Remove system security
Solved/Closed
margie22
Posts
1
Registration date
Tuesday January 20, 2009
Status
Member
Last seen
January 21, 2009
-
Jan 21, 2009 at 02:35 PM
JRS - Jul 10, 2010 at 02:02 PM
JRS - Jul 10, 2010 at 02:02 PM
Related:
- Remove system security
- Fnaf security breach free download - Download - Horror
- Nokia hard reset code without security code - Guide
- Security check preventing login - Facebook Forum
- Ubuntu remove password - Guide
- How to remove story from close friends - Instagram Forum
43 responses
Hi! I hope this thread is still somewhat alive!
I think I have a bit of a different situation here. I HAD the system security stuff on the computer it kept popping up when I started the computer and it took me like two days but now it no longer pops up....I HAVE NO IDEA WHAT I DID. I can't even find the folder for it.
However, I like so many others am unable to open the .exe files. Its annoying I have changed everyone of their names but it still doesnt work. Im in Safe Mode right now typing this and downloading files but they still won't open. What do I do?!
also something new is popping up from windows the XP Internet Security(unregistered version) It popped up now in place of the security thing but I know I never downloaded this either but i its from XP shouldn't I be able to trust it and buy it?
urgh! I have never had a I have been sooooo unable to get rid of!
Thanks in advance
I think I have a bit of a different situation here. I HAD the system security stuff on the computer it kept popping up when I started the computer and it took me like two days but now it no longer pops up....I HAVE NO IDEA WHAT I DID. I can't even find the folder for it.
However, I like so many others am unable to open the .exe files. Its annoying I have changed everyone of their names but it still doesnt work. Im in Safe Mode right now typing this and downloading files but they still won't open. What do I do?!
also something new is popping up from windows the XP Internet Security(unregistered version) It popped up now in place of the security thing but I know I never downloaded this either but i its from XP shouldn't I be able to trust it and buy it?
urgh! I have never had a I have been sooooo unable to get rid of!
Thanks in advance
I caught the latest, strongest version of this trojan/virus, AntiMalware 2010, on Windows 7 64-bit.
It saved itself to my local profile, something Microsoft hides from user access.
It disabled registry editing, making various system modifications, using improper versions of task manager, etc.
I would kill ave.exe it in "task manager" and it would automatically reload itself.
It disabled my installed (and active) antivirus software, Internet explorer.
It still loaded when I booted into Safe Mode, which is really not supposed to happen.
All of the built-in Windows 7 "security features" ended up working against me, and/or were easily exploited by this piece of crap software.
If I had downloaded Malwarebytes software or any other anti-trojan software, I would have not been permitted to run them.
I ended up removing the actual executables manually. To do this:
Run "Task Manager". Right click on the offending EXE, and choose properties - to find out where the executable is located on the file system.
In my case it was "ave.exe", located in c:\user\<my profile>\applocal\ or similar.
Reboot into Safe mode with command prompt
At the command line, change to the directory where the offending exe is located.
cd\
cd c:\user\<profile>\applocal
You won't be able to see the folder - Windows 7 hides it - uness you use
dir /A
Which will also show you hidden files and folders.
run these commands against the executable, to remove system flags and delete the offenders
attrib -s -h ave.exe
del ave.exe
there will also be a file or folder in the same directory that is a combination of letters and numbers.
Use dir /A to find it, and then the attrib and del commands to remove it.
There were also a number of files in
c:\user\<profile>\applocal\temp\
A setup.exe, taskmgr.exe regedit.exe - fake copies of my system files.
I used the attrib and del command on everything in this temp folder.
When I rebooted into Normal mode, the trojan did not run, but I was still unable to run task manager, regedit, internet explorer, etc. Now my antivirus would run - but it didn't detect or remove the trojan.
I ended up browsing my hard drive to the actual iexplore.exe, right-clicking and chosing the "Start" option, downloading Malwarebytes Anti-Malware and performing a full scan.
It was able to remove the registry entries that were modifying my system settings.
Hypothetically, a third-party registry editor might also have worked here and I could have removed the rogue registry entires manually... but what a headache!
I hope they find the people producing this thing and lock them away for life.
It saved itself to my local profile, something Microsoft hides from user access.
It disabled registry editing, making various system modifications, using improper versions of task manager, etc.
I would kill ave.exe it in "task manager" and it would automatically reload itself.
It disabled my installed (and active) antivirus software, Internet explorer.
It still loaded when I booted into Safe Mode, which is really not supposed to happen.
