Hello im assuming most people on this website will probably not fall into this trick but seeing as though how hard it is to remove i thought id help you out if you do have it.
Now what it does is it is a very dangerous rogue security system that of course makes you believe you have viruses and try to make you buy the program. but the difference between this one and others is-
disables all usb drives.
disables command prompt.
disables notepad.
disables control panel.
disables taskmanager.
disables regedit.
disables msconfig.
disables booting in regular safe mode.
and denies access to most programs
Now of course with disabled usb drives if you run off a wireless card connected by a usb... you didnt even have internet anymore and you can't even attempt to find anything to remove it and you can't use utilities from from a flashdrive.
Now to start fixing the problem restart the computer while holding f8 to boot into the safe mode options now choose safe mode with command prompt and that will appear.
type in regedit
the registry will come up and navigate to these parts...
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
Now in each of these areas are items that are loaded each time windows boots up and I forget the processes for system security 2009 but itll be pretty easy to spot out (sorry for this inconvienence and itll probably be random numbers) but just delete these items
And now restart your computer
Now the initial program has been stopped... but your still infecteed
But you have regedit, command prompt, task manager, and msconfig back.
usb drives are still disabled so for this part youll need to get a direct internet connection and a tool thatll remove this program completely is malwarebytes antimaleware
I hope you enjoyed
How to remove system security 2009
- bozotheclown138
- Fame ! Where are the chicks?!
- Posts: 172
- Joined: 07 Feb 2009, 17:00
- 15
- Contact:
Very nice!
Here I've found these registry entries of SysSec2009:
Here I've found these registry entries of SysSec2009:
Code: Select all
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemSecurity2009
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "00308937"
HKEY_LOCAL_MACHINE\Software\00308937
- bozotheclown138
- Fame ! Where are the chicks?!
- Posts: 172
- Joined: 07 Feb 2009, 17:00
- 15
- Contact: