Computer Support Forum

Security Shield Pop-ups

Question: Security Shield Pop-ups

Hi:

All day I have had this security Shield pop-up informing me about viriuses on my computer, however i have to pay for the service. My AVG anti-virus seem not to be working and when I tried to re-install the AVG anti virus protection, I am getting an error message avgrks 86 sys. stoping system failure. the security shield is happening every minute. What do I do to protect my computer and delete the viriuses that are now on my computer.

Need your help urgently!

Relevance 100%
Preferred Solution: Security Shield Pop-ups

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Security Shield Pop-ups

What should I do at this time. shutdown and wait. Not sure what is happening.

1 more replies
Relevance 55.76%

Greetings,

This morning my pc got hit with this awful trojan called "Security Shield"...which has led to browser / search hijacks, Microsoft Security Essentials being disabled and unavailable to restart, and even an annoying flashing Windows login screen that prevents me from putting in my login password if I lock my pc.

Here is the DDS log and I've attached ark.txt and attach.txt.

Thank you for your help!

art_vandelay
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by glindholm at 9:53:50 on 2012-08-07
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3977.1251 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\... Read more

Answer:Security Shield trojan - browser/web hijacking, MS Security Essentials being disabled, etc

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the ... Read more

9 more replies
Relevance 54.94%

Security Shield 2009 (Total Internet Security) Find Security Shield 2009 at click hereSecurity Shield 2009 gives you the best protection available today. Our Triple Threat Protection is a unique set of technologies that protect against identity theft, confidential data leakage and all Internet threats. Add privacy and parental controls, an integrated firewall, a new and improved interface and much, much more! Powered by Kaspersky Labs technology, Security Shield 2009 has defended against more than 80,000 malicious Internet attacks - more than 200 a day. The volume is unprecedented. To guard against these threats, Security Shield 2009 now offers Triple Threat Protection. PCSecurityShield provides free technical support for The Security Shield virus protection customers as well as all PCSecurityShield products. Security Shield 2008 is Vista Compatible.Automated Hourly Anti-Malware Updates Independent tests show Security Shield is #1 for detecting viruses and spyware. Our Internet Security Lab is world renowned for the fastest response to Internet threats - less than two hours once a threat is discovered. Combined with our standard hourly updates, you're only minutes away from the latest protection directly from the Lab! Intelligent Proactive Heuristics Zero-day exploits can attack and destroy in seconds. PCSecurityShield runs all files that don't match our signature database in a safe, isolated section to check for malicious behavior. This failsafe method checks the code withou... Read more

Answer:Security Shield 2009 (Total Internet Security)

You are not allowed to advertise on here.Even so maybe this review might put folk off.click here

4 more replies
Relevance 51.66%
Question: my security shield

i recently got a virus called my security shield. even after the virus was removed i still cant open AVG or window defender when i try i get a message saying operation have been cancelled due to restrictions on this computer......how do i fix this i downloaded hijack this like was recommended by my teacher in college and am now posting it here in hopes to get this problem fixedLogfile of Trend Micro HijackThis v2.0.4Scan saved at 8:07:19 PM, on 9/23/2010Platform: Windows 7 (WinNT 6.00.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exeC:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exeC:\Program Files (x86)\LimeWire\LimeWire.exeC:\windows\SysWOW64\DllHost.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exeC:\Program Files (x86)\Windows Live\Toolbar\wltuser.exeC:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exeC:\windows\SysWOW64\DllHost.exeR1 - HKCU\Software\Micro... Read more

Answer:my security shield

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the ... Read more

8 more replies
Relevance 51.66%

Toshiba Satellite L755 with Windows 7 Home Premium.
Belongs to a minister that I know. Brought to me when this scamware (Security Shield) popped up.
Doesn't know where it came from, but he doesn't want it.(can't blame him)
Logs below.


View attachment mbam-log-2012-07-10 (07-54-01).txt



View attachment RKreport[1].txt



View attachment MGlogs.zip



View attachment hitmanpro.zip
 

Answer:need help with Security Shield.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.




REGEDIT4

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{61664885-B043-44DA-A162-9B6938D79BC4}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]Click to expand...

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Uninstall the below outdate Sun Java.
Java(TM) 6 Update 20

Now install the current version of Sun Java from: Sun Java Runtime Environment



Please download OTM by Old Timer and save it to your Desktop.

Right-click OTM.exe and select Run as administrator to run it.
Copy the lines from the below codebox to the clipboard by highlighting ALL of them and pressing CTRL + C
(or, after highlighting, right-click and choose Copy): Do not include the word Code: which is just a title line of
the code box

Code:

:Processes
explorer.exe

:Files
C:\Users\kacy vickers\AppData\Roaming\PCCUStubInstaller\SymcPCCUInstaller.exe
C:\Users\kacy vickers\AppData\Roaming\PCCUStubInstaller
C:\Program Files (x86)\Conduit

:Reg
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{61664885-B043-44DA-A162-9B6938D79BC4}]
[-HKEY_CU... Read more

8 more replies
Relevance 51.66%

We have been able to download ComboFix on the computer, but we cannot run it because Security Shield stops us. The current McAfee virus protection does not recognize Security Shield as a virus. Help?

Answer:can't get rid of security shield

Do not run COMBOFIX without an expert guidance.Lets try to fix it without combofixBoot the PC into safemode with networkingDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

1 more replies
Relevance 51.66%
Question: Security shield

Hi Guys

Bleepingcomputer always provided us with best virus removals solutions but recently I came across virus that i cant remove with instructions from this resourceful site.

I used instruction from this link http://www.bleepingcomputer.com/virus-removal/remove-security-shield but when in safe mode malwarebytes is not finding any infected files. I have run Rkill beforhand as well but no luck. I run as well Norton power eraser that found one infection and removed it but virus came back today again and since another of my users just contacted me with the same infection i am a bit stuck
Any one had similar experience?

Just to add :

Just run Norton Eraser on other PC and it found file called eyqkl.exe which it removed ( file on other pc was similar thou not the same)

Answer:Security shield

Boot the PC into safemode with networkingDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

7 more replies
Relevance 51.66%
Question: security shield

I have security shield coming up al the time, it want let me use my own antivirus software I have Advanced system care ProHelp please. I am not very good with computers I am 72 year old female and need help in terms that I can understand. I went to security shield removal but cannot find what they tell me to look for.thank you IngjoeEdit: Moved topic from XP to the more appropriate forum. ~ Animal

Answer:security shield

Take a look here: Remove Security Shield or SecurityShield (Uninstall Guide)

1 more replies
Relevance 51.66%
Question: security shield

my computer has the virus, i cant open a page or anything from my computer .. i am using a freinds now.. how do i get rid of this.. thanks
 

Answer:security shield

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Administrator

You only need to get one of them to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.exe
Rkill.com
Rkill.scr
Rkill.pif
Once you've gotten one of them to run then try to immediately run the following.

If you are having problems running Rkill, try downloading one of these renamed copies of RKill.com
iExplore.exe
eXplorer.exe
uSeRiNiT.exe
WiNlOgOn.exe




Now download and Run exeHelper

Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
A log file named log.txt will be created in the directory where you ran exeHelper.com
Attach the log.txt file to your next message.
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


Also please try running the below online scan:

http://www.superantispyware.com/onlinescan.html

Reboot immediately after scanning if it finds and removes anything. Let me know if anything was... Read more

17 more replies
Relevance 51.66%
Question: my security shield

hi ive tryed all sorts malwarebytes, supperanti spy ware, defogger but what seems to be the problem is my security shield hooks it self to all downloads and clears it self so they cant find it to cleen ??????? ive searched regedit with no sucksess just sucks lol any help would be greatfull

Answer:my security shield

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/415362 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

2 more replies
Relevance 51.66%
Question: my security shield

coputer running ok but shield is hooking it self to downloaded cleaners and programs so it cant be found tryed regedit nill malwarebytes supper spyware nill i would even try a witchdoctor for now any help would be grateful for plz help

Answer:my security shield

Hello,Your attachment is empty. Please post your logs by pasting them into the text area rather than attaching them.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

3 more replies
Relevance 51.66%
Question: Security Shield

There are dozens of sites that deal with removing this fake software. They all recommend Spyware Doctor. But I cannot follow their instructions. That is because Spyware Doctor refuses to remove Security Shield until I pay.

