Trojan B is false anti-spyware that should not be trusted in any case. It enters into your computer without your permission and then installs itself. Trojan B will enter into the system through Trojan infection. It may also enter the system through a simple click on online ads and once it enters the system, it will start performing such functions which will directly threaten the safety of your computer. Trojan B will initiate fake scans which actually do nothing for the computer. The purpose of these scan is to push users into buying the full version of Trojan B.

Fake warnings will appear that will direct the users to many dangerous websites. It will also disable the proper execution of many programs. Many general system infection warnings will appear even if only the computer is infected. It might prevent the user from gaining access to tools that can remove Trojan B. When it is running, computer will be flooded with warnings and false security alerts. Some of which are:

Infiltration Alert:

Computer is infected by an internet virus like a password stealing attack or similar. System might be at risk. Reports indicating that the computer is infected. Anti viruses protect computers against viruses and other security threats.

Remove Trojan B processes

  1. You will need to open the Windows task manager so that you can stop the Trojan B processes from running.
  2. Press the CTRL+ALT+DEL or CTRL+SHIFT+ESC keys to directly open the windows task manager.
  3. You will see that are four tabs in the task manager. Click on the ‘processes’ tab.
  4. Now find out the following processes under the column name ‘image name’.
  5. Select the found processes and then click on the button ‘End processes’.
  6. The Trojan B processes are:

C:\windows\system32\services.exe

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

C:\Windows\Installer\{bbee3ba2-89af-930c-bb78-1fb4e17db3cc}

Remove Trojan B registry entry values

To remove the Trojan B registry values you need to open the registry editor.

  1. To open the registry editor you need to go to Start button and then click on Run.
  2. Write ‘regedit’ and press Ok.
  3. In the registry editor you will see two panes. Go in the left section of the editor and from the file menu above the window click on the option edit.
  4. Now select Find and type the values of the Trojan B registry entries and press enter.
  5. When the result is shown right click on the registry entry value, select the option Modify from the menu and then click on the option Delete to remove the registry entries completely.

The Trojan B registry entries that you need to find and that must be deleted are:

HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRunRandom.exe

HKCUSOFTWAREMicrosoftWindowsCurrentVersionRunRandom.exe

HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorer

“EnableShellExecuteHooks”= 1 (0×1)

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorerrunRandom.exe

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\”Windows” = “consrv:ConServerDllInitialization”

Remove Trojan B other files

  1. Go to Start button then select the option ‘All programs’ from the menu.
  2. Now go to ‘Accessories’ and click.
  3. After that click on the ‘Command prompt’ option.
  4. You can also open the command prompt quickly by going to Start and then select the option Run.
  5. Write cmd and press enter.
  6. When the command prompt opens write the complete path of the Trojan B files.
  7. Type ‘regsvr32 /u [dll_file_name]’ after the file is opened and press enter.

The Trojan B files that must be removed are:

%Windir%\assembly\tmp

%Windir%\assembly\U

%Windir%\assembly\GAC_64

%Windir%\assembly\GAC_32

%Windir%\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}

%System%\consrv.dll

How to remove trojan b?
Tagged on:                 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>