cancel
Showing results for 
Search instead for 
Did you mean: 

How to remove Security Protection Virus?

I have total protection suite installed and I still got a virus. I can get in to safe mode I found this:

http://removevirushelp.com/how-to-remove-security-protection-virus.html

On how to unistall it.

Problem is I don't know how to find the files and registry files to delete them.

When I did a virus scan in safemode it said everything was fine? What's up with that? Clearly its not fine as I can't run anything with this thing it shuts down everything out of safe mode.

10 Replies
Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 2 of 11

Re: How to remove Security Protection Virus?

Moved to Top Threats.

There's another thread about this in Top Threats HERE - I found the removal instructions and posted the link to them in that thread, but first you should try the McAfee FakeAlert Stinger tool. If this Fake AV has been added to the list then the Stinger should take care of it. If not, follow the link and use the alternative removal method. Let us know how you get on.

Message was edited by: Hayton on 28/08/11 06:11:37 IST

Re: How to remove Security Protection Virus?

safe mode is the right step, but lots of program stop working in that mode, that might be the reason you scan but with no virus... you can try firstly stop the security protection process by pressing alt+ctrl+delete keys to open the task manger, select process and end the exact process, and then wipe away files and registries of it, reference as here. this works great if you do know some computer.

Re: How to remove Security Protection Virus?

Removing Security Protection is fairly easy, no big deal. It's not the most aggresive scareware I've ever seen probably bacause it has to go well with other malware, PPI schemes or bot herders don't want to risk of loosing their bots. That's my guess. Anyway, you can either reboot your computer in safe mode with networking and run Malwarebytes or your favorite malware removal what ever you may use or delete the malicious file manually.

Windows XP:

C:\Documents and Settings\All Users\Application Data\defender.exe

Windows Vista/7:

C:\ProgramData\defender.exe

Rename defender.exe to defender.vir and restart your computer. Note, you can't just delete the file while the rogue program is active. So, once you are back, Security Protection shouldn't pop up anymore. Now you can download/run any malware removal tool you want. Running rkill first would be a good idea. Then use Malwarebytes or any other anti-malware software.

Rkill

http://www.bleepingcomputer.com/download/anti-virus/rkill

Security Protection removal procedure:

http://deletemalware.blogspot.com/2011/06/how-to-remove-security-protection.html

http://www.bleepingcomputer.com/virus-removal/remove-security-protection

Good luck!

Re: How to remove Security Protection Virus?

Dear user,

I hope that my answer will be of help to you. Security Protection virus is not really difficult to remove. I can recommend you my removal guides, which describe manual removal of this virus. Of course, manual removal is for free, you do not need to download or install any security program. Here is the link with the video guide how to do it:

http://virusremovalvideos.blogspot.com/2011/08/security-protection-virus-how-to-remove.html

Re: How to remove Security Protection Virus?

Even in safe mode I get an error when trying to open

C:\ProgramData\defender.exe

It wont allow it 

When I go to the task bar and shut down the .ex the keep poping back up. I am going to try to do a system restore to before the virus started do you think that will help?

Re: How to remove Security Protection Virus?

Yep that didn't work either

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 8 of 11

Re: How to remove Security Protection Virus?

There is an excellent removal guide here:  http://www.bleepingcomputer.com/virus-removal/remove-security-protection scroll down that page as the first links you see are advertising.

Follow their steps and if you have problems follow what they suggest to get support.

nchattop
Level 12
Report Inappropriate Content
Message 9 of 11

Re: How to remove Security Protection Virus?

For some reason this thread is returned high in the google search when looking for "defender.exe" so I'm going to post up some advice and then lock the thread.

If you need assistance with a new undetected version of a fakealert infection please start a new thread in our Top Threats space, however first of all do try and remove the infection using our FakeAlert Stinger tool - instructions for which can be found on the link.

If you would like to send us a new variant of a defender.exe please follow these instructions. Once you have submitted please post up the analysis ID we respond with in the

Top Threats space so that we can follow up on it for you.

Regards

Neha C

McAfee SME

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 10 of 11

Re: How to remove Security Protection Virus?

Can we mark this thread solved?

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community