Nowhere on these sites does it mention payment or that it should be anything other than a free download. Nowhere does anyone else with this malware say they eventually had to pay. So why is it just me?

I am working overtime in the office and don't have the authority to spend the company's money on Spyware Doctor. I need to remove this malware that is slowing down my PC right now, so that I can continue working.

Majorgeeks has always come up with solutions before. So, can someone here please, please tell me how I can remove Security Shield under my present circumstances without being charged money I have no access to?

Thanxxx, Jon DeMassey
 

Answer:Security Shield

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using... Read more

1 more replies
Relevance 51.66%
Question: my security shield

how do i remove my security shield from my computerEdit: Moved topic from Introductions to the more appropriate forum. ~ Animal

Answer:my security shield

Post that question here

2 more replies
Relevance 51.66%
Question: Security Shield

Friends, I opened an email from some name I tought was familiar. Immediately I did, an application called Security Shield quickly installed itself, scanned my laptop and claimed to have detected many very harmful viruses, etc. which must be removed! I was then offered to pay $79 online to purchase the application for my laptop; I declined becos I did not choose to buy it; I already have an antivirus running on my latop. I feel people are trying to force money from me online. This has been a real nuissance! It is preventing me from smooth use of my laptop. How do I get rid of it and have some peace of mind? Thanks.

Answer:Security Shield

click here - scroll down to the automated removal instructions

10 more replies
Relevance 51.66%
Question: Security Shield

I have free Microsoft Security Essentials in my new computerIt has been running successfully for about 4 weeks with daily Full ScansI have just tuirned the Computer on and Security Shield has appaeared telling me I have 47 Trojas,Spyware and other horrific things attacking the PC and that I must download the Security Shield at cost of $79.99 to get rid of all this( I lve in UK)I have just run a Full Scan with the Microsoft Security Essentials and it tells me there are no detected Viruses etc and all my stuff is up to dateWhat is going on ???Any advice helpfulThanks

Answer:Security Shield

Security Shield rogue program removal instructions can be found at click here. G

3 more replies
Relevance 51.66%
Question: My Security Shield

Hi Guys:
Any idea how to clean the reminates of the my security shield malware? I have deleted the files but it still shows as the so called "anti virus" for the machine and has the task mgr disabled. Even in safe mode it has some of the programs shut down ie adaware and avg. Thanks!
Cando
 

Answer:My Security Shield

Please read ALL of this message including the notes before doing anything.

Please follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide
and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.
After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:
If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using a different user account (if you have on... Read more

4 more replies
Relevance 51.66%

Hi Boopme,

I had the same problem as the lady above. I did everything you mentioned, except at first when I tried using fixreg it said not all of the changes could be made to the registry. After I booted Malwarebytes the Security Shield is still alive and kicking. Any further updates on this problem? Thanks

Answer:Security Shield Also

Hello, I've split you to your own topic here as I feel you 2 are needing different solutions.We need a deeper look. Please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.If Gmer won't run,skip it and move on.Let me know if that went well.

1 more replies
Relevance 51.66%
Question: Security Shield

Win7 x64

This pc was brought to me in its current state.

Security Shield virus was infecting it, friend ran a thing or two - Malwarebytes and SuperAntiSpyware - and thought he was good.

PC looks alright except it is imposible to connect via ethernet to any network. Wireless appears to be alright here at my place.

Looking for some advice/guidance.

I've already run Tweaking.com's Windows repair tool for all applicable feature sets.

Ran all the requested scans. Hitman pro wouldn't run without the network connection and I'm without wireless at this location. See attached. I did find one of his old MalwareBytes scans that is related to this event.
 

Answer:Security Shield

Really never planned to bump this at all, but I did finally get Hitman to go through.
 

4 more replies
Relevance 51.66%
Question: Security Shield

Somehow my husbands computer ended up with a rogue security program called Security Shield. I have done everything to get rid of it. Rkill won't run because this thing keeps popping up. Please help!

Answer:Security Shield

Hello Melody. I am not sure exacyly how you approached this so i want to try my way,please. Reboot into Safe Mode with Networking How to enter safe mode(XP/Vista)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next repl... Read more

1 more replies
Relevance 51.66%
Question: security shield

When I start my computer, a Dell with windows XP, a window opens up and appears to be running a virus scan. A message pops up telling me that my computer is infected. I had a similar problem with the Windows XP antivirus and was able to fix it with help from this forum. This time instead of Windows XP Antivirus it is called "security shield" or "security center". I would appreciate any help.

Answer:security shield

Boot into safemode with networkingDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

1 more replies
Relevance 51.66%
Question: My Security Shield

HiI am new to the site.Can any one help me remove "My Security Shield" that has attached itself to my computer. It is an absolute pain.Cheers"Happy New Year" to all readersEddy(Moderator edit: post moved to more appropriate forum. jgw)

Answer:My Security Shield

Hello and welcome.Reboot into Safe Mode with Networking How to enter safe mode(XP/Vista)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rkill as the malware programs w... Read more

1 more replies
Relevance 51.66%
Question: My Security Shield

I was following instructions on how to get rid of the My Security Shield virus. I am at the last step where I need to delete a HOST file and replace it with a good one. I am not sure where to go to find the HOSTS files. I have Windows Vista.Thank you!Ok I've found a C:\Windows\System32\Drivers\etc Do I just delete this folder and replace it with the one from your site? It says to delete the file not folder but I don't have a file called that I have a folder with services, protocol, Imhosts.sam, networks, and host_new. Do I delete the whole folder and then when I download the new file I make a new folder???

Answer:My Security Shield

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please downloa... Read more

2 more replies
Relevance 51.66%
Question: Security shield

How do I get rid of Security ShieldEdit: Moved topic from Windows Startup Programs Database to the more appropriate forum. ~ Animal

Answer:Security shield

Hello and welcome Meyer518I moved you to the Am I Infected forum.Please follow our Removal Guide here Remove Security Shield or SecurityShield (Uninstall Guide) .After reading how the malware is misleading you ...You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

2 more replies
Relevance 51.66%
Question: security shield

Security Shield is taking over my computer. More and more things are not working and kept shutting down my computerEdit: Moved topic from XP to the more appropriate forum. ~ Animal

Answer:security shield

Take a look here: Remove Security Shield or SecurityShield (Uninstall Guide)

1 more replies
Relevance 51.66%
Question: security shield

How do I get rid of Security shield?
THX

Answer:security shield

Hello and to BleepingComputer.Let's see what we're dealing with here.Please download RKill by Grinler from one of the 4 links below and save it to your desktop.Link 1Link 2Link 3Link 4Before we begin, you should disable any anti-malware software you have installed so it does not interfere with RKill running. This is because some anti-malware software mistakenly detects RKill as malicious. Please refer to this page if you are not sure how to disable your security software.Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed. If nothing happens or if the tool does not run, please let me know in your next reply***************************************************Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download linkIMPORTANT!!! - when you save the file, rename it to something random, such as bubbles.exe This must be done before beginning the download!MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mba... Read more