All of the built-in Windows 7 "security features" ended up working against me, and/or were easily exploited by this piece of crap software.
If I had downloaded Malwarebytes software or any other anti-trojan software, I would have not been permitted to run them.
I ended up removing the actual executables manually. To do this:
Run "Task Manager". Right click on the offending EXE, and choose properties - to find out where the executable is located on the file system.
In my case it was "ave.exe", located in c:\user\<my profile>\applocal\ or similar.
Reboot into Safe mode with command prompt
At the command line, change to the directory where the offending exe is located.
cd\
cd c:\user\<profile>\applocal
You won't be able to see the folder - Windows 7 hides it - uness you use
dir /A
Which will also show you hidden files and folders.
run these commands against the executable, to remove system flags and delete the offenders
attrib -s -h ave.exe
del ave.exe
there will also be a file or folder in the same directory that is a combination of letters and numbers.
Use dir /A to find it, and then the attrib and del commands to remove it.
There were also a number of files in
c:\user\<profile>\applocal\temp\
A setup.exe, taskmgr.exe regedit.exe - fake copies of my system files.
I used the attrib and del command on everything in this temp folder.
When I rebooted into Normal mode, the trojan did not run, but I was still unable to run task manager, regedit, internet explorer, etc. Now my antivirus would run - but it didn't detect or remove the trojan.
I ended up browsing my hard drive to the actual iexplore.exe, right-clicking and chosing the "Start" option, downloading Malwarebytes Anti-Malware and performing a full scan.
It was able to remove the registry entries that were modifying my system settings.
Hypothetically, a third-party registry editor might also have worked here and I could have removed the rogue registry entires manually... but what a headache!
I hope they find the people producing this thing and lock them away for life.
security tool soft ware installed in my lap top how i dont know ,its blocking all my work for subcription, pl guide me hoe to remove thanks
I tried numerous times (avenger, rkill, etc..) to get rid of the Personal Security software with now luck. Then I read the comment posted by Michael Ditkowsky AND IT WORKED THE FIRST TIME. Thanks Mike...
1. Open My computer, choose Disk C;
2. Find Program Files=>Common Files=>PSecurityUninstall=>Uninstall
3. Run the file Uninstall.lnk
This WORKS LIKE WONDER :D
1. Open My computer, choose Disk C;
2. Find Program Files=>Common Files=>PSecurityUninstall=>Uninstall
3. Run the file Uninstall.lnk
This WORKS LIKE WONDER :D
Didn't find the answer you are looking for?
Ask a question
Mine was removed instantly by Microsoft Security essentials, all I did was click clean computer and it was gone! Just download the free program from the microsoft website. :)
EVERYBODY STOP
RUN MALWAREBYTES - WHEN IT FINDS THE INFECTIONS - LEAVE THEM IN QUARANTINE STATE
ONLY then will it NOT COME BACK!
IT'S THE BIGGEST ZOMBIE EVER - SO DON'T SHOOT IN THE HEAD - LEAVE IN CAGE
RUN MALWAREBYTES - WHEN IT FINDS THE INFECTIONS - LEAVE THEM IN QUARANTINE STATE
ONLY then will it NOT COME BACK!
IT'S THE BIGGEST ZOMBIE EVER - SO DON'T SHOOT IN THE HEAD - LEAVE IN CAGE
I have gotten this a couple time and it does not allow the user to open command or task manager. I got rid of it by restarting my computer and as soon as I type my password and windows starts up I hit "control,alt,delete" for the task manager. I then go to processes and look for the one I do not recognize (it was ifsabfqcc.exe the last time). Once you find it in the processes right click it (Vista/Windows 7, not sure about XP). It is usually a strange name so it is easy to find. Right click "open folder location", you will not be able to force quit it because this program blocks it somehow. Bookmark the location of the program folder to your desktop. ( Every time I have seen it, it is a weird name and the only thing in the folder.)
Now hit the power button and force your computer to shut down, this will bring you to the menu for safe mode, choose start in safe mode. Go to the short cut you made and click the folder, now delete the program and the folder. And restart to be sure it was the correct folder before you empty the recycling bin. Make sure you clear your browser data as well.
You can also look on your "C" drive in the "AppData" folder and sort by date to try to find it if you know the date and time you got it. Again it will be something strange in name and probably different than the one I posted above. In the processes it had a different name but I did not remember to save it. I am also going to re-install my OS just to be sure it is not anywhere else, but I have not had it come back since I did this. It is not a bad idea to have firefox's sciprt blocker, I had it turned off or it would have likely blocked it in the first place.
