The article intends to describe the procedure of removing Windows Support System, a rough program (Trojan) designed to infect Windows applications by appearing as a legitimate program. The methods described here are simple and correct until date. It is, however, advised that these should be followed correctly to avoid facing problems.
The below mentioned guide will help you get rid of the tool on your own and without the help of virus removal support or Microsoft technical support alternatively. Besides, it will save your precious time and money that would otherwise be spent looking for support alternatives.
Instructions:
Close all the windows and reboot the computer. If you are unable to do so, force it to reboot by powering off and then on. While the computer starts rebooting and before the Windows logo appears, start tapping the F8 key on the keyboard until you see the boot menu. Use Up or Down arrow keys to select and boot computer in Safe Mode with Networking.
When the computer has booted up fully, click on the Start menu and go to My Computer. Click on the Tools tab and then select Folder Options. Click on the View tab, scroll down and look for the Show hidden files and folders option. Click to select this option, click on the Apply button and then OK to exit the Folder Options window.
Now that all the files and folders including hidden are visible, you must search for the Application Data folder. Click on the Start menu and go to Run. Type ‘shell:appdata’ (without quotes and as is) in the blank box and then hit Enter on the keyboard. This will bring up the Application Data window. Look for the files or folders with random or weird names like diswte.exe in the window. Delete any such file by right clicking on it and then selecting the Delete option from the dropdown list. Do not delete any genuine Windows file that may result into severe errors in your system.
Close all the windows and go to Run again. Type ‘regedit’ in the blank field and hit Enter on the keyboard to bring up the Registry Editor window. If you are not sure what to do, first backup your registry by clicking on the File menu and then selecting Export. Give a name of your choice (like registry backup) to the file for easy recognition in the File name box. Click to select All under the Expert range. Click on the Save button and exit the window.
Your entire registry is backed up now. In the Registry Editor window, locate these registry entries and delete them. These include
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore "DisableSR " = '1'
If you have difficulty locating them, take help of an expert. When done removing these entries, close Registry Editor. Remember; do not change any other registry entry except these ones. A wrongly modified registry will result into severe problems including system crash in your computer.
Exit all the windows and connect to the internet. Update your existing antivirus program and then run a full system scan. It is mandatory as it will ensure that no traces of the rough program are left in your system. Wait until the scan finishes and cleans your machine. It is mandatory to update your security program on a regular basis in addition to running scans.
Also download and install Malwarebytes’ Anti-malware program from its official site or a torrent but safe one. Install the tool using the wizard’s instructions and then run it. Update the program first and then run a scan. Wait until the program scans for the remnants of Windows Support System and removes them automatically. When done, reboot your computer in normal mode. Your computer is completely free of the malicious program now.
Additional Tips:
Like other malicious tools, Windows Support System appears to be a legit software and circulates phony virus infection alerts, system errors, and registry errors. Besides, it automatically runs fake virus scans and causes slowdown issues in a Windows computer.
While displaying all such junk, it demands you to purchase its full version to remove fake virus infections etc. The program prevents you to remove it from your system by disabling your internet connection and antivirus etc.
If you are facing problem with your Windows Operating System you can reach V tech-squad for Windows Support at their Toll Free No +1-877-452-9201 For US/CA.
V tech-squad, Inc. is the leading third-party service provider of certified online technical support services. Our Microsoft-certified technicians not only resolve virus/spyware removal issues but also educate you how to avoid your PC from future interaction with any type of worm, virus, or Trojan etc. Our top-class services include Microsoft product support, antivirus issues, malware issues, spyware issues, wireless router issues, printer issues, and non-computer devices etc.