How to remove System Security 2009 rogue anti-spyware

Malware Description:
System Security 2009 is a malicious clone of the notorious rogue anti-spyware called System Security. Being no particularly different from its dangerous predecessor, System Security 2009 employs the same misleading tactics to attain its corrupt commercial goals. When it comes to System Security 2009 infiltration methods, you will be surprised to learn that its unregistered version installs without your awareness or consent because it intrudes using backdoor techniques. The trojan viruses that guide System Security 2009 trialware into the target system will flood your computer routine with the exaggerated popup ads that state your PC has security risks. The wrongful effect of your having a severely contaminated computer will be reinforced by System Security 2009 fake scanners that will appear now and then out of nowhere and also report a variety of infections. According to System Security 2009 fake pop-ups and scanners, the only way to fix your computer and remove the “detected” infections is to install System Security 2009 licensed software. Now, a few disclosures: System Security 2009 does not and cannot possibly detect any threats on the compromised machine because it has no legitimate antivirus engine behind it. Moreover, System Security 2009 commercial version is worthless and surely not wanted on your PC. Do NOT get tricked into paying for System Security 2009. instead, remove this pest right after you detect its malicious activity on your computer.

Malware Type: Rogue Anti-Spyware

Malware Author: Innovagest2000

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

System Security 2009 Free Scanner and Remover: Download Now

System Security 2009 Screenshot:

System Security 2009

How to remove System Security 2009 manually:
Manual removal of System Security 2009 is feasible if you have sufficient expertise in working with program files, system processes, .dll files and registry entries.

The files to be deleted are listed below:

  • %\Documents and Settings%\All Users\Application Data\00308937\pc00308937ins
  • %\Documents and Settings%\All Users\Application Data\00308937\00308937.exe
  • %\Documents and Settings%\All Users\Application Data\00308937\config.udb
  • %UserProfile%\Desktop\System Security 2009.lnk
  • %UserProfile%\Start Menu\Programs\System Security\System Security 2009 Support.lnk
  • %UserProfile%\Start Menu\Programs\System Security\System Security 2009.lnk

The associated registry entries to be removed are as follows:

  • HKEY_LOCAL_MACHINE\Software\00308937
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run “00308937″
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemSecurity2009

Please, be informed that manual removal of System Security 2009 is a cumbersome procedure and does not always ensure complete deletion of the malware, since some files might be hidden or may automatically reanimate themselves afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal of System Security 2009, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.

Download System Security 2009 Automatic Remover

Like This Article? Let Others Know!

Reader's Comments:

  1. chris |

    The infection is preventing most applications running so anything I download is neutralized: any suggestions?

  2. admin |

    Chris,
    You should try to download and launch the remover in Safe Mode With Networking which can be accessed through repeatedly pressing F8 when booting.
    In Safe Mode, the rogue shouldn’t prevent you from using security utilities.
    Good luck removing System Security 2009 fraud!
    Regards,
    Remove Malware team

  3. Jason |

    If you locate the file with the shield icon in your system. ussually in the C:/program data\ folder. You can rename the systems security folder and program to 2222. This will interupts it’s pathways for running when you reboot the PC. As a result you will then be able to download and use removal programs or manually remove it. This was how I solved not being able to run any exe files for removing it or going to the CMD or Taskmgr.

  4. PinkPrincess |

    *******************I DID IT I DID IT******************

    1. RESTART PC AND PRESS F8 LIKE CRAZY
    2. RESTART IN SAFE MODE
    3. CLICK ON START MENU, RUN
    4. IN RUN TYPE MSCONFIG
    5. STARTUP
    6. ****UNCHECK THE BOXES THAT SAY “16109684, 96119676, AND WHERE THERE IS A EMPTY SPOT WITH A CHECK MARK IF ITS THERE”.
    7. RESTART PC AND THEN INSTALL THE REMOVER WHICH WILL DETECT IT. RUN UP TO DATE ANTIVIRUS AND SPYWARE TO GET RID OF THE PROBLEM

    8. ALL DONE NOT ONE PROBLEM WITH MY COMPUTER YEAHHHHHHHHHHH

    AGAIN THE REMOVAL TOOL WILL REMOVE IF ABOVE STEPS ARE FOLLOWED

    HOPE THIS HELPED GUYS

  5. Eleanor |

    I just suffered from this tricky virus – ironically it appeared just as I was trying to download the latest version of AVG. It wouldn’t let me open any other programs and closed down AVG and Spybot. It also wouldn’t let me use Add/Remove programs. So I rebooted in safe mode by pressing F8 just as the computer was loading up (as a non-PC-expert I was concerned this would be all MS-DOS-esque and I wouldn’t understand it but it was fine). I loaded windows as the Administrator, not as myself and then followed the removal tips without System Security preventing me from doing it. Phew!