1 more replies
Relevance 51.66%

My aunt has an older windows xp laptop. She is getting popups from security shield. I read the guide on the site I tried to run MBAM, but it wouldn't let me do anything pretty much.. then I did rkill (after the shield window had already popped up, that was the only way I could get anything to run) and it said it disabled some stuff so I ran MBAM again. it still shows no infected files, but every time I clicked on ANYTHING, the stupid security shield was popping up. I just rebooted the computer and so far it's not showing anything, but MBAM didn't remove anything so I am nervous.. She has left the laptop with me

Answer:ugh. security shield

HI, let's try it this way..Reboot into Safe Mode with Networking How to enter safe mode(XP/Vista)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rkill as the malwa... Read more

8 more replies
Relevance 51.66%
Question: Security shield

I am running Vista and have security shield issues..Ive tried running RKill and the popup etc have disappeared but now when i go into my quick launch or start program a pop up says i need to set associations ...wondering if this is still security sheild having its way with my computer.Ive run malwarebytes and it detected it and i removed it but still have the same problem.Thanks in advance for any help here..... Twin

More replies
Relevance 51.66%
Question: Security Shield

Trying to get rid of this malware using the bleeping computer instructions but am caught up trying to run the malwarebytes setup. I get an error message stating that the mbam-setup.exe is not a valid Win32 application. What do i need to do?

Answer:Security Shield

Hello, did you run RKill first? If you rebooted you need to run Rkill again.Try thisFor XPGo here to Doug KNox's Windows? XP File Association FixesRun 9th down on left... EXE File Association Fix ... the EXE not EML one.FOR VISTAGo to File association fixes for Windows VistaClick the exe boxInstructions:To fix the association for a particular file type, download the corresponding fix from the above links table (Use Right-click - Save as option in your browser to download the fixes). Unzip the fix and extract the .REG file to the Desktop. Right-click the REG file and choose Merge. Note that you need to be an administrator to apply these fixes.

1 more replies
Relevance 51.66%
Question: Security Shield

A Security Shield has taken over my computer, how do I get rid of it? It demands %79/95 to erase all the worms, viruses etc before it will release it back to me, HELP!!!!!!

Answer:Security Shield

Hi DrRay, and welcome to BleepingComputer.Please read this tutorial.

1 more replies
Relevance 51.66%
Question: Security Shield

I followed instructions from the following url:
http://malwaretips.com/blogs/security-shield-virus/
until the end of step 4 (malwarebytes)
the issues that came up are as follows:
1) without internet access, i was unable to download the files myself and had to transfer them via memory stick after downloading on my currently functional computer
2) during step 2, IE never had the option checked for "use a proxy server for your LAN" (i.e. it was already unchecked). Firefox also did not have any proxy server established but I went ahead and clicked on "no proxy". It should be noted that the internet was able to access at that point my proper home page at that point, although I did not do any further web surfing to see if there was continued access to other websites.
3) During step 4, malwarebytes was unable to update (the update would simply "time out"). I went ahead and ran walwarebytes (withou a reboot beforehand, as per the instructions). After running for well over an hour, it detected several infections. Only the first box was unchecked. I checked the box so that all were checked and clicked on "remove selected" -- at that point the program appeared to freeze. I waited for quite a while and went ahead and restarted (in normal mode).
Unfortunately it led me back to right where I started (with security shield pop-ups). I did not complete any further subsequent steps.
Please assist.
Also, of note, when I ran OTL, at the end there was an er... Read more

Answer:Security Shield

Hello ziggy,
While in Normal Mode , are you able to connect to the Internet?

<hr />
Please take note of the below:

I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for this issue on this machine!
The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
If you don't know, stop and ask! Don't keep going on.
Please reply to this thread. Do not start a new topic.
Refrain from running self fixes as this will hinder the malware removal process.
It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your com... Read more

18 more replies
Relevance 51.66%
Question: My Security Shield

I have tried to download RKill, but the virus will not allow me to run the programEdit: Moved topic from Bleeping Computer Announcements, Comments, & Suggestions to the more appropriate forum. ~ Animal

Answer:My Security Shield

Are you downloading the iExplore.exe version?

1 more replies
Relevance 51.66%
Question: Security Shield

Hi All

Newbie here - Sorry if this has been dealt with in previous posts, after some quite considerable reading I'm still at a loss .

I have been hit with the "Security Shield" malware for the second time, first time was last year and the auto removal steps posted in Bleeping Computer fixed the problem.

Well about an hour ago my laptop got hit again, I followed the steps as before, run in Safeboot, run Rkill, Run an updated Malware Bytes delete files found. Rebooted computer and bang samething. What am I missing this time round, is there another way to go about removing this ?

Appreciate any help.

Thanks
Ceanmor

Answer:Security Shield

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resu... Read more

3 more replies
Relevance 51.66%
Question: Security Shield

Computer was infected by Security Shield on Sat 5th feb and after various unsuccessful attempts to remove I used System Restore which gave me back control. Computer ok on Sun 6th, but on startup today I got Bad Image message "DLL C:\WINDOWS\System32\opbzhr.dll is not a valid windows image" I click ok and everything carries on until next program is openening when the same happens. System restore obviously did not help. Can someone help. I would be very grateful. I have Windows XP and Hijackthis below. THANK SO MUCH!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:27:27, on 07/02/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\... Read more

Answer:Security Shield

12 more replies
Relevance 51.66%
Question: security shield

please help me get rid of securty shield w/o alot of technical jargon.Edit: Moved topic from XP to the more appropriate forum. ~ Animal

Answer:security shield

Hi,

You have a removal instruction here http://www.bleepingcomputer.com/virus-removal/remove-security-shield

Hope this help

Max

1 more replies
Relevance 51.66%
Question: security shield

i accidently let a company called security shield on my computer, now they interupt every 30 seconds or so trying to get me to buy thier product. how do i get rid of them? they do not show up on my program list so i can't delete them from my control panel. help!!!!!!!!!!!!

Answer:security shield

BC Removal Guide, Security ShieldLouis

1 more replies
Relevance 51.66%

I got infected with Security Shield and followed the steps on this site to remove it. I wasn't able to install rkill because my computer didn't allow me. I downloaded all the different kinds provided but when I double click the icon on my desktop, my computer doesn't allow it. I rebooted my computer and set it on safe mode. After that, I fully scanned my computer as the directions told me to with Malware. I followed the rest of the instructions but when my computer restarted itself, Security Shield was still active and it continues to pop up windows. Again, I tried to download rkill under a different name like someone told me to do but it didn't work as before. Please help if you can.

Answer:Security Shield help

Hi there,Have you tried all the steps listed here?Perhaps, this YouTube video might help with the removal process?

4 more replies
Relevance 51.66%

According to my wife, she was browsing Google links when she got hit by a virus. She knew the program "My Security Shield" was not legit (in the past I stressed that there are trojans that tries to act like legit anti-virus or anti-spyware but really aren't). She tried to start up AVG, which she knows is legit, but said she couldn't. She immediately turned the computer off, and informed me so I can get to it later.I powered up the computer after getting rid of antennas from the wireless card in the back (in hopes that it doesn't go online), and as soon as Windows finishes booting up, I also immediately disabled the wireless card, so now it is completely offline.A window also came up, titled "My Security Shield". A quick Google search confirms my fear that this is not a legit program. Other things observed: 1) AVG-Free would also not start up for me.2) Unable to do CTRL+ALT+DEL for some reason (so I can't take a look at running processes)3) A "add new hardware" wizard came up, but I canceled out of it - it is possible this is already happening before virus hit, so maybe it has nothing to do with virus. Keeping this short and sweet, but containing enough details before I proceed (I have used bleepingcomputer.com previously to remove virus from my own computer. Hopefully I followed all guidelines posted here http://www.bleepingcomputer.com/forums/topic41987.htmlAnd once again, thanks in advance!

