I really need help to remove Trojan:Win32/Medfos.gen!D virus. My laptop was significantly slower than normal and I was redirected to sites I did not search for or had ever been to so I ran antivirus already installed on my computer and found this virus. However, it doesn’t seem to remove it. Is there any way I can get rid of this Trojan completely?
Trojan:Win32/Medfos.gen!D is a backdoor Trojan that comes from Medfos Trojan family which can drop files and open a back door on the affected computer. Generally, it is distributed on compromised or malicious websites via exploit kits and unethical software downloads. It is mainly created by hackers who have been qualified with better computer skills to damage your computer and collect valuable information to make illegal benefits. When it is downloaded on your computer, it won’t show much visible symptoms on your computer so that users may never know the computer is already compromised until they run security scan on the computer. However, even though this Trojan can be detected by antivirus program, it cannot be deleted in a normal way like most Trojan viruses.
This type of virus resides deeply in your computer and it will apply an advance technique that aims to conceal itself and evades anti-virus detection. It often installs itself by replicating its executable file to the Windows or Windows system folders, and then making modifications to the Windows Registry to execute this file automatically whenever the victim boots up Windows so that it is able to drop other malware in your computer. Being as a nasty Trojan, it enables cyber criminals to gain full remote access and control over the corrupted PC. Moreover, it may change your homepage and set it as other bogus search engines instead without your permission or keep redirecting you to websites you don’t want when you search information on the net. Constant pop-up of advertisements may keep appearing on your computer screen to block your activity. The most noticeable symptom on the presence of this Trojan is extreme reduction on PC performance. It is suggested users to get rid of Trojan:Win32/Medfos.gen!D once upon detection.
Slow down your PC speed notably.
Add other dangerous Trojan or Spyware to your system secretly.
Allow the hacker to access your entire system.
Collect all your personal information and transfer to a remote hacker.
Destroy critical system files and make PC unstable.
From malicious drive-by-download scripts from corrupted porn and shareware / freeware websites.
Through spam email attachments, media downloads and social networks.
When clicking suspicious popups or malicious links.
Open unknown email or download media files that contain the activation code of the virus.
1. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
2. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries that should be deleted:
%Documents and Settings%\[UserName]\Application Data\[random]
Trojan:Win32/Medfos.gen!D is a malicious Trojan which is used to steal information from the corrupted PC. It can carry out various harmful activities on the compromised computer such as slowing down dramatically, making your system crash randomly. Users always acquire this Trojan by visiting infected websites, downloading free programs that contain malicious code, clicking on the unknown pop-up ads and opening the spam emails. Thus, it is kindly remind users to pay attention on what they are going to download on the computer and make sure the file or program is clean because once the computer is infected, it may execute damaging actions, such as create a remote shell, upload files, download files and make modifications to the critical files. This virus is extremely dangerous as it is able to disable security applications particularly antivirus and firewall applications and run in the background to steal your confidential information. If you don’t want to experience money loss or computer crash, an immediate removal is needed.
Important Notice: Manual removal always needs expertise. If you are afraid of making mistake during the removal, please contact experts from Yoocare Online Tech Support for further help.
Published by & last updated on September 28, 2013 1:42 am