Posts Tagged ‘Medfos’

Virus AlertThe Virus “Medfos” replace contents of searches on the user’s system.

Microsoft Corporation announces a new family of “Win32/Medfos” viruses, which last several months actively spreading around the world. The virus to infect the system normally uses the component of loader, which is distributed by several different methods. Thus, attackers often use compromised web-sites to redirect users to a page with exploits, as well as appeal to the owners of already deployed botnets and viruses onto previously compromised system.

Medfos bootable component is installed in the %AppData% folder and adds its entries in the registry to complicate its detection. (more…)