  6. Feri |

    Hi again. I succesfully removed that shit. THANKS TO YOU GUYS!!!! Because i readed again and again your tips THANK YOU AGAIN!!!!

  7. Mavrick |

    I’m having all the above problems, its even gotten as bad as where its not allowing me to booth my computer in safe mode.

  8. Darin |

    Great tip Jason. I was unable to download and run any anti-malware software until I read and followed your advice. Thanks for the help!
    D.

  9. Peter |

    Hey i listened to jason and his worked. Jason is the MAN!

  10. Ron |

    Thanks guys very helpful. Older pc would not allow me to do safe mode but booting up and CTRL ALT DEL at first sign of desktop and quickly shutting off the exe’s that had number prefixes–I had 2 of them I then was able to scan & clean my PC. Working great!

  11. fencer50 |

    pink princess…thanks for a great tip…my numbers were diferent but blocking them has stopped the virus from starting up…still cant permanently remove it yet but at least i can use my pc again

  12. Jason L |

    Jason(the other Jason above, not me), you advice was crucial. Everyone needs to give that post a read. Here’s how I did it.

    1. Located the file that displays the System Security Shield(Black and orange tiger stripes). Mine was in C/Documents and Settings/All Users/Application Data, and it was in a folder with a random number(160504, I think. Your number may be different.

    2. Go into that folder and rename the shield file 2222, then rename the folder 2222. Make sure they’re both renamed. Like Jason said, this disrupts the programs pathways.

    3. Restart. You should be able to do a few things you couldnt do before when your computer boots up again, like connect to the net and run msconfig. I went to my start menu, clicked run, put in msconfig and went to the startup tab.

    4. Here you can prevent the program from bugging you on start up. Just find the file with the random numbers for a name(mine was 160504 or something) and uncheck it.

    5. I restarted and was able to install the removal tool provided above.

    6. Run a scan and remove System Security 2009 pest, and the problem is solved.

    If I ever find the scammers responsible for creating these bootleg trojan programs, I swear I’ll break a few bones…maybe a neck or two. These things are ridiculous.

  13. willToDo |

    thank you for all the valuable contributions in this forum I have managed to remove this rogue from my computer which was stopping me from running even basic applications like such as excel and word. Could not locate in the control panel add/remove.After following instructions by Jason above I have managed to eliminate it. True it uses random numbers to disguise itself.
    thank you so much to all u legite guys.

    Another satisfied user!!!!!!!!!!!!!

  14. Jackie |

    Thank you, thank you, thank you!
    Both the Jason’s advice above got me up and running again!
    That was a real p.i.t.a.!

  15. tech-tonics |

    There appears to be 2 main varities. One where you can access applications like msconfig and one where you are completely blocked from using all programs except System Security and Windows Explorer.

    I have just finished removing the complete blocked from one of my clients machines. I had it particularly bad, as some have reported, where I could not even start the machine in safe mode. I was able to solve this by starting with a boot disk (I used an old version of Winternals system start disk). The going to, THANKS TO JASON, C:\Documents and Settings\All Users\Application Data and renaming the numbered Folder and Shield application. (actually I just delete the shield application)

    Then I was able to start windows and run anti-virus and spyware, configure masconfig and delete all of the System Security software.

    good luck.

  16. ruth |

    Thank you! I was having trouble trying to figure this out and was very frustrated. Everyone’s advice helped. I just started my computer in Safe Mode like pinkprincess said and the computer restarted normally. I was then finally able to download Spyware Doctor. It’s scanning now so hopefully it’ll get it all.

  17. Joe |

    I had the exact same problem/symptoms as described by tech-tonics. Jason’s post worked like a charm. I’m a system admin with my company and we have been getting hammered with these damn things for months now. Some are fairly easy to clean while others have been near impossible to clean.

    After doing the initial steps I used the removal tool to clean the system.
    Thanks Jason!

