Home Articles Spyware Research Support Scan Now Purchase F.A.Q.

Top 25 Spyware:

1.Google Redirected
2.Vundo Trojan
4.Antispyware Soft
3.Security Tool
5.My Security Engine
6.Control Commander
7.Virus Protector
8.Total Security
9.Antivirus XP 2010
10.SmartVirusEliminator
11.System Security
12.MS Antispyware 2009
13.Personal Antivirus
14.Total PC Defender
15.I-Q Manager Scam
16.WinAntiVirus
17.Spyware Protect 2009
18.System Doctor
19.SaveDefender
20.DNS Changer
21.Virus Blast
22.Trojan.Win32.CP4000
23.onlinestability.com
24.Trojan.FakeAlert
25.Troj.SystemAlert
About Spyware
Glossary

Latest Detections
Fake Scanner Sites


Google Search Redirects

Bestclicksnow.com
Bestwebsearch.com
Cliccker.cn
Clickover.cn
Couponmountain.com
Lowpriceshopper.com
Mycustomsearch.cn
Overclick.cn
Shopica.com
Shopzilla.com
trafficposter.com
Toseeka.com
Update-browser.com
Windowsclick.com
Zetaclicks4.com
Zoombli.com

My Security Shield

Alias: My Security Shield, Security Master AV, Security Shield

Description: Modified on: Sep 20, 2010 09:23am

My Security Shield is a new variant of Security Master AV. My Security Shield is a fake antivirus product which hijacks your computer and uses scare tactics to get you to purchase the full version. Just like its predecessor, My Security Shield is very good at eluding detection. In order for My Security Shield to stop you from removing it, it disables your existing antivirus and antispyware programs and blocks access to help forums and to major name brand antispyware and antivirus vendor websites. It also disables Task Manager so that you don't shut it down manually. Additionally, My Security Shield modifies your 'hosts' file which basically hijacks your Internet connection. This can be used to block access to certain websites, and to re-direct your searches to websites of My Security Shield's choice. My Security Shield adds several hundred entries to your registry under the 'Image File Execution Options' key. These entries are used to block access to several hundred programs.

My Security Shield occasionally harasses the user with warnings and messages saying that their computer is infected and is under attack from hackers. In most cases we have seen, My Security Shield was installed by a trojan or mistakenly downloaded from one of many fraudulent Fake Scanner Sites.


My Security Shield displays exaggerated fake scan results similar to those shown below:




If you are unable to run programs, this is because My Security Shield has disabled them.

My Security Shield Special Removal Instructions

Please make sure to bookmark this page as you may need to refer back to it to complete the removal steps.

We have created a modified version of SpyNoMore to handle persistent infections such as My Security Shield. Instructions below:

Step 1: Click here to download the modified SpyNoMore installer onto the infected computer. If you are unable to download it directly to the infected computer, please download it to a clean computer and transfer it to the infected computer (by using a network or a flash drive). NOTE: The installer will be named iexplore.exe.

Step 2: Double-click iexplore.exe to install SpyNoMore on the infected computer. When the installation is completed, SpyNoMore will check for and download available updates which will alert My Security Shield to its presence at which point My Security Shield may shut down SpyNoMore. If the malware shuts down SpyNoMore, simply restart SpyNoMore from the desktop shortcut.

Step 3: SNM will scan your computer and if My Security Shield is present, SNM will detect it and you will be able to see either My Security Shield or Security Master AV in the scan results. These two are the same product. Please note that the free version of SpyNoMore will only show you the detections but will not remove them. In order to remove the infection you need to purchase a 1-year license which costs $29 (or $39 for 3 computers). In all cases, you will be able to see My Security Shield in the free version scan results.

Step 4: After the scan is complete and you are able to see My Security Shield in the scan results, you can purchase the activation key and proceed to remove the infection. If you are unable to purchase the activation key from the infected computer, you can do so from a clean computer by clicking on our Purchase link on spynomore.com. Simply write down the activation key and use it to activate SNM on the infected computer. This will remove My Security Shield and restore your internet connection. You will again be able to run your programs and applications without trouble.

Step 5 (optional): It would be a good idea to check your computer for rootkits (which are basically hidden trojans) which may have tagged along with My Security Shield. To do so, download and run TDSSKiller by Kaspersky Labs.

Step 6 (optional): If TDSSKiller does find a rootkit, it will ask you to restart your computer so that it can remove the rootkit(s). After your computer restart, scan your computer once more with SpyNoMore to make sure everthing is OK.

Hint: If SpyNoMore is unable to download updates, click on SpyNoMore's 'Settings' button and uncheck the box that says 'Use Internet Explorer settings'.



Threat type:

Hijacker - A Hijacker is a software application that takes control of your browser's settings. Usually it changes your home page and redirects it to some unknown site or modifies your search settings. It prevents you from changing back your browser's settings. An infected browser usually operates much slower.

Ransomware - Ransomware is a software application that infects a computer and asks for money to have the infection removed.

Trojan - A Trojans or Trojan Horse is any programs that installs itself secretly, quite often with sinister intent. Once installed, the trojan author (hacker) can gain complete control of the infected PC. Trojans are usually designed to steal sensitive information and/or destroy the system. Trojans can be distributed as unsolicited email attachments, or bundled with freeware and shareware programs.


Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer and / or to protect your privacy.

Detection:
SpyNoMore removes My Security Shield: Yes

Threat risk: Very High Risk
Remove My Security Shield, My Security Shield Remover
Extremely dangerous malware. Uses stealth installation, randomly named entries and has the capability to self update or resurrect after incomplete removal. Almost impossible to remove manually. Category mostly consists of trojans and spyware.

Symptoms:

My Security Shield gets installed without your permission.

Inability to run programs.

You cannot simply uninstall My Security Shield as it is malware and does not come with an uninstaller.

Inability to open Task Manager.



My Security Shield Signature Details: The following information includes some of the standard signatures associated with this spyware threat. Please do not attempt to manually remove these items from your computer; Removing these items incorrectly or partially can cause your computer to experience critical errors, prevent your computer from restarting or cause loss of Internet connectivity. Should you be infected with My Security Shield, you can clean your computer by downloading SpyNoMore now.

Running Process Signatures:
N/A

File Signatures:
N/A

Registered Dll (Dynamic Link Library) Signatures:
N/A

Folder Signatures:
N/A

Registry Signatures:
N/A

SpyNoMore Collected Residual File Signatures:
N/A


See Also:
Red Cross Antivirus
AntiSpy Safeguard
Major Defense Kit
Peak Protection 2010
Pest Detector 4.1
AVDefender 2011
Malware Destructor 2011
high-speed-finder.com
Iron Defender
budgetmatch.net

Spyware Removal Home | Support | F.A.Q. | Contact Us | Spyware Removal Database | Privacy Policy | Site Map
Copyright © 2005-2008 Illysoft LLC