How to remove system security 2009

Problems? Post here...
Post Reply
User avatar
bozotheclown138
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 172
Joined: 07 Feb 2009, 17:00
15
Contact:
Contact bozotheclown138

How to remove system security 2009

Post by bozotheclown138 »

Hello im assuming most people on this website will probably not fall into this trick but seeing as though how hard it is to remove i thought id help you out if you do have it.

Now what it does is it is a very dangerous rogue security system that of course makes you believe you have viruses and try to make you buy the program. but the difference between this one and others is-

disables all usb drives.
disables command prompt.
disables notepad.
disables control panel.
disables taskmanager.
disables regedit.
disables msconfig.
disables booting in regular safe mode.
and denies access to most programs

Now of course with disabled usb drives if you run off a wireless card connected by a usb... you didnt even have internet anymore and you can't even attempt to find anything to remove it and you can't use utilities from from a flashdrive.

Now to start fixing the problem restart the computer while holding f8 to boot into the safe mode options now choose safe mode with command prompt and that will appear.

type in regedit
the registry will come up and navigate to these parts...

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]

Now in each of these areas are items that are loaded each time windows boots up and I forget the processes for system security 2009 but itll be pretty easy to spot out (sorry for this inconvienence and itll probably be random numbers) but just delete these items

And now restart your computer
Now the initial program has been stopped... but your still infecteed
But you have regedit, command prompt, task manager, and msconfig back.

usb drives are still disabled so for this part youll need to get a direct internet connection and a tool thatll remove this program completely is malwarebytes antimaleware

I hope you enjoyed ;)
Top
User avatar
ph0bYx
Staff Member
Staff Member
Posts: 2039
Joined: 22 Sep 2008, 16:00
15
Contact:
Contact ph0bYx

Post by ph0bYx »

Very nice!
Here I've found these registry entries of SysSec2009:

Code: Select all

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemSecurity2009
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "00308937"
HKEY_LOCAL_MACHINE\Software\00308937
Top
User avatar
bozotheclown138
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 172
Joined: 07 Feb 2009, 17:00
15
Contact:
Contact bozotheclown138

Post by bozotheclown138 »

thank you for that addition ph0bYx i will admit i just started fixing this problem on my friends computer today and i only had a small amount of time to work with it along with research on the topic so it may be a little sloppy haha :?
Top
Post Reply

Return to “Windows”