Answer:"My Security Shield"

Update: am following instructions for "My Security Shield" remove as per here: http://www.bleepingcomputer.com/virus-remo...security-shieldWill get back to this thread afterwards with results

17 more replies
Relevance 51.66%
Question: Security Shield

Woke up this morning to find this on my computer stating that it is infected. Can't open any other programs or run anything on my computer. Also I am having a problem clicking on links and being redirected.

Answer:Security Shield

Welcome aboard Start here: http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield

1 more replies
Relevance 51.66%

I'm using an HP with Windows 7.

I downloaded Firefox from Mozilla's site yesterday and added a few add ons and that was it. Today I had "My Shield Security" take over my computer. I got into safe mode and ran a quick scan with my Microsoft antivirus and it appears to be gone. I also did a system restore to a few weeks back, just to be on the safe side.

Then I got on my internet (via IE) and tried to go to gmail. When the log in page popped up I noticed the favicon was different so I went to Google's main page and it looked normal. Then I clicked gmail from there and it took me to my email without me logging in. When I clicked Account Settings I was logged out.

I cleared my cookies, temp files, etc. and Google still automatically logged me in. I checked some other accounts and I was logged out on some and I was still logged in to my Amazon account, which I thought was weird. Amazon.com also looked like it got a facelift, but when I looked at it on another computer it still had the same design.
So I unistalled IE9 and now I'm on IE8, but I cannot reinstall IE9, it fails every time. None of the problems were solved by doing that either. (In safe mode now, they are all looking back to normal though)
As I'm posting this I am running Malwarebytes AntiMalware. Is that enough or is there something else to totally get rid of that trojan? Microsoft Security Essentials already found and deleted several corrupt files. Will that do the trick? Or do I... Read more

Answer:"My Shield Security" What Now?

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log c... Read more

1 more replies
Relevance 51.66%
Question: Security Shield

So I got the Security Shield virus or infection. I went to the page to remove it and I followed all the steps. However, when I got to the part that says remove hosts and then download the hosts again, it won't let me save the hosts. An message pops up that says I don't have access because I am not an administrator. I should be able to do cuz I am the administrator. Please tell me what I am doing wrong, I followed all the steps so it should be working?? Thanks

Answer:Security Shield

Before checking hosts file lets check if PC is cleanDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Please download GMER from here(doesnot work on 64 bit OS)http://www2.gmer.net/download.phpTemporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply. DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here

3 more replies
Relevance 51.66%

Hi. I seem to be infected with the Security Shield Virus. I began receiving the pop-up alerts this morning. I followed the instructions at http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield. I ran MalwareBytes, it found 2 small threats and removed them, but I still got the Security Shield alerts after restart. I followed the beginnings of another Security Shield post to maybe quicken the process. Here are the logs from OTL. I tried to run Rookit, but kept getting a termination error. Thank you in advance for any help.OTL.txt LogOTL logfile created on: 2/5/2012 10:44:14 AM - Run 1OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Dalton\Desktop64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.0.8112.16421)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.75 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 41.38% Memory free7.49 Gb Paging File | 5.04 Gb Available in Paging File | 67.33% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 282.46 Gb Total Space | 166.41 Gb Free Space | 58.91% Space Free | Partition Type: NTFSDrive D: | 15.34 Gb Total Space | 2.52 Gb Free Space | 16.41% Space Free | Partition Type: NTFSDrive E: | 99.34 Mb Total Space | 96.77 Mb Free Space | 97.42% Space Free | Pa... Read more

Answer:Security Shield Help

Hello I Would like you to do the following.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.Link 1Link 2Link 3 1. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Double click on combofix.exe & follow the prompts. When finished, it will produce a report for you. Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stallNote 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the following
Log from Combofixlet me know of any problems you may have had
How is the computer doing now?Gringo

14 more replies
Relevance 51.66%
Question: My security shield

I have gotten a "my security shield" attachment.

How do I remove it?

Bob Bigart
 

Answer:My security shield

You need to run the below and post in the Malware Forum not the Software Forum

READ & RUN ME FIRST. Malware Removal Guide
 

1 more replies
Relevance 51.66%

It is a malware that wants me to buy their product, it is a scam.

Answer:how to get rid of Security Shield?

Where is it and what did you try to get rid of it?
If you can run your anti virus. See if you can remove or isolate
Download and run malwarebytes. Try to isolate or remove

18 more replies
Relevance 51.66%
Question: Security Shield

I got the Security Shield virus. I followed the directions at
www.bleepingcomputer.com/virus-removal/remove-security-shield

iExplore & RKill found and killed a program, but MBAM
did not find anything!
AVG did not find anything, but ESET online did.
my hosts file and IE settings were not modified.

I restarted in normal mode and I no longer get the popups.
Did I get off lucky? or is something still there?
Thanks

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_26
Run by mikec at 22:01:09 on 2012-02-03
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2583 [GMT -8:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:... Read more

Answer:Security Shield

Hi, Welcome to Bleeping Computer.My name is Shannon and I will be working with you to remove the malware that is on your machine.I apologize for the delay in replying to your post, but this forum is extremely busy.Please Track this topic - On the top right on this tread, click on the Watch Topic button, click on 'Immediate Email Notification', and then click on the Proceed button at the bottom.Do Not make any changes on your own to the infected computer.Please set your system to show all files.Click Start, open My Computer, select the Tools menu and click Folder Options.Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.Uncheck: Hide file extensions for known file typesUncheck the Hide protected operating system files (recommended) option.Click Yes to confirm.Now, let's look more thoroughly at the infected computer -We need to see some information about what is happening in your machine. Please perform the following scan:We need to create an OTL Report
Please download OTL from here:Main MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Change the "Extra Registry" option to "Use SafeList"Push the button.Two reports will open, copy and paste them into your reply:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedPlease note: You may have to disable any script protection running if the scan fails to run. After down... Read more

7 more replies
Relevance 51.66%
Question: My Security Shield

Win 7 OS. It looks like I have this new bug. While not completely horrible it's annoying. It won't let me turn anti-virus programs so what would be the first course of action?
 

Answer:My Security Shield

Uh-0h, I must not have included enough information. Is it that the fix is so ridiculously simple that I should be able to fix it myself? @%&*?$!
 

1 more replies
Relevance 51.66%
Question: Security Shield

My computer has the virus 'Security Shield' and as I followed the instructions on this website I did everything, but when I run any downloaded version of rkill, it doesn't show that it is finding 'Security Shield' or in fact anything at all! Nor is it found when I run your Malwarebytes thingy and when it asks to be restarted further in the process, Security Shield pops up again.

PLEASE HELP ASAP!!! I've got no real idea what I'm doing except following these instructions and when that's not working I'm getting worried and frustrated!

Answer:Security Shield

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

3 more replies
Relevance 51.66%
Question: Pc Security Shield

Hi to all in cyberspace...wonder if anyone can help...

last week my norton software expired...did a bit of a search and found PC Security ~ in a servy it came out tops and also best value for money / paid by cc and downloaded it all. All seems to be working fine...except the PC on which I downloaded it (my partners desk top) now cannot conenct to the internet.
All very weird / we are wireless in the house, so my email and internet works (hence I can chat to you) his email works...but somehow cannot connect to internet....

