Are you feeling headache with your computer infected by Win32/Medfos.CU Virus?  Can’t bear the fact that your beloved computer being disarranged and running slower and slower? Have tried to kick it out with a variety of anti-virus programs but the tricky virus still keeps reappearing every time after reboot? Please look below the step by step guide to remove this nasty virus if you are the one among those infected users.

What is Win32/Medfos.CU Virus?

Win32/Medfos.CU Virus is classified as a tricky Trojan created by hackers with illegal objective. The virus comes from the family: Win32/Medfos.DD, Win32/Medfos.DE, Win32/Ponmocup.AA, Win32/Pronny.AC, Win32/Pronny.DM, Win32/PSW.Agent.NTM. It slips into your system silently when you click malicious link, visit pornographic website or downloading attachment from spam emails. Once it gets in it will resides there as its home for very long time and it will never gone automatically. Along with its visit, there will be a lot of troubles happening within your system: The virus will automatically download unknown malicious files, severely slow down your computer with high consumption of PC resource. It will also block your anti-virus from updating as well as Windows Firewall, redirect your search queries to other unknown malicious websites or Ads sites. Sometimes it may also force your system restart unreasonably. It will wreak chaos inside your computer and make the system crash down. Besides, It may open backdoor for hackers to control your system very easily. Via this nasty Trojan the hackers are able to steal your important private information such as user name, password, credit card number, business secrets, etc.

The Actions Win32/Medfos CU Virus May Take on Your Computer

a) Block the functions of anti-virus programs, you can’t run them as well as updating them via Internet.

b) Make your computer restart or shutdown frequently and unreasonably. Sometimes you even found your PC is totally crash down.

c) Copy itself and propagate fast which will lead to great CPU and RAM consumption thus severely reduces the performance of your computer.

d) Create backdoor for intended hackers who will be able to control your computer and steal your important information such as private data and banking details.

e) Attack and damage your system files and programs, you will find your computer is running weirdly and some programs are not able to run any more.

f) Automatically download other virus when the Internet connection is available.

In a word, this virus must be kicked off completely from your computer as soon as possible before it can bring more damage.Next we will offer step-by-step guide to help you safely and quickly remove Win32/Medfos.CU Virus. If you have any problem during the removal process, please contact Yoocare agents 24/7 online service for more detailed instructions.

If you need any help, Live Chat with YooSecurity Experts Now , or you can follow our step-by-step virus removal instruction below to clean the virus yourself. (For advanced computer users)

Best Way to Remove Win32/Medfos CU Virus Step by Step:

Firstly, please restart your computer and get in safe mode with networking:

Please follow these steps to get rid of Win32/Medfos.CU Virus manually:
Step 1: Press CTRL+ALT+DEL or CTRL+SHIFT+ESC. Open the Windows Task Manager.
If that didn’t work, try another way. Press the Start button and click on the Run option. This will start the Run tool. Type in task-mgr and press OK. This should start the Windows Task Manager

Step 2: Within the Windows Task Manager click on the Processes tab. Find the process by name. random.exe related to Win32/Medfos.CU Virus. Then scroll the list to find required process. Select it with your mouse or keyboard and click on the End Process button. This will kill the process.

Video Show You on How to Modify or Change Windows Registry:

Step3: Remove malicious files of  Win32/Medfos.CU Virus

C:\windows\system32\services.exe
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
C:\Windows\Installer\{bbee3ba2-89af-930c-bb78-1fb4e17db3cc}

Step4: Delete malicious registry entries of Win32/Medfos.CU Virus.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Random.exe
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Random.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer
“EnableShellExecuteHooks”= 1 (0x1)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\Random.exe

Note: This article just offer an reference of possible solution to clean Win32/Medfos.CU Virus for advanced and experienced computer users. Because the hackers create and update the virus from time to time, also the tricky virus may changes all the time and disguises itself, therefore it may happens that you can’t find and kill it completely according our step-by-step instructions. Meanwhile, the manual removal of virus needs expert skills. If you haven’t sufficient expertise in dealing with PC issues, especially in dealing with program files, processes, .dll files and registry entries, it is not recommended to try it yourself, because any mistake may lead to fatal damage to your system.

If you can’t clean the virus successfully with the instruction above, you’re welcome to consult YooSecurity certified experts to fix the problem.

Published by Michael Myn & last updated on November 27, 2012 5:41 am

Leave a Reply