Sunday, November 25, 2012

How to Remove Trojan:JS/Medfos.B Virus/ Trojan:JS/Medfos.B Removal Step by Step Guide

Infected with Trojan:JS/Medfos.B virus which has been detected by Microsoft Security Essentials anvitivirus? How to remove/ clean/ get rid of Trojan:JS/Medfos.B ? Looking for a manual solution? Any antivirus can deal with Trojan:JS/Medfos.B? Attacked massage of Trojan:JS/Medfos.B keeps popping up from antivirus? Trojan:JS/Medfos.B is coming back after restarting the computer? Ran antivirus with no success? I am scared. Is that harmful? What can I do if my computer has been infected with Trojan:JS/Medfos.B? How could it split into my computer without my knowledge? How to Remove Trojan:JS/Medfos.B from my computer?

Basic Instructions of Trojan:JS/Medfos.B Virus

Trojan:JS/Medfos.B is indentified as a vicious Trojan attack that will lead to indelible damage to compromised system. Antivirus program always fail to remove it from your machine so that it can sneak into computer with infringing system default setting. Trojan:JS/Medfos.B is a dangerous Trojan infection will cause a couple of problems after executing slightly and silently. Generally speaking, it can be dropped by hackers who plant the infections in the corrupted porn and forum websites. It can automatically install in your computer after visiting those unsafe contents. Besides, viewing the attachments from open spam emails or downloading the free software can be another method for getting the infections. Trojan:JS/Medfos.B attack massage will keeps popping up from your antivirus and the computer is automatically shutting down without reason. You can even experience hard work to visit your favorite homepage and could always get redirect to some malicious webpages that all kind of products are on selling. Trojan:JS/Medfos.B will damage computer with forcing to turn off computer again and again. More than that, Trojan:JS/Medfos.B would take charge of your computer easily with remote help sent by the hackers. A Trojan virus is always bounded with a remote server which can monitor all the evil invasion activities then try to exploit your private data/work resource/ credit card number/ user account and password. To avoid more damages from Trojan:JS/Medfos.B, please find an effective solution to get rid of Trojan:JS/Medfos.B infection.

How dangerous Trojan:JS Medfos.B virus is

Trojan:JS/Medfos.B is a horrible Trojan virus that cannot be figured out by any security program. If you fail to remove it with antivirus and ignore the infection, you will face the irreversible situation. It will drop additional PC threats on compromised system to cause the impropriated online activities. Computer will act as an old man who is walking so slowly even get stuck and a non-response. Your desktop can be covered by countless tem files which are scattering all around the corners. Trojan:JS/Medfos.B has the capability to shut your internet connection down, steal your confidential information, take over control your screen or it will cause the dead blue screen error, you can’t even log in window. Since antivirus cannot catch Trojan:JS/Medfos.B, a manual solution is badly needed to get rid of Trojan:JS/Medfos.B immediately.

Trojan:JS/Medfos.B virus needs to be removed immediately

  1. Trojan:JS/Medfos.B is a horrible Trojan virus that cannot be figured out by any security program.
  2. Trojan:JS/Medfos.B has the capability to shut your internet connection down
  3. Trojan:JS/Medfos.B steals your confidential information
  4. Trojan:JS/Medfos.B takes over control your screen
  5. Trojan:JS/Medfos.B will cause the dead blue screen error

Effective Guide to Remove Trojan:JS/Medfos.B virus


a: Get into the safe mode with networking
<Restart your computer. As your computer restarts but before Windows launches, tap "F8" key constantly. Use the arrow keys to highlight the "Safe Mode with Networking" option, and then press ENTER>


b: Stop all the processes , files and registry entries of Trojan:JS/Medfos.B virus

Step 1: Go to Task Manager with Alt+Ctrl+Delete and stop its process.

Step2. Remove Trojan:JS/Medfos.B virus, search the related files 



%AllUsersProfile%\Application Data\
%AllUsersProfile%\Application Data\.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
 C:\Windows\system32\svchost.exe -k RPCSS
 C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
 C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
 C:\Windows\system32\svchost.exe -k netsvcs
 C:\Windows\system32\svchost.exe -k LocalService
 C:\Windows\system32\svchost.exe -k NetworkService
%UserProfile%\Start Menu\Programs\ Trojan:JS/Medfos.B virus \

Step3. Remove Trojan:JS/Medfos.B virus registries: 





Software\Microsoft\Windows\CurrentVersion\Run “.exe”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
 @="{00020424-0000-0000-C000-000000000046}"
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
 @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
 "Version"="1.0"
 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
 [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Apartment
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Apartment
 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Free
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
 "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Free
 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Both
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’

Video Guide to Trojan:JS/Medfos.B virus Completely



Note: Have you successfully removed Trojan:JS/Medfos.B virus? Any Problems during Removal Procedure?

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)