  18. beth |

    Thanks a bunch guys! Jason you are the man. I got it fixed! I was at least able to boot in safe mode. Feel sorry for those of you who aren’t. I have a really good anti-virus software but it didn’t catch this mess!

  19. admin |

    Dear blog users,
    We would like to thank everyone for sharing your experience! With your permission, we’d like to sum up a number of useful tips mentioned by everyone above. It should simplify System Security 2009 removal procedure and facilitate your search for the advice you need.
    So far, we’ve come across 2 most effective methods of System Security 2009 removal.

    Method #1.
    1. Locate System Security 2009 folder in your system. Usually, it can be found at C:\Documents and Settings\All Users\Application Data. It should be a numbered folder (called 694157 or something similar) with a shield icon.
    2. Rename the numbered folder to 2222; delete the shield application (if possible).
    3. Restart your PC and try to download our removal tool above. System Security 2009 shouldn’t prevent using antivirus software now.

    Method #2.
    1. When you are starting your PC, repeatedly press F8. It should let you go to Safe Mode.
    2. Then, go to Run in Start Menu. Type MSCONFIG.
    3. Then, on the GUI that opens, uncheck all the numbered items or others you cannot recognize as your legit programs, including the blank ones which are checked.
    4.Restart.
    5. Install our removal tool and remove System Security 2009 scam.

    Method #3 (sometimes, it’s needed to combine the 2 ways).
    1. Use Method #1 (items 1-2) then Method #2.

    We DO hope it works! Try it.
    Regards,
    WP

  20. May Wong |

    Thanks for Jason L advice. I managed to remove that rogue. Good to have this forum and appreciate to those genius sharing their experience and knowledge.

  21. Alex |

    Thanks Jason! Following your advice I managed to get rid of that shit. There was only one problem – I couldn’t delete the folder even after changing the name so I had to restart and work in SAFE MODE, but finally everything was fine.
    Many thanks!!!

  22. Pamela Laura |

    Dear Jason,admin and pinkprincess,,,,thnxxxx for all this help…love u all!!!

  23. Donna |

    Thank you Jason- I was just about to give up- this was so easy!!!

  24. Frank |

    Thanks guys!!! Thanks to everyone who shared the way to solve this.
    It is 6:00 am now, I could finally stop this script!!! It was blocking the pc of a friend! Wow, for a moment I thought that I messed EVERYTHING! There was a wallpaper which said a lot of things related to this…well, you should know pretty well too :D
    Once again, thanks to everyone on this thread!
    Regards from Uruguay!

  25. Vincent |

    Thank you very much Jason!

  26. Michael |

    thanks for the advice guys, it worked wonders

  27. alvin |

    Thank goodness for this post. I came home late last night and found that my computer had been taken over by this, and it would not allow me to go on internet or get into my remove program application. So when I came to this site and saw the download solution, I wondered how I would be able to do this if I couldn’t get on Internet in first place. So now I can’t wait to get home to try the Jason solution. Many thanks.

  28. Aliza |

    Thank you so much guys for these posts! I have been worried about this stupid malware since a week. Thanks Jason & Jason L for making it more clear!

    I was not able to locate the file under C:\Documents and Settings\All Users\Application Data in normal mode but was able to find the System Security icon on desktop in safe mode.

    Thanks so much!

  29. Luke |

    I want to add my thanks to Jason and all for this information. I had the version which wouldn’t allow me to boot into safe mode or start task manager. Thank goodness I could go into “my computer” and find the file and rename it. After a reboot no problem! I thought my computer was ruined and now it is working fine. Thanks again.

  30. Lynette |

    Thanks pinkprincess! It worked!

  31. Jason A. |

    Jason thank you very much for the trick it really work and you too Jason thanks a lot, you guys rule.

  32. Tloke |

    Just wanted to clarify that I deleted the folder from the Program Data folder and not the AppData folder as I incorrectly posted above.

  33. weezieb |

    thankyou all so much for your posts i got it out from the f8 directions.I was in tears for a while…so good of all of you to post like you did.

  34. Bifford |

    I installed this noxious software while offline. Then I ran some anti malware and it found 2 infections named setup.exe (“rogue.installer”). One in the registry and the other in C:\Program Files. I deleted both and have had zero problems since. I couldn’t find any instance of the brown striped shield icon anywhere on my system even after running in safe mode.

Post a Comment: