Tuesday, August 11, 2009

Windows System Suite Removal

Today I came across another piece of spyware that is similar to "AntiVirus 2009" and "AntiVirus 360". It's called "Windows System Suite" and uses the Windows Defender icon as it's icon. The program, like the other two mention, makes the user believe that they are infected with dozens of spyware, viruses, and/or trojans and to pay this fee in order to remove the infected files.

I was able to remove the program by following the manual instructions from this website....http://www.2-spyware.com/remove-windows-system-suite.html. Like with the previous blog post, this one also encourages you to download a removal tool, however below that are the manual removal instructions. I prefer the manual removal method personally because often times the program they want you to download eventually costs you money to fix the problem.

Hope this helps!

UPDATE: While the instructions above were good, I continued to have problems with the computer. The command prompt wouldn't open, any virus protection software installed on the computer wouldn't open, Windows Defender wouldn't open, and other virus protection software would not install. I ran a McAfee Stinger to see if it had a virus (it did not), I ran Windows Updates to see if some hole needing patching (didn't fix problem), and I searched for hours on the Internet trying to find others who were having this problem (nothingwas found). The other strange thing is that the Windows Security Center (the thing that tells you if your Firewall, Windows Updates, & Virus Protection is on) was saying that the "Windows System Suite" was my antivirus protection. Was the stupid Windows System Suite still on this box? I dont think that it actually was. I think that the instructions that I followed did totally remove the malware program, however I was still having some problem.

After some time away, and talking with my boss, I tried a program he recommended (Malwarebytes) and also tried a program I remembered (Spybot - Search & Destroy). Both of these programs did actually open and ran fine. Both programs did find malware/spyware installed on the machine. Both programs did remove all found malware/spyware on the machine. However, it took running both of these programs to fully clean up the issues of programs not opening (ran both programs twice to make sure with a reboot in between - always a good idea).

NOTE: Unlike Virus Protection, it is a good idea to have multiple programs to fight malwware/spyware on your computer.

At this time I installed the AVG Anti-Virus program and ran it to check for viruses (none were found).

Even though the programs would now open, I still had problems with the Security Center showing multiple virus programs installed (both the AVG and the Windows System Suite). I could not figure it out, so again I took some time away from the box and finally figured out what terminolgy to use in my Internet search (more important than one might realize when searching) and came across how Windows stores the settings for the Security Center. Thanks to this forum post, which wasn't exactly my problem but close enough that it gave me the information that I needed, I found that when the following instructions were followed that my issues with multiple Virus protection showing up in Windows Security Center went away!!! :) YAY!!!

  1. Click the start button and search on the word "CMD" - "CMD.exe" should appear.
  2. In the command window at the prompt type each line and press Enter:

    net stop winmgmt
    cd c:\windows\system32\wbem
    ren repository repository.old
    net start winmgmt
  3. Then, please restart the computer and check the result.

MAN this issue was HARD, but thanks to my boss and some Internet searching I was able to fix the problem without totally rebuilding the machine. :)

No comments: