seconds, and then restart the computer in Safe mode or VGA mode.
  • For Windows 95, 98, Me, 2000, or XP users, restart the computer in Safe mode. For instructions, read the document, "How to start the computer in Safe Mode."
  • For Windows NT 4 users, restart the computer in VGA mode.

4. Scanning for and deleting the files
  1. Start Norton AntiVirus and make sure that it is configured to scan all the files. For more information, read the document, "How to configure Norton AntiVirus to scan all files."
  2. Run a full system scan.
  3. If any files are detected as Adware.Mpgcom, click Delete.

5. Deleting the value from the registry

WARNING: Symantec strongly recommends that you back up the registry before making any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify the specified keys only. Read the document, "How to make a backup of the Windows registry," for instructions.
  1. Click Start, and then click Run. (The Run dialog box appears.)

  2. Type regedit and then click OK. (The Registry Editor opens.)

  3. Navigate to the key:


  4. In the right pane, delete the value:


  5. Navigate to the key:


  6. In the right pane, delete the values:


  7. Exit the Registry Editor.

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube