Trojan.Win32.Mediyes
Posted: April 13, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 7,002 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 342,755 |
| First Seen: | April 13, 2012 |
|---|---|
| Last Seen: | March 10, 2025 |
| OS(es) Affected: | Windows |
Trojan.Win32.Mediyes is a browser hijacker that redirects your web browser to exploit pay-per-click traffic for profit. Because Trojan.Win32.Mediyes is installed by a rootkit that injects Trojan.Win32.Mediyes's code into that of a web browser process, with the rootkit deleting itself afterwards, SpywareRemove.com malware researchers suggest that you use anti-malware applications to detect and delete Trojan.Win32.Mediyes. Symptoms of Trojan.Win32.Mediyes infection are typically limited to redirects to unwanted websites, although Trojan.Win32.Mediyes may also use attacks that don't have visible symptoms (such as attempting to steal private information from some websites). As a result of this invasive behavior, Trojan.Win32.Mediyes is considered a danger to your computer's security and privacy that should be deleted by appropriate software once you realize that Trojan.Win32.Mediyes is on your PC.
Trojan.Win32.Mediyes – a Signed Promise of Safety That Means Exactly Nil
While there isn't much that's innovative about Trojan.Win32.Mediyes's payload, one of its methods for evading detection is relatively noteworthy: Trojan.Win32.Mediyes uses a digital VeriSign signature that was intended for the legitimate Swiss firm Conpavi AG, but was since stolen by Trojan.Win32.Mediyes's criminal partners to conceal Trojan.Win32.Mediyes in infected computers. This signature can cause some brands of anti-malware programs to avoid scanning Trojan.Win32.Mediyes and detecting its malicious attributes. SpywareRemove.com malware researchers recommend that you keep your software updated and have several levels of redundancy to guarantee that your PC is as protected as possible from Trojan.Win32.Mediyes attacks, which are propagated by techniques that have already targeted an estimation of five thousand computers, most of which are based in Western Europe.
Trojan.Win32.Mediyes is installed by Rootkit.Win32.Mediyes, a malicious driver that deletes itself after it's performed its intended task. Since Trojan.Win32.Mediyes is inserted into your browser's process and doesn't have an independent memory process of its own, you may be unable to detect Trojan.Win32.Mediyes at all, except for its browser-hijacking symptoms, which include redirect attacks to hostile sites. SpywareRemove.com malware experts warn that Trojan.Win32.Mediyes can also steal information from some websites that may include passwords and account data.
Getting Away from Trojan.Win32.Mediyes's Money-Making Grinder
Because Trojan.Win32.Mediyes contacts a Germany-based Command & Control Server to report its infection and receive instructions, Trojan.Win32.Mediyes may be reconfigured for slightly different attacks or even update itself to avoid new detection techniques. These risks make SpywareRemove.com malware researchers recommend that you annihilate Trojan.Win32.Mediyes right away, since delaying in an appropriate response to Trojan.Win32.Mediyes only gives Trojan.Win32.Mediyes time to make more of a nuisance of itself. Despite its attempt to hide from scanning software, Trojan.Win32.Mediyes can be detected by competent anti-malware applications that aren't fooled by its signature.
Additionally, you may wish to avoid or, at least, exercise significant caution around sites that are promoted by Trojan.Win32.Mediyes. While Trojan.Win32.Mediyes's main purpose is to gather pay-per-click money, sites that are affiliated with Trojan.Win32.Mediyes aren't guaranteed to be interested in your safety and may also attack your PC via browser vulnerabilities and other methods.
Aliases
More aliases (26)
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.