Trojan horse viruses have obvious features: tiny and covert, tremendous and powerful damage, difficult to clean up, etc. Cyber cribbers resort to extreme measures to programme and improve various Trojan to create more and more invasion to personal computers. Troj/Medfos-F is such Trojan which has been spreading widely around the world.

To have a better understand of Troj/Medfos-F

Troj/Medfos-F is a crafty trojan horse that detected by Trend Micro Internet Security. It is the same stubborn as Win32/sirefef.eb. As an offensive Trojan, it always tries to grasp any chance to invade the target system. It won’t lock your PC but it is bundled with U.S. Department of Justice Virus, then your computer will be blocked. Troj/Medfos-F usually has a strong offensive to destroy information and files in a computer, resulting in the abnormal working of the computer, or more seriously, making the system unavailable. As a representative of Trojan, it won’t give up any chance to invade the target system. Before you find its true purposes, the infection has settled down in your computer. It tries its best to deceive innocent users. When it successfully users’ hearts to believe it, Troj/Medfos-F will pretend to start its righteous work. Troj/Medfos-F pours out all sorts of irritating advertisements, which make you crazy. And it will tell you that your computer is in in danger.

When you see those horrible alerts, you must be very nervous and vexatious. There are many alerts imply your computer is infected with dangerous viruses. Next Trojan horse Troj Medfos-F claims to help you remove all the threats in your computer. However, it is Troj Medfos-F itself that bring in the real danger and damages to your computer. It can change Windows Explorer settings to download other malicious files from external servers. Have you ever seen such an irksome infection before? It is extremely important to drop everything that you are doing and to concentrate entirely on removing Troj/Medfos-F from your machine. Many people who get infected such virus may don’t understand how they get infected; they don’t do anything but just browse some websites. They don’t know that when they browse websites the Troj Medfos-F virus can access their PCs silently without your attention. The virus may hide in some unsafe sites that it will create a route to enter into people’s PC. Be careful whenever you surf on the internet.

To have a better and safe solution, you can contact YooCare/YooSecurity for help here:

How to Identify Troj/Medfos-F in My Computer?

    • Your browser settings and browser home page will be changed by Troj/Medfos-F.
    • It may show numerous undesirable and annoying pop-ups.
    • This virus will connect to the internet without your permission.
    • The virus keeps track of your internet browsing data and sends your browsing history data to remote location servers, owned by hackers that use this information to advertise their products via numerous pop-ups and hijacked browser homepages, new icons.
    • It can install unwanted programs to a victim’s computer without user’s knowledge and consent. This can make your computer slower in performance and stability.
    • The Trojan may produce many fake alert warnings, stating that your PC is infected with Trojans or other malwares that do not actually exist.

How to Safely Remove Troj/Medfos-F Virus?

Step 1: Press CTRL+ALT+DEL or CTRL+SHIFT+ESC. Open the Windows Task Manager.
If that didn’t work, try another way. Press the Start button and click on the Run option. This will start the Run tool. Type in taskmgr and press OK. This should start the Windows Task Manager

Step 2: In the Windows Task Manager click on the Processes tab. Find the process by name. random.exe. Then scroll the list to find required process. Select it with your mouse or keyboard and click on the End Process button. This will kill the process.

Step 3: Delete malicious registry entries related to Troj/Medfos-F virus.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\random
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run\random
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\wow64YRIK821024 “(Default)”=”1?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\“UninstallString” = “‘%AppData%\[RANDOM]\[RANDOM].exe” -u
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\“ShortcutPath” = “‘C:\Documents and Settings\All Users\Application Data\wow64YRIK821024.exe” -u’”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “wow64YRIK821024” = “‘C:\Documents and Settings\All Users\Application Data\random.exe’

Step 4: Remove malicious files of Troj/Medfos-F Virus

C:\WINDOWS\assembly\JYG_64\Desktop.ini
C:\Windows\assembly\JYG_32\Desktop.ini
C:\WINDOWS\system32\ping.exe

Video of Key Steps on How to Modify or Change Windows Registry:

At last but not least, this virus should be removed as soon as possible. If you leave it alone, it will not only stay in your computer, but also can put your IP in very dangerous condition. However, if you can remove it in time, it can’t do any harm to your computer and won’t ask for money any more. Also please don’t pay money to this scam, even if you pay to the hackers, they won’t unlock your computer. Never believe those so called free software! Don’t download to install those stuffs in your computer. They can not only remove the Troj/Medfos-F virus for you, but also bring you much more other virus such as ransomware, scam virus even fake things. You may not be aware that those so called free software can be another cheater, which will make you gain just more loss. Please don’t take a chance to have a try. It’s nonsense. There is no free lunch! If you really can’t remove Troj/Medfos-F Virus yourself, please find an expert for assistance. This is the best choice.

Note: there may be some differences according to different computers. If you really don’t know what to do, YooCare/Yoosecurity is your best choice.

 

Published by Leo R. Oscar & last updated on May 27, 2013 2:42 am

Leave a Reply