Now hit the power button and force your computer to shut down, this will bring you to the menu for safe mode, choose start in safe mode. Go to the short cut you made and click the folder, now delete the program and the folder. And restart to be sure it was the correct folder before you empty the recycling bin. Make sure you clear your browser data as well.
You can also look on your "C" drive in the "AppData" folder and sort by date to try to find it if you know the date and time you got it. Again it will be something strange in name and probably different than the one I posted above. In the processes it had a different name but I did not remember to save it. I am also going to re-install my OS just to be sure it is not anywhere else, but I have not had it come back since I did this. It is not a bad idea to have firefox's sciprt blocker, I had it turned off or it would have likely blocked it in the first place.
Hello,
I also have a problem with my desktop being infected by "security system". I also need directions on how to destroy it.
any help?
I also have a problem with my desktop being infected by "security system". I also need directions on how to destroy it.
any help?
xpcman
Posts
19528
Registration date
Wednesday October 8, 2008
Status
Contributor
Last seen
June 15, 2019
1,824
Jan 21, 2009 at 05:56 PM
Jan 21, 2009 at 05:56 PM
download this program it should be able to remove your problem:
https://download.cnet.com/Malwarebytes/3000-8022_4-10804572.html
https://download.cnet.com/Malwarebytes/3000-8022_4-10804572.html
hello,
just a few minutes before i got some kinds of virus affected in my system, but i d'nt khow wts type of security is this and this is the first time. In this security showing that you have detected some trojan,worm,adware,spyware rogue, So if you can help me then please........tell me how can i remove ..............
just a few minutes before i got some kinds of virus affected in my system, but i d'nt khow wts type of security is this and this is the first time. In this security showing that you have detected some trojan,worm,adware,spyware rogue, So if you can help me then please........tell me how can i remove ..............
It hijacked Microsoft Security essentials and when I tried to uninstall it disabled the restore point.
I used Revo Uninstaller but it was still there so I went into safe mode with command prompt
and managed to do a system restore which retrieved my antivirus program, there were subsequent attacks but they were picked up so I did a full scan. At the moment things seem
to be clear.
I used Revo Uninstaller but it was still there so I went into safe mode with command prompt
and managed to do a system restore which retrieved my antivirus program, there were subsequent attacks but they were picked up so I did a full scan. At the moment things seem
to be clear.
Try to remove it manually. Instructions can be found here: https://www.2-spyware.com/remove-system-security.html
Hiiiii I.m waked from Damascus, by chance I saw your discution, I,v got the answer.....
all of u try this product and u will never forget it, it,s amazing, specially for this problem and the rootkit, u know when u cann,t solve a trojan problem this means a rootkit trojan, which is the most dangerus one. so u have to choose your antyvirus specialist in rootkit. and this the one u have to choose: UnHackMe 5.0, right it in google and get it free trial for 1 month from the product home page. I,ll be back to see your comment. byyyyyy
all of u try this product and u will never forget it, it,s amazing, specially for this problem and the rootkit, u know when u cann,t solve a trojan problem this means a rootkit trojan, which is the most dangerus one. so u have to choose your antyvirus specialist in rootkit. and this the one u have to choose: UnHackMe 5.0, right it in google and get it free trial for 1 month from the product home page. I,ll be back to see your comment. byyyyyy
I tried this out I just got system security 2009 on my PC earlier and tried a few different programs but they did nothing saw your post figured hell why not and it sure did work also found a couple of other really minor problems that I paid no attention to A+++++ damn good software I will test it out and probably buy it soon
I´ve tried to execute any aplication on may laptop but this stupid virus don´t let me to do it. It says every executable is infected even the anty spy-ware but the Explorer. What can i do?
Reboot, Safe mode, install
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
scan and remove
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
scan and remove
I have the same problem. I even tried to format the drive but could not get any executables...any luck ?
Contact me at charles.drew@hotmail.com for any more question on how to get rid of this pos virus. I might be able to help aswell. I had this virus also and i fixed my computer w/o having delete anything from my computer that i needed
advance form of virus took over my system completely. probably erased my restore points so windows restore would not work. next, prohibited any program from being started, including task manager and all the windows tools. took over my desktop as well.
