Remove System Security 4.52


System Security 4.52 is part of the System Security variants that has successfully infected millions of computers world-wide. Like the previous versions, System Security 4.52 will make changes on Internet Explorer default settings, Windows registry and system files. These changes will result to browser redirection and some Windows utility programs will fail to respond. It can also prevent users from visiting any valid security web sites and block updates for installed antivirus software.

System Security 4.52 is mostly uphold by a partnered Trojan. These Trojans are hiding on compromised sites that instantly run a payload when you visit the page. Without your knowledge, simple visit to the site causes download and execution of System Security 4.52 into your computer. On the other hand, attackers are also using mild attack in the form of fake alerts. These alerts will declare that your PC is infected and requires you to download System Security 4.52 as the sole remover. Victims who are unaware that this is fake antivirus usually fall into this tactic. After loading System Security 4.52 into their machine, the infection remains. Worst, there is greater danger now that the malware is present.

Existing System Security 4.52 always runs a virus scan on each Windows boot-up. It is followed by excessive pop-up alerts stating several infections on various files. Together, these false warnings only try to force you into buying the registration code for System Security 4.52. We suggest that you ignore this prompts. Instead, run a scan on the computer suing anti-malware tool to remove System Security 4.52 and all of its data.

Fake System Security 4.52

What System Security 4.52 Does?

System Security 4.52 invades a computer through occupation of system folder and Windows registry. It modifies system files and inserts a value into registry to form start-up script. Once running, this rogue software will scan the computer and mimics what real anti-virus program does. However, results provided by System Security 4.52 are false.

It will modify Windows Registry and add the following entries:

  • Microsoft\Windows\CurrentVersion\Uninstall\AdwarePro
  • Microsoft\Windows\CurrentVersion\Run\AdwareProMFCT
  • Microsoft\Windows\CurrentVersion\App Paths\AdwarePro.exe
  • Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start\Menu2\Programs\AntivirusXP
  • Microsoft\Windows\CurrentVersion\Uninstall\Hyves Browser
  • MICROSOFT\WINDOWS\CURRENTVERSION\RUN\AntivirusXP.exe
  • Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start\Menu2\Programs\System Security
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall \systemsecurity2009
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall \systemsecurity2009\displayicon
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall \systemsecurity2009\displayname
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall \systemsecurity2009\shortcutpath
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall \systemsecurity2009\uninstallstring
  • MicrosoftWindows\CurrentVersion\Run\SystemSecurity
  • HKEY_CURRENT_USERSOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\cogad
  • Microsoft\Windows\CurrentVersion\Run\[Random]

The threat will install the following malicious files:

  • SystemSecurity.exe
  • adobe_flash[1].exe
  • AdobeFlash[1].exe
  • TubePlayer.ver.6.exe
  • cogad.exe
  • torbjne.exe
  • mupd1_2_1165664.exe
  • winscenter.exe
  • iehelpers[1].exe
  • iehelper.exe
  • install[1].exe
  • ~tmpa.exe
  • bnmio.exe
  • vamsoft.exe
  • load[1].exe
  • winafoe.exe
  • ParisHilton[1].exe
  • AdwarePro.exe
  • AdwarePro_Setup[1].exe
  • StartApp.exe
  • ntos.exe
  • new23[1].exe
  • gr[2].exe
  • adv111[1].exe
  • new26[1].exe
  • SetupAntivirusXP[1].exe
  • ieupdates.exe
  • Test.exe
  • loader[1].exe
  • Hyves_Browser.exe
  • Hyves_Browser_Instalation.exe
  • [Random].exe

How to Remove System Security 4.52 Manually

1. Restart your computer in SafeMode
– After Power-On the computer, just before Windows start, press F8
– From the selections, Select SafeMode

2. Remove Registry entries that the threat added. You MUST BACKUP YOUR REGISTRY FIRST.
– Click Start > Run
– Type in the field, regedit
– Navigate and look for the registry entries mentioned above and delete if necessary
– You can also search for individual entry if you are having difficulties navigating. From the Registry Editor, press Ctrl+F on keyboard or go to Menu and click Edit>Find.

3. Delete malicious files that the threat added:
– Base on the given location above, browse and delete the file
– If no location is given, click Start>Search and search for the file one at a time.
– If file cannot be deleted, press Ctrl+Alt+Del to access Task Manager, see if the file is running in the process. If it is, select the file and click End Process. Perform file delete again.

How to Easily Remove System Security 4.52

1. Print this procedure as we need to close all programs running later.
2. Download AntiMalware Application here and save it to your Desktop.
3. Close all open applications.
4. Double-Click on the downloaded mbam-setup.exe to start the installation. If unable to execute, infections on computer is preventing it from running, rename the file mbam-setup.exe to anything (like myfile.exe)
5. Run the installation on the default settings. No changes are necessary.
6. Just before completing the installation, make sure that the following are marked check.
Update the program
Launch the program

7. The tool will run and update itself after installation. Close it after the update.

8. Restart your computer in SafeMode
– After Power-On the computer, just before Windows start, press F8
– From the selections, Select SafeMode

9.  Click on the icon and start to Perform Full Scan to begin scanning your computer for System Security 4.52 related files.
10. After scanning, a message will appear stating that the scan is completed successfully. Click OK.
11. Click Show Results and detected threats will be displayed.
12. Make sure that all threats are marked check, then click Remove Selected to begin removal of the malicious files.
13. Exit AntiMalware Apps and restart your computer.

14. System Security 4.52 and all its files are now removed from your computer. To guard your computer from this threat and avoid future infections, you may want real-time protection from a full version of anti-malware program..

Leave a Comment