Not sure if it is the PC Security software or not, but it's the last thing I changed and then we started having problems....

anyone have any ideas...? would be great to hear from anyone...

thanks
Daisy

Answer:Pc Security Shield

I see that PC Security has something called Internet Lock. Have you checked your settings there? It is possible that it is blocking your internet connection.

Orange Blossom

8 more replies
Relevance 51.66%
Question: My Security Shield

I started getting pop-ups from My Security Shield (MSS) saying my computer, Windows XP, and files were infected with a virus, all of the web sites I tried to go to MSS would pop up saying that there was a risk in opening the web page. They could fix the problems for $$$. I ran Sambot Search & Destroy multiple times to identify possible virus and malware, cleaned my computer but MSS just poped up again. How can I remove this?

Answer:My Security Shield

Download the following:Malwarebytes Anti-MalwarePlease download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan w... Read more

1 more replies
Relevance 51.66%
Question: Security Shield

I have been recieving SECURITY SHIELD popups for this program telling me I have 9 malicious programs, 16 viruses, 7 adwares, 1 spyware, and 1 tracking cookie. This pop up keeps telling me I have to purchase their program to get rid of these. Please Help

Answer:Security Shield

Hello and welcome. Security Shield is a rogue anti-spyware program from the same family as Security Tool. This rogue is installed through other malware and fake online anti-malware scanners. When installed, Security Shield will be configured to start automatically when Windows starts. Once started, it will perform a scan of your computer and state that there are numerous infections present on your computer. If you attempt, though, to remove any of these so-called infections the program will state that you first need to purchase it. In reality, all of the files it states are infections are legitimate Windows files. Therefore, do not manually delete any of the files it states are infections as you may cause Windows to not operate correctly. Please follow our Removal Guide here Remove Security Shield or SecurityShield (Uninstall Guide) .You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

1 more replies
Relevance 51.66%
Question: Security Shield

My PC has been taken over by this Security Shield. I followed the instruction from (kevinf80) for removal. I ran rkill, then MBAM in safe mode, then re-booted and security shield was still there and would not allow me to re-run MBAM. I downloaded Hijack this, GMER and DDS .

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:50:21, on 12/26/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-887... Read more

More replies
Relevance 51.66%
Question: security shield

Please help me get rid of security shield pop-ups. I am running windows 7
 

Answer:security shield

Hiya puggmama,

Boot into safe mode with networking:

Re-boot system, continuously tap the F8 key until you see the Windows Advanced Menu. From the available options select "Safe Mode with Networking" Continue as follows :-

Step 1

Please download Rkill and save to your Desktop.

Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7 right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If you get an alert from Security Shield that RKill is a threat, leave that alert open and re-run RKill again.

Step 2

Please download Malwarebytes Anti-Malware and save it to your desktop.
Alernative D/L mirror
Alternative D/L mirror

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
Th... Read more

1 more replies
Relevance 51.66%
Question: security shield

ok my computer is running windows vista...
so today i was using my computer and this "virus scan" called security shield popped up saying that there are viruses with my computer...
ive done research on security shield and i know that its a hoax...
when i try to delete it, it says i need permission to delete it, im not really good at computer but i can follow directions....
please help this is annoying
 

More replies
Relevance 51.66%
Question: Security Shield...

Hi Guys

Today I was on a popular sport website and this programme called Security Shield came up and somehow installed itself. I've had a search on here and see it's quite a common problem. Basically I just wanna run by you what action I took and whether i'm likely to be left with any issues still.

I used a youtube video guide to remove it. I downloaded and ran RKill, then Malwarebytes, did the scan and it picked up 2 virues. I wiped them, restarted and here I am now. The thing is, I didn't do this in 'safe mode with networking', I just did it in my normal log on. Is that a problem? Will my PC be completely clear now? I have McAfee and that didn't pick anything up, waste of money!

On one youtube video they said if you get Security Shield on your PC, it means you've probably had a virus/trojan on your PC for a week or two! Is that true as i've used credit/debit cards online in the past fortnight...

Thanks for your help.

Answer:Security Shield...

Hello and to BleepingComputer.Let's see what we're dealing with here.Please download RKill by Grinler from one of the 4 links below and save it to your desktop.Link 1Link 2Link 3Link 4Before we begin, you should disable any anti-malware software you have installed so it does not interfere with RKill running. This is because some anti-malware software mistakenly detects RKill as malicious. Please refer to this page if you are not sure how to disable your security software.Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed. If nothing happens or if the tool does not run, please let me know in your next reply***************************************************Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download linkIMPORTANT!!! - when you save the file, rename it to something random, such as bubbles.exe This must be done before beginning the download!MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mba... Read more

1 more replies
Relevance 51.66%

Hi, I have a problem with this virus wich I thought was going to be easy to remove. I logged onto the guest section of my xp home system and tha security shield popped up I ran rkill and this did not work at all to stop the program so I cannot use my maleware program. Also I tried restarting and going into safe mode to run my anti spyware but the safe mode wont let me log onto the guest section were the infection is coming from. I can log onto the admin and thats it. I cleaned my system in admin but the guest section is still infected please help. I can access the internet on the infected section anymore because it keeps clicking and making that sound...here is my info but this is for the adim log in(safe mode) not the guest log in wich is infected...I dont understand why I cant enter the guest log in when I start in safe mode..Merged 2 posts. ~ OBshould I start another post because I realized I made mistakes in this post, is that the reason I am getting no responce. please let me know so I can re-post if needed or should I just wait.EDIT: Please be patient. There are over 190 unanswered topics in this forum at present and the current average wait time to receive help is 6 days. ~BP

Answer:I need help with security shield

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..Please download ComboFix by sUBs from HERE or HERE and save it to your Desktop.During the download, rename Combofix to Combo-Fix as follows:It is important you rename Combofix during the download, but not after.**NOTE: If you are using Firefox, make sure that your download settings are as follows:Tools->Options->Main tabSet to "Always ask me where to Save the files".After that, double-click and run Combo-Fix. Let it finish its job and post the log hereIf ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..Note: DON'T do anything with your computer while ComboFix is running.. Let ComboFix finishes its job..

3 more replies
Relevance 50.84%

Greetings To All:

I have a PC which has Windows Home Edition. My Uncle, which uses it to play his various online games, came across
PC Security Shield.

Needless to say, the world had stop spinning on its axis....

Here are the steps which I have attempted to recover the PC:

1. I tried to use the "last good known configuration", to discovery that it will only go back to the "CURRENT DATE".
2. I tried to "remove" PC Security Shield from the startup tab in msconfig, only to find that the table has just
ONE(1) entry or program for the boot process.....
3. I tried to remove it from the "Add/Remove Software" utility, only to find, it DOES NOT EXIST there either.

So with that being said, could someone please assist on how to remove this "irritant" and restore my PC back to the
way it was...???

Thank you very much.

IP

Answer:Is PC Security Shield BOGUS ?

Check this link out, see if it helps http://www.spywarewarrior.com/rogue_anti-spyware.htm Good Luck !

2 more replies
Relevance 50.84%

I just downloaded satellite direct to my pc everything went fine until I try to click on the desktop icon. It has a blue and yellow shield in the corner of the icon. What does this mean?
 

Answer:windows security shield

There are lots of "Reviews" of this software, including one that comes up many times under different names.
I trust Bob Rankin, however, and he says:
"If you're considering buying a software package named "PC Satellite TV", "Satellite TV Elite", "Satellite TV on PC", "Satellite TV for PC 2008 Elite Edition", "TV on PC Elite", "Digital TV 4 PC" or anything similar... they are ALL THE SAME type of scamware. You will pay $40 and in return you'll get a crappy software program that does NOT deliver what it promises. You WILL NOT get any premium or pay-per-view channels for free. The only thing these packages offer is links to online video sites that you could find for free with a quick search on Google or Yahoo."