SOLUTION: must do this as soon as possible. start in safe mode, search for .exe files that have just been created, or modified. in my case, the virus files had their own icon! just place those programs in your recycle bin (that simple!).
restart your pc (you will get many error messages but you will be able to) and download either mcafee or norton's trial version, don't mess around w/ viruses that pretend to be free software. let the mcafee/norton repair as much as it can.
restart, go to kapspersky and run a free on line scan.
two problems have persisted, some errors messages when i turn my pc on and random sound "viruses" anything from comedy to lysol commercials.
btw norton's on line help was worthless.
final advice: avoid using Internet explorer. use firefox instead. the virus seems to need IE to take over.
SOLUTION: must do this as soon as possible. start in safe mode, search for .exe files that have just been created, or modified. in my case, the virus files had their own icon! just place those programs in your recycle bin (that simple!).
restart your pc (you will get many error messages but you will be able to) and download either mcafee or norton's trial version, don't mess around w/ viruses that pretend to be free software. let the mcafee/norton repair as much as it can.
restart, go to kapspersky and run a free on line scan.
two problems have persisted, some errors messages when i turn my pc on and random sound "viruses" anything from comedy to lysol commercials.
btw norton's on line help was worthless.
final advice: avoid using Internet explorer. use firefox instead. the virus seems to need IE to take over.
I found out that if you shut down your computor or pc. Restart in safe mode and do a system restore. it will remove the system security 2009 and save all your files. My pc is a Compaq CQ50 laptop and it did the trick for me. The System Security 2009 is a pain in the backside. It took me 3 hours to figure out how to remove it. I hope this will help all the other people out there that have this problem.
I had ss09, i could not even restore my comp. However i killed this lil virus by stopping processes, renaming mbam.exe to mbam.bat than ran superantispyware than avg... now my computer is almost 100% i will rescan about 5 more times before i say 100%... for those of you who can't run malwarebytes. you need to stop the go to safe mode networking, download malwarebytes, rename as i just said. run and do a FULL scan, do Superantispyware, than a good free anti virus program i am using avg... i am a computer dummy and don't know too much so IF I can kill this thing so can YOU... Good luck.
p.s if your a dummy like me.... rename by going into my computer, program files.. malwarebytes .. find mbam.exe right click rename mbam.bat than double click... when i double clicked it, it wouldn't run until i double clicked again than it popped up saying malwarebyes already running.. thats the only way i could get it to run... .... This virus plagued me for 2 weeks.... but i got you sucka... no, kidding please don't get me again im kidding... im sorry.. lol.. good luck people.
p.s if your a dummy like me.... rename by going into my computer, program files.. malwarebytes .. find mbam.exe right click rename mbam.bat than double click... when i double clicked it, it wouldn't run until i double clicked again than it popped up saying malwarebyes already running.. thats the only way i could get it to run... .... This virus plagued me for 2 weeks.... but i got you sucka... no, kidding please don't get me again im kidding... im sorry.. lol.. good luck people.
Thanks to all. I think I have got through my issues. Just thought I would try and help others ....my issue was that i could not attach to the net and so had to do all manually from my existing resources. (had to use another old PC to get to the net to find this site!!!). I found some of the files and directories created they all were linked by a common file name which was a number...seems to be a different number for each person. mine was 11812720. It created a directory in my documents and settings\all users\application data directory called 11812720. also a file in my start menu, also a file at c:windows/prefetch. A search by date and title proved very useful in isolating these files
Was only able to rid myself of these after starting in safe mode (continually banging F8 while the computer was booting up). Chose to start in start 'last successful' mode. This gave me a fresh start and allowed me to delete the relevant files and the directories, update and rerun McAfee (which incidentally seemed useless against this...its website even more ineffectual).
I also found early in my hunt for solutions, that repressed efforts of the same thing actually help. I was using and reusing control/alt/delete to get to task manager and it evenutally kicked in.....didn't help me when I got there, but the perserverence showed that repeated efforts did get though some of the dominance of this program.
Hope this at least helps a little for others. good luck....it can be beaten, even by a no idea hack like me!!!
Was only able to rid myself of these after starting in safe mode (continually banging F8 while the computer was booting up). Chose to start in start 'last successful' mode. This gave me a fresh start and allowed me to delete the relevant files and the directories, update and rerun McAfee (which incidentally seemed useless against this...its website even more ineffectual).
I also found early in my hunt for solutions, that repressed efforts of the same thing actually help. I was using and reusing control/alt/delete to get to task manager and it evenutally kicked in.....didn't help me when I got there, but the perserverence showed that repeated efforts did get though some of the dominance of this program.
Hope this at least helps a little for others. good luck....it can be beaten, even by a no idea hack like me!!!