PCMech Forums

PCMech Forums (http://www.pcmech.com/forum/)
-   Networking & Online Security (http://www.pcmech.com/forum/networking-online-security/)
-   -   JS/Medfos removal ?? (http://www.pcmech.com/forum/networking-online-security/229634-javascript-medfos-removal.html)

11290slk 04-10-2013 10:48 PM

JS/Medfos removal ??
 
This started showing up in MSE scans and I've been getting a lot of redirects on searches lately. Looked it up but not really able to get rid of it with any of the methods so far, using malware bytes or roguekiller. Any advice?

trojan:JS/medfos,A is what comes up in MSE scans.

rjfvillarosa 04-11-2013 01:54 AM

I came across this one a few weeks ago and thought it was a false positive because only MSE was picking it up. I can't be 100% sure what got rid of it because at the time I was playing around with the Emsisoft standalone scanner. The Emsisoft standalone scanner is the best way to get rid of the "Illegal Download Page" that has been hanging around for a while.
Download Emsisoft Emergency Kit 3.0 from here:
Free Anti-Malware Download | Emsisoft Anti-Malware, Online Armor Firewall, Mamutu Behavior Blocker Download it to a new folder somewhere on your machine, run the .exe (it does not install) and update it, now just run the scanner. Should you need to, you can update this app in that same way anytime, copy the folder to a pendrive and then run the updated scanner from the pendrive as a standalone scanner on other machines.

11290slk 04-11-2013 11:15 AM

Downloaded the Emisoft, ran a full scan (long time) and it found a couple of things. I deleted them and we'll see if they "restore themselves" soon. Thanks for the link.

If I keep having issues, I think I will just reformat. Haven't done it for a long time so may just be as well to do it and clean out the garbage. Told the wife I should just build a new one. That went over big.

SARGE 04-11-2013 04:51 PM

Seems I read here before that if you have system restore enabled, the bad critter can attach itself in there.

11290slk 04-11-2013 05:30 PM

That could be, however I don't actually have it "enabled". Have always been able to just go back a few days and it worked fine. When I first noticed issues I attempted to do a restore point and never could get it to go back to an earlier time. Just seemed that something was blocking it from going back.

I actually think it came through in a malicious email saying something about a FedEx delivery notice or something like that. My wife opened the email as we actually did have a FedEx delivery coming. Since then, I see 3 or 4 a week, sometimes more, in my spam folder in gmail. Also, emails lately about an airline reservation confirmation. Don't do those as my daughter is a flight attendant and we fly for free so I don't make any ticket purchases.

rjfvillarosa 04-12-2013 02:30 AM

Do you use the "Filters" in Gmail?

11290slk 04-12-2013 09:23 AM

Quote:

Originally Posted by rjfvillarosa (Post 1580878)
Do you use the "Filters" in Gmail?

Had not been but am now. Have filtered those 2 but seems that since I have/had this Trojan on the system, filters don't actually filter everything.

SARGE 04-12-2013 10:13 PM

I chunked my gmail account the other day. I always felt someone standing behind me watching. There is plenty about them negative to read, but you may not find it on google. I don't go near them.


All times are GMT -5. The time now is 04:04 PM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.1