Beware to Sys.cougarsupport.net Virus (or we may also call it a malware). What is it exactly and how to remove then fix the things it left behind? First thing first we have to get to know about if. Sys.cougarsupport.net is a highly dangerous web browser hijacker presently active on the Internet and it gets into your computer secretly while trolling over a malicious site and clicking on the unknown links or by opening spam email attachments or downloading free software unknowingly. It can even bypass windows firewall and antivirus, sneak into your computer without the concern of the user. Sounds bad huh?
And what happens if it gets into your PC? Obviously it will get access over the key system parts and every time you search for anything on the internet you will probably be forced to some kind of unwanted sites.
Known Symptoms
It prevents anti-virus and anti-spyware or anti-malware programs from getting into active state and also prevents from updating.
The infected system browser settings are changed without the concern of the use
Continuous appearance of pop-ups within your system and from the browser while browsing.
It displays false alarm message like your computer is at risk or you are browsing unsafely and need to install the security program from its site.
Steps To Remove And Fix Infected PC
1- Restart your computer
2- Hit F8 then enter Safe Mode with Networking
3- Open the Windows Task Manager by pressing CTRL+ALT+DEL
4- Click on the Processes tab under the Windows Task Manager.
5- Then find the process by name random.exe related to Sys.cougarsupport.net virus.
6- Then navigate down the list to the required process.
7- Select and click End Process button. This will end or kill the process.
8- Now delete these files in drive C: (or main Windows installation):
C:\windows\system32\services.exe
C:\Windows\winsxs\amd64_microsoft-windows-s..s servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
C:\Windows\Installer\{bbee3ba2-89af-930c-bb78-1fb4e17db3cc}
9- Type “regedit” in the search box or in the Run dialog box to open the registry editor.
10- Then navigate and delete the following entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Random.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Random.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer
“EnableShellExecuteHooks”= 1 (0×1)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\Random.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Internet Explorer\URLSearchHooks=Random.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\Random.exe
11- You can also try restore to default settings.
To achieve this open Internet Explorer >> Click on Tools menu >> Select Internet Options >> Click on the Advanced tab >> Click on the Restore Defaults button and then hit OK button.
Side note: The Random.exe can be any file in the system directories. You better then install trusted anti virus and anti-malware apps like MalwareBytes.
No Responses