BleepingComputer.com: Help remove a System Security 4.52 version

Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Help remove a System Security 4.52 version

#1 User is offline   duke67 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 3
  • Joined: 10-July 09

  Posted 10 July 2009 - 06:47 PM

Please help!

I ran the downloaded program to kill the System security 4.52 and was successful. It was removed from the ADD/REMOVE programs application. However when I rebooted, the damn thing came back on. I tried running the program again to kill the .exe but now it's saying access denied.

What is this System Security crap and how did it get in our system.

PLEASE Help!

Edit: Moved topic from Introductions to the more appropriate forum. ~ Animal

#2 User is offline   Animal 

  • Bleepin' Animinion
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Site Admin
  • Posts: 17,987
  • Joined: 18-August 05
  • Gender:Male
  • Location:Location, Location

Posted 10 July 2009 - 06:53 PM

Take a look here: How to remove System Security (Uninstall Instructions)
The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown
Posted Image
A learning experience is one of those things that say, "You know that thing you just did? Don't do that." — Douglas Adams.
Why is the word abbreviation so long?
Follow BleepingComputer on: Facebook | Twitter | Google+

#3 User is offline   duke67 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 3
  • Joined: 10-July 09

Posted 10 July 2009 - 07:18 PM

Hello,

I was able to run the downloaded and rename it accordingly. I was able to delete the icon ex:1234567 and killed the process.

The next steps however, I can't seem to do.
SystemSecurity will no longer be active in memory but is still installed so best let MBAM rip it good and proper smile.gif

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to the following:
* Launch Malwarebytes' Anti-Malware
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad and if required the program will ask you to reboot to remove locked files.

#4 User is offline   duke67 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 3
  • Joined: 10-July 09

Posted 11 July 2009 - 02:42 AM

After I was able to kill the system security .exe icon, I rebooted my PC. Instead of running the next process suggested above, I ran the system restored.

Everything is fine now and most importantly the malware is GONE.

Thank you for the awesome help! It was tremendous help. I've read from other posts, that this malware attacked several users with XP all this week. How can this be prevented in the future? OR can it be even with a anti-virus and firewall on?

Anyway, thanks again for the instructions to get this issue fixed!

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users