Google will find some stations, or try here:
http://www.findinternettv.com/
 

3 more replies
Relevance 50.84%

I have a Security Shield Virus...things keep popping up telling me that I have a number of viruses and that they want me to purchase there anitvirus for $79.... Everytime I try to restore my computer, disk cleanup, etc.... it comes up and says that the file has a virus...it wont let me download anything.... IS THERE ANYTHING I CAN DO TO GET RID OF IT??? Thanks
 

Answer:Security Shield Virus

Hiya cstiffey,

Proceed as follows

Step 1

Please download Rkill and save to your Desktop.

Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7 right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If you get an alert from the rogue that RKill is a threat, leave that alert open and re-run RKill again.

Step 2

Please download Malwarebytes Anti-Malware and save it to your desktop.
Alernative D/L mirror
Alternative D/L mirror

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to r... Read more

3 more replies
Relevance 50.84%

Hello! I am trying to help a a friend with removing My Security Shield. I followed the instructions under the security removal tab here on this site, Malware Bytes did find the program and said it removed it BUT when I went to the security control panel (she is running xp on a netbook) it said that My Security Shield was up to date

I took a chance and downloaded and installed AVG and scanned with it and rebooted. Now the antivirus security center says that there are TWO antivirus programs running

What are my next steps/options at this point?

Thanks!

More replies
Relevance 50.84%

My pc had security shield (a fake antivirus program) installed on it. I believe I removed it, and I now have several issues. When I go onto the internet, google is telling me to enter the phrases i see because there have been multiple requests from this computer. I also have an issue with musicmatch. Could someone take a look at my Hijack this log and let me know if anything looks suspicious? I am running Windows XP. My hosts file has also disappeared and a new lmhosts file was created.

Thank you.
 hijackthislog2.txt   12.17KB
  2 downloads

Answer:Help, My security shield issue

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

2 more replies
Relevance 50.84%

Hi, my husband has a new laptop and this morning while going in to check his emails he got the first pop up of security shield, he's not sure where it came from and the pop ups just keep appearing or a balloon appears at the bottom from the toolbar saying you are infected. The operating system is windows 7 home premium on a Dell laptop, please let me know what other information you need

Answer:Infected with security shield

Hello and welcome.Please follow our Removal Guide here Remove Windows Shield Center (Uninstall Guide) .You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

8 more replies
Relevance 50.84%

I'm working on a friends computer that was infected with the Security Shield malware, among other problems. I believe I got it removed, but it might still be infected with something else. The system is somewhat stable fight now. The last Malwarebytes scan was clean, but AVG picked up a virus and removed it a few hours later. The other issues might be related to other infections but I'm not sure. The system runs slow, boots slow and has problems with explorer.The system specs are a Sempron 3000 CPU and 768MB of memory. In My Computer the C: drive is listed as 27.9GB with 2.12GB of free space and a E: partition of 74.5GB with 62.5GB of free space. Disk Management does not show the C: drive, but it shows the E: drive. It looks like both volumes have the same information, meaning a Windows folder and user profiles.The issue with explorer is when I log on to his profile, the background picture will load but no icons. I have to start explorer through task manager. I'm running Malwarebytes now on both partitions, which might take some time.
Thanks,
Mike

Answer:Security Shield Issue

Hello.

Please post the Malwarebytes log when the scan completes.

~Blade

7 more replies
Relevance 50.84%

my computer is running so slow I called my cable network and they said i had something redirecting my webpages. there is something that pops up called securityguard shield it will get rid of viruses for a fee. is this what is causing me not to be able to get on my sites fast and easy. the security shield pops up frequently. please help me. windows xp home and pro

Answer:security guard shield

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next t... Read more

1 more replies
Relevance 50.84%

I need help this security shield program just keeps popping up and I can't get rid of it.EDIT: Post split off from "How To Remove An Installed Program From Your Computer" mini-guide. ~BP

Answer:Security Shield Problem

See this:

http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield

1 more replies
Relevance 50.84%

On my other laptop which is a acer that is running windows vista and has a Intel Pentium Dual CPU T2310 @ 1.46ghz and 2gb of ram I have had the security shield virus and have tried to use spyware doctor to remove it but the virus will not let me setup the program. So I can not run it and i don't know enough about the virus to remove manually on my own, So if someone could give me step by step instruction that would be great.I have also ran malware anti-ware and microsoft security essentials scan and it did not pick up the virus.

thanks

Answer:Security Shield Virus

Hi,

You should post in the Virus/Trojan/Spyware Help Forum for assistance by a trained analyst.

Make sure you follow THESE STEPS carefully before posting in the Security Forum.

Regards,
Reventon

1 more replies
Relevance 50.84%

Thank you in advance for your help.
Have followed the instructions for removing Security Shield, twice. After finishing and rebooting, it is still on my computer.
DDS.txt:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7601.17514
Run by wapawik at 12:01:44 on 2011-12-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2906 [GMT -5:00]
.
AV: Webroot AntiVirus with Spy Sweeper *Enabled/Updated* {53211D91-0C31-95F2-E3A5-7661FB22889E}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Webroot AntiVirus with Spy Sweeper *Enabled/Updated* {E840FC75-2A0B-9A7C-D915-4D1380A5C223}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Webroot\Security\cur... Read more

Answer:Security Shield Malware

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/434177 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

2 more replies
Relevance 50.84%

On my other laptop which is a acer that is running windows vista and has a Intel Pentium Dual CPU T2310 @ 1.46ghz and 2gb of ram I have had the security shield virus and have tried to use spyware doctor to remove it but the virus will not let me setup the program. So I can not run it and i don't know enough about the virus to remove manually on my own, So if someone could give me step by step instruction that would be great.I have also ran malware anti-ware and microsoft security essentials scan and it did not pick up the virus.

thanks

Answer:Security Shield Virus

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 50.84%

Hi there, I have a virus that pops up a window from "Security Shield Warning" telling me that I have harmful software and asking me if I want to remove it. I tried looking up the potential viruses on your site and could not find anything about "Security Shield". I could use some help removing this virus.

Answer:Security Shield Warning

Start with this guide: http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield

13 more replies
Relevance 50.84%

Hi Guys, can you please help?

A few months back I had security shield keep popping up...but i some how managed to get rid of it. Switched the lap top on again today and its back....and driving me nuts! Run AVG but nothing is being picked up. Searched the web for best program to get rid of it and it came up to download spyware doctor.....ive tried to do this, however every time i try and open it, security shield stops me and says it is infected with trojans etc, hence me not posting a hijack report just yet, as i was unsure if it would allow me?
If you could help asap as it keeps popping up every 20 seconds!

Thanks

Mr Leigh

Answer:Security shield nightmare!

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

=========================

In the event the infection prevents our tools from running, the following tool will help running them.

If you have an active internet connection, copy/paste the links below into your browser, don't click them or the rogue might redirect. If you don't have an active internet connection, download the tools from another machine, and transfer them to the affected machine via USB flash drive.


Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)

There are 4 different versions. If one of them won't run then download and try to run the other one. You only need to get one of them to run, not... Read more

1 more replies
Relevance 50.84%

I found the guide for the removal of my security shield extremely helpful, although it seems I found another trojan with another scanning software.
I hope all is gone, but it seems that the computer is now unable to access the internet because of something the malware caused, when I open IE or other browsers I get "connection problem" or something like that. When I allow windows to figure out the problem it says somethig about a proxy server.
My computer crashed or froze while trying to create the gmar log.
I'd appreciate some help, thanks!
DDS (Ver_10-12-12.02) - NTFSx86
Run by Dovid at 21:53:10.92 on Sat 01/01/2011
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_12
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1255.972.1033.18.958.260 [GMT -5:00]

AV: Norton Internet Security *Enabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32&#... Read more

Answer:aftermath of my security shield

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:

msconfig
safebootminimal
activex
drivers32
netsvcs
%SYSTEMDRIVE%\*.exe
/m... Read more

2 more replies
Relevance 50.84%

Warm greetings to everyone,
Forgive me for disturbing you all...but I need some assistance with what I believe is a take-over by nasty bugs and stuff. Any help at all would be deeply appreciated.
To start with...let me explain. I'm a Mac user with little to no experience with Microsoft systems. So please understand if I appear to be writing this using a crayon. I recently acquired a small Hewlett-Packard mini laptop I wanted to convert into a library separate from my Kindle...with the added feature of a game or two for pleasure. I am not the original owner and cannot verify the history of my system prior to about two weeks ago around the 6th of June.
But two days ago I attempted to use google and I was instead told by my system that it wasn't a safe place to go. Even hitting the go to it anyway button would not allow me to access it. I altered the security feature (lowering it, temporarily) to see if that would help, it didn't. Instead what was happening was warning flashing from something called Security Shield that I was not safe and to show me it proceeded to scan...showing me why. At first I selected the fix it button which only sent me to a screen wanting me to buy their program. I refused and asked it to continue unprotected. I wanted to decide what I want after more research. It progressively worsened to the point it wouldn't allow me to do anything including pulling up my Calibre Library, telling me it wasn't safe. It was only when if warned me my... Read more

Answer:Security Shield wants me to buy their stuff!

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/461749 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

2 more replies
Relevance 50.84%

Hi Guys,

I need some help, I have a PC which is infected with the security shield virus, I have followed the guides only but two things are different from what the guide is say. 1) there are no proxy settings? & 2)when I run RKill or any of the other named versions it keeps coming up with a message and reboots the PC.

I have also tried Stinger but that finds some virus's but isn't able to remove them.

Answer:Security Shield & Rkill

What message is Windows displaying? Also can you post the rkill.txt file found on your desktop.

2 more replies
Relevance 50.84%

Hi Guys, can you please help?

A few months back I had security shield keep popping up...but i some how managed to get rid of it. Switched the lap top on again today and its back....and driving me nuts! Run AVG but nothing is being picked up. Searched the web for best program to get rid of it and it came up to download spyware doctor.....ive tried to do this, however every time i try and open it, security shield stops me and says it is infected with trojans etc.

If you could help asap as it keeps popping up every 20 seconds....it only happens in the main user area, if i log on as a guest, nothing happens?

Thanks

Mr Leigh


DDS (Ver_10-12-12.02) - NTFSx86
Run by Sarah at 21:18:53.58 on 30/12/2010
Internet Explorer: 8.0.6001.18999
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.44.1033.18.2008.630 [GMT 0:00]

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs ... Read more

Answer:Security shield nightmare!

Hello and welcome. Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.” Absence of symptoms does not mean your machine is clean!
Please do not run any scans or install/uninstall any applications without being directed to do so.
Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.
Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - ComboFix will not run until AVG is uninstalled. This is because AVG falsely detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first. You may do this through Control Panel > Programs > Uninstall a program or you can use this tool for a more complete removal:

Download AppRemove... Read more

7 more replies
Relevance 50.84%

Hi,

I have a problem of a my security shield keeps on popping up on my desktop and Im unable to uninstall it and I can't seem to find its folder. Everytime I delete the files it keeps showing up after I restart my PC. Please help me....

Im using Windows XP.
 

More replies
Relevance 50.84%

My notebook is infected with a "Security Shield" virus and I can't get rid of it. What can I do?

Answer:Security Shield Virus

Hello and welcome.Please follow our Removal Guide here Remove Security Shield or SecurityShield (Uninstall Guide) .You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

1 more replies
Relevance 50.84%

Hello,

A program called security shield has installed itself on my computer and I need help getting rid of it. I tried installing Spywar Doctor bby PCTools but it wants me to pay for it.

I am not a techy person so I'm not sure what sort of information you need. I am using a Studio Dell computer and the windows software came with it (from the online Dell website) so I'm sure it's legit.

I got the computer about 4 years ago so I'm guessing it is Windows Vista? I cant tell but if you tell me how to check I can let you know.

Lastly, I'm new to this forum, so I dont know how it works. Will I get notified when someone replies?

Answer:Security Shield Problem

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and
Quote:




Having problems with spyware and pop-ups? First Steps




a link at the top of each page.

Please follow our pre-posting process outlined below. Use a USB flash drive to download and transfer the tools to the affected machine, if necessary.

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 50.84%

I tried to upgrade Spyware Doctor but failed indicating my security shield is on my computer. Need to remove this virus

Answer:how do i remove my security shield

You can try to remove "my security shield" manually. Manual removal instructions could be found at http://www.pcrisk.com/internet-thre... but manual removal requires good computer knowledge. To automatically remove my security shield try downloading malwarebytes antimalware. Download links http://www.pcrisk.com/top-spyware-r... Download, install and update. If you are not able to install malwarebytes antimalware rename mbam-setup.exe to something.exe (or anything different) and run it. After you have installed the software try to launch it. If nothing happens. ( Program doesn't start) Go to the folder "C:\Program Files\Malwarebytes' Anti-Malware" and create a copy of the "mbam.exe" file and rename it to "start.exe" and run it. After this procedure your software should run OK.

2 more replies
Relevance 50.84%

windows security shield keeps popping up wanting to remove viruses for a fee. these pop ups happen every few seconds and interruptes commands. it won't let me do certain things it wants me to remove viruses for a fee

Answer:windows security shield

http://www.malwarehelp.org/fake-win...Have a read of this, its a fake you getting.

3 more replies
Relevance 50.84%

I already have Malwarebytes installed on my computer. I ran a quick scan and a full scan and it didn't get rid of Security Shield. What should I do now? I can't afford to take it in and I really need my computer. Can someone talk me through the process of removing it?

Answer:Malwarebytes and Security Shield

Try doing a search on Google for 'Security Shield Removal' - there are loads of manual walkthroughs to do it (don't bother downloading any 'removal tools' as these are generally just trying to sell you programs). The main steps are to stop the malware from running, either by catching it early in the start-up process and stopping it through Task Manager, or start in safe mode, then remove the start-up item, either directly in the registry, by using MSCONFIG or by using the Tools/start-up section of CCleaner, then delete the folder containing the file. Lastly run CCleaner registry section and Malwarebytes again."I've always been mad, I know I've been mad, like the most of us..." Pink Floyd

2 more replies
Relevance 50.84%

Hello everyone hope your computers stay un affected by this nasty little virus. I am writing in the hopes to receive some much need advice on my mothers computer. I have no physical access to her computer and am talking to her over skype because Im stationed in Germany so my directs to here have to be dumbed down. She emailed me with a issue called Security shield and I used my knowledge base to try and fix it with no solution. I had her install rkill run the computer in safe mode with networking and turn off the virus. She was able to run Malwarebytes and found 18 trojans and a few other nastyies. The problem was not resolved and the virus is back. Any advice would be very much appretiated. Thank you for your time
 

Answer:Security Shield Strikes again!!!!

Hello methodical7,

Tell her to go through this guide : READ & RUN ME FIRST. Malware Removal Guide
 

1 more replies
Relevance 50.84%

A shield shows up on the lower tool bar looking like
a windows security shield. It has an x on it. I have
not hit it. It wants me to hit so it can do more harm.
Howe to get rid of this?

