Trojan:JS/Medfos.B [Removal guide]

By | mei 2, 2013

Trojan:JS/Medfos.B is as trojan that installs a browser extension on your browser like Internet Explorer, Google Chrome and Mozilla Firefox. Being as a vicious JavaScript file, the virus has the ability to modify your search results while you are using search queries such as Bing, Google and Yahoo. Usually, it would hijack your browser to harmful domain that associated with some commercial contents which only wants you to spend money on it.
Medfos is a member of the Win32/Medfos family and got your computer, after you have visited an infected website which exploited a vulnerability from a Java or Adobe software and Medfos installed a file called chromeupdate.crx.

As part of its self-defense mechanism,once installed Medfos disguises itself as a legitimate Google Chrome or Firefox extension with the name ChromeUpdateManager 1.0 or Translate This 2.0

Trojan:JS/Medfos.B sole purpose is to generate revenue for its authors via pay-per-click advertising links and redirect traffic to affiliate sites,so we recommend that you remove Trojan:JS/Medfos.B as soon as possible from your computer.

Trojan.MedfosB Removal Guide

Trojan.MedfosB

Trojan:JS/Medfos.B [Removal guide]

All tools used in our malware removal guides are completely free to use and should remove any trace of malware from your computer.
Please be aware that removing Malware is not so simple, and we strongly recommend to backup your personal files and folders before you start the malware removal process.

1. Run a scan with Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • If you accidently close it, the log file is saved here and will be named like this: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware\Logs\mbam-log-date (time).txt
  • Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
  • Click OK to either and let MBAM proceed with the disinfection process.
  • If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • After the restart in Normal mode, start Malwarebytes Anti-Malware again and perform a Full System scan to verify that there are no remaining threats.

 

2. Run a scan with HitmanPro

Please download HitmanPro to your desktop from one of the following links
HitmanPro (32bit) – Direct download link
HitmanPro (64bit) – Direct download link

  • Double click on HitmanPro to start the program, if you are experiencing problems while trying to start HitmanPro, you can use the Force Breach mode.
  • To start HitmanPro in Force Breach mode, hold down the left CTRL-key when you double click on HitmanPro and all non-essential processes will be terminated, including the malware processes.
  • HitmanPro will start and you’ll need to follow the prompts (by clicking on the Next button) to start a system scan with this program.
  • The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
  • Click on the next button and choose the option activate free license
  • Click on the next button and the infections where will be deleted.

  • Click now on the Save Log option and save this log to your desktop.
  • Click on the next button and restart the computer.

Incoming search terms:

  • pup optional b
  • Google Desktop Install trojan
  • what is pup optional b
  • decrypt_harasom
  • google desktop install virus
  • 4682b4 com virus
  • firefox vosteron
  • pub optional b
  • 4682b4 trojan
  • Trojan:JS/Medfos B mac chrome
  • trojan:JS/medfos B?
  • virus malware js
  • google trojan
Please Like, Tweet or +1 to help other people