System security 2009 automatically installed

[portlands67]

In my laptop virus alert wallpaper is displaying and System security 2009 automatically installed. System security 2009 showing that my laptop is infected with virus it ask me to scan after scan it showing many viruses. when i try to clean all virus it ask me to activate the system security 2009.

I am using Mcafee virus scan it has catched some Fake Trojan virus . Now macfee also infected onaccess scan has been disabled automatically.

[Poppa_Meth]

If you still have internet access, download malwarebytes from www.malwarebytes.org and install it. You may need to boot into Safe Mode with Networking. Install MBAM, run and update and do a full system scan. This usually get rid of most of these rogue infections.

[HotDamn!]

If you still have internet access, download malwarebytes from www.malwarebytes.org and install it. You may need to boot into Safe Mode with Networking. Install MBAM, run and update and do a full system scan. This usually get rid of most of these rogue infections.

Absolutely, I've seen this happen way too many times. Malwarebytes and Superantispyware should solve your problem. I believe I've encountered the same one your having problems with too. You will most likely have to do it in safe mode as suggested above.

[classfour]

Yes, and the program saying you're infected IS the infection.

rkill.exe, then malwarebytes (after installing latest updates), re-boot into safe mode and run malwarebytes again.

Uninstall malwarebytes, then re-install, as these trojans corrupt malwarebytes.

Install, update and run superantispyware.

[Verify]

If the above replies don't help, Google is your friend - look for the specific varient that is bugging you and try the solution specific to it.

There are a lot of varients on this. For eample see: http://www.bleepingcomputer.com/virus-removal/remove-antivirus-live
(This one will not let you access the web - you get a virus alert for any site you try to visit and then an offer to scan etc.)

Had the same problem on a computer that could not access the internet in safe mode.
Had to download malwarebytes from another computer. Was able to install it on the infected computer.
It did not remove the fake antivirus software and the fake program kept malwarebytes from updating its database.

Finally had to manually edit the registry (after backing it up just in case) to get rid of the offending program.

[MOVIEGEEK]

Also make sure to turn off System Restore to delete any traces, delete quarantine files from Malwarebytes and SAS.

[classfour]

The reason that I suggested rkill.exe as a starter was to prevent the malware from preventing malwarebytes and SAS from accessing the internet/downloading updates.

And yes: I believe the suggestion may have been on bleeping computer.com

[redwudz]

I've seen a several of those fake antivirus programs like 'System security 2009' lately. If in doubt about any program like that, just do a internet search and you can easily find out if it's a genuine anti-malware program. And you will also usually find the best way to remove them.

Also, those type of programs don't 'magically' appear on a computer. They have to be downloaded and installed most times. They can also be very difficult to remove.

Commonly, they use a 'scare' technique to tell you your PC is infected and you need to install their 'cure'. Don't fall for that! Their program is the malware infection. Some are just adware programs and a few are more sinister and may try to steal your passwords and bank information. Even the adware versions can lock up your computer and make it unusable when they overload it with ads.

[Verify]

The reason that I gave the 'bleeping' web site url was that the computer I was asked to debug could not access the internet in 'safe mode with internet enabled' and rkill.exe did not help - it took a manual edit of the registry to fix the problem and the url I provided gave an example of both methods.

As redwudz mentioned, there are dozens of varients of that kind of fake antivirus program out there and a variety of ways of killing them (including rolling back to an earlier System Restore as mentiond by MOVIEGEEK) and it can be a real pain to remove them.

Exercising safe computing goes a long way toward avoiding the problem, but most non-tech. users are at risk. It's a wonder that they haven't all already been infected.

[Poppa_Meth]

In my experience with these, the reason you can't access the internet is usually because these programs set up a proxy server in your LAN settings to redirect any traffic to their own sites. Disabling the Proxy usually restores connectivity.

[davidsama]

If all else fails. Reformat your pc.

[Computer Repair]

System Security 2009 is a rogue antispyware software. It is very similar to the Antivirus System Pro. System Security 2009 is a fake spyware removal tools that spread with the help of Trojans or other malicious software. Once installed,System Security 2009 will scan your computer and display fake security alerts, the scan results it detects are all fake. System Security 2009 will ask you to pay for a full version of the software to remove these infections. System Security 2009 is a scam, Do Not buy this fake antivirus, just ignore this message. This rogue also blocks all the programs especially the antivirus. You may get this warning message when you try to run any program “Application cannot be executed”. The rogue will also hijack Internet Explorer and change proxy Settings to redirect you to the System Security 2009.
To remove it:
- Download rkill.com you can download it from here: http://www.a2zpc.ca/download/rkill.com
You can use a healthy computer and save it to your USB memory stick.
- Boot into the safe mode, copy the file to c: then run it. You may need to do it more than one time.
- Install Malwarebytes, run quick scan.