Answer:windows security shield

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.============================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log can also be found here:C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txtOr at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

1 more replies
Relevance 50.84%

Somehow this has gotten on my husbands computer. I can't figure out how to get it off, but I see lots of people saying to get it off. Can you help?

Here is my Hijack log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:22:12 PM, on 12/12/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18527)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\AOL 9.1a\waol.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\aol\1247692777\ee\aolsoftware.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\andy145.exe
C:\Program Files (x86)\AOL 9.1a\shellmon.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Users\david\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HADPN7KH\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs... Read more

More replies
Relevance 50.84%

My wife got the Security Shield virus on her computer, and we attempted to fix as was detailed here:My linkDuring removal of the malware files, the MalwareBytes program asked us to restart the computer. We did so, and are now getting a black screen and nothing else.Any ideas?

Answer:Security Shield Issue

Hello, and sorry for the delay.

At which point do you see this black screen? Do you still see the Windows Splash screen? Does tapping F8 on startup bring up the Advanced Boot Menu?

2 more replies
Relevance 50.84%

Hi there,

I am helping a friend who got her computer infected with security shield, she had AVG Pro installed, and as soon as it expired recently the infection happened. Now no executable files are able to run, I just get a dos window pop quickly and close, so I decided to use command line to see if there was any error message, and here is what I got; "Program too big to fit in memory", something like that. Can't open task manager to close any of the processes, since it closes right after. When booting in safe mode, task manager opens, but executebles still don't work, so no chance of installing malwarebytes or any other anti spyware. Tried using rkill, which unfortunately closes just like any other executable before it can do anything useful. I remember though bout maybe half a year ago I had a similar problem, and used the fr33 tool I downloaded here, but seems the link is down for that and I cant find a copy of it on my computer, is there a chance it could be re-uploaded, it would come very handy right now, could just use it to install malwarebytes.

I will be going to her house again tomorrow to try solve it, so hopefuly someone would be able to get back to me soon.

Any help would be much appreciated.

Thanks!

Answer:Need help with Security Shield removal

Alright so, I got an idea when I woke up. Since exe files don't run, what about msi files, if I remember correctly when I plugged in my usb into that computer and browsed it, while all the exe files had white icons, I had an msi setup file there that seemed to be recognized. So I just looked around the internet and download a trial of a exe to msi converter, there were a few different ones, I just got a random one. Converted the Malwarebytes setup to msi, on my computer it seems to work and install, so the setup file works, now hopefully it will work on hers too. Also if it doesn't work, hopefully she got winrar installed there, I mean who doesnt lol, well if she does maybe dragging an exe file into winrar would allow me to extract the setup files, I dunno, but Ill give it all a shot.

Gonna post my results here.

If anyone got any other ideas, please lemme know, thx!

3 more replies
Relevance 50.84%

I am having a hard time removing this malware

it will not allow me to access many items including my own security software.

It pops up constantly telling me that I am infected with 23 viruses and trojans.

all googles bring up scam and to remove it immediately and then stops me dead in my typing to warn me again.

HELP ME PLEASE!!!!

I need to do some banking and other book work and I am freaking out.

thank you and happy holidays

Answer:HELP!!! Security Shield virus

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

2 more replies
Relevance 50.84%

Hi guys,
I was just sent an email with the attachment 'Surprise.exe' and as I recognised the email address I stupidly opened it. It installed 'Security Shield' on my PC which kept popping up with bogus trojans etc.
At first I couldn't get rid of it so did a c:drive search for files modified at the time of the email and found the directory WuRedir had a new subd. \9482F4B4-E343-43B6-B170-9A65BC822C77 which contained the WuRedir.cab and .xml. When I right-clicked on them it seemed to send an instruction to Security Shield to send me a new message so I opened my Windows Task Manager and watched which file jumped up when I clicked. The answer was 723053684.exe which I turned off, searched for, found and deleted.
For now this seems to have stopped the problem.
Is there anything else I should do to protect my PC - other than not allow me to touch it!?

Ta.
Mark
 

More replies
Relevance 50.84%

remove security shield virus
 

Answer:security shield virus

Welcome to Major Geeks!

Could you please explain the reason for your post.
 

1 more replies
Relevance 50.84%

I definitely have/had a My Security Shield infestation. I'm down to step 17 of http://www.bleepingcomputer.com/virus-remo...security-shield. I looked at the current hosts file, which is in the codebox. There don't appear to be any active lines. So where is the problem? Are the comment lines read as functional by the malware? # Copyright © 1993-1999 Microsoft Corp.## This is a sample LMHOSTS file used by the Microsoft TCP/IP for Windows.## This file contains the mappings of IP addresses to computernames# (NetBIOS) names. Each entry should be kept on an individual line.# The IP address should be placed in the first column followed by the# corresponding computername. The address and the computername# should be separated by at least one space or tab. The "#" character# is generally used to denote the start of a comment (see the exceptions# below).## This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts# files and offers the following extensions:## #PRE# #DOM:<domain># #INCLUDE <filename># #BEGIN_ALTERNATE# #END_ALTERNATE# \0xnn (non-printing character support)## Following any entry in the file with the characters "#PRE" will cause# the entry to be preloaded into the name cache. By default, entries are# not preloaded, but are parsed only after dynamic name resolution fails.## Following an entry with the "#DOM:<domain>" tag will associate the# entry with the domain specifi... Read more

Answer:My Security Shield Question

What you posted is LMHOSTS file, not HOSTS file.

1 more replies
Relevance 50.84%

I have a VAIO laptop with windows 7 OS. Over the last couple of days I have had messges coming up saying I need to activate "My Security Shield", the program looks Microsoft ie the right colors and format etc but the way it is comming up I don't think it is. I have my trusted AVG 9 installed and I ma happy with that I don't want norton, Macafee or any of the others. I am trying to stop the program coming up but can't find where it is installed can anybody help me to eliminate the pop ups. Is anybody else having the same problem with Win 7?

Answer:My Security Shield - MS? virus? - Win 7

click here

8 more replies
Relevance 50.84%

I followed the guide step by step in your Security Shield removal guide, using malwarebytes. Upon restarting, the security shield scan started as it had before taking all of the necessary steps. I am an online college student so it is EXTREMELY IMPORTANT that I have this removed ASAP!

Thank you in advance for your help!

Mike

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421
Run by -3 at 12:57:10 on 2012-08-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3767.2875 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Window... Read more

Answer:Security Shield virus!

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the ... Read more

3 more replies
Relevance 50.84%

Hello again, Anyone have a bit of time to help me clean out a virus? Security shield has gotten into my machine, and I am tired of taking my pc to the help desk to have it wiped and reloaded. This malaware closes my security essentials and prevents me from reopening it. It creates false virus scan results and pop ups that direct me to a website that sells their antivirus program.
Idealy, I want to create a lean mean virus killing machine. I bought this pc used with AVD free antivirus preloaded. Its been a while, but I think I removed that and installed microsoft security essentials. I run XP pro on a pentium 4. Need more info? Let me know. Thanks!

Answer:another security shield virus

Boot the PC into safemode with networkingDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

15 more replies
Relevance 50.84%

We've been hit now twice by Security Shield. Apart from the fact that it takes me my time to resolve it on my family's PCs, i 've begun to be extremly irritated by these people. We can - and BP are doing a fab job there - keep fighting the fires.
However, does anyone know who these people are, where they reside and so on?

I was called at home (that the limit of intrusion into my private life) by people naming themselves Windowscare, obviously CLID disabled, they had me for about two minutes but then i suddenly realised that i was being scammed. Another group (the same?) that should be nailed down.

Anybody info on this?

More replies