Recently, one of our test computer got infected with a Spyware / Trojan that redirects itself to a website called “mediashifting.com”. Normally, we don’t report any virus removal guide on Techtorial but since we suspect the anomaly is something bigger than it appears to be, we decided to create a tutorial to help those who got infected.
What is Mediashifting.com Trojan?
It’s a newly found Trojan posted by users who were recently infected. From what we can tell, the first traces of this malware were found on the final week of 2011 and it was only reported to Microsoft’s virus encyclopedia on January 4, 2012.
How To Tell If You’re Infected?
Being redirected to “mediashifting.com” every few minutes is a sure sign you got infected. Likewise, it affects all your browser (e.g: Chrome, Firefox, Internet Explorer, etc.)
So far, we aren’t sure how our test machine running a fully updated Windows 7 suite protected by Avira got infected. Since this is a Trojan, we expect it’s something related with what you install on your system whereas the culprit is hiding on a seamlessly legit application. Like we’ve said, it manage to get pass through our current AV so there’s a possibility others are having this problem as well.
Don’t Search Google For the Solution!
Normally, you can simply type the name of a particular virus on Google or Bing and a guide on removing it will appear. However, in the case of this new Trojan, all of the reports we’ve gathered appearing on Google’s first result page are bogus from the time this guide was created.
In fact, we have a strong reason to believe the developer of this Trojan outsourced someone to spam popular AV forum sites like Malwarebytes, Bleepingcomputers, etc. to mislead users on finding the correct solution on removing the anomaly (just look at the timestamps and the poster’s new profile). Unfortunately, we also found other random websites popping out from the blue claiming they have the proper cleaning tool tricking you to download a fake virus cleaner making things even worst.
Removal Guide
This guide is the best free solution we can give for those who got infected. And since the culprit seems to be only affecting Windows machines, it’s better if you get your Anti Virus with Microsoft through its “Security Essentials”. After you download and installed MSE on your PC, choose “custom scan” and select C: (local drive) to completely eliminate the Trojan. You’ll know your system is cleaned once you see a prompt asking you to clean a Win32/Sirefef.K strain of Trojan found on your system. Similar with the screenshot below.
Likewise, you can found more info about the Trojan here including its aliases described as a multi-component family of malware which modifies search results from your browser into a pay-per-click advertising site.
Note: We’ve tried using other free anti-virus tools like AVG, Avast & Malwarebytes; however, in some bizarre case, they can only detect the Trojan but cannot remove it completely. We also recommend you uninstall your current anti-virus after installing Microsoft Security Essential so it can do its job properly.
In case you got infected, feel free to show your comment below.
You might also like
Tags: mediashifting.com, mediashifting.com removal guide, mediashifting.com trojan, mediashifting.com virus, Win32/Sirefef.K, Win32/Sirefef.K removal guide
