2 Replies Latest reply on Dec 19, 2010 9:45 AM by SunnyDay

    My Secuity Shield-malware-Restore

      I just bought a laptop and my niece began using it just after I got McAfee loaded and before I created the backup disks.  After opening an email from her friend the My Security Guard appeared.  McAfee did not catch it and from what I have read here and on other sites it would not.  After reading alot of different suggestions and instructions I finally just tried to Restore it (several sites stated this has a 3 of 10 chance of working). Brought the laptop back up, made sure McAfee was back and it appears to be fine-no pop-up or false-warnings.  But can I be sure?


      I checking into the Malwarebytes software but can it be does not appear to be possible to purchase/download it on my PC and then moved to my laptop and since I'm not sure if the My Security Shield is gone or not I don't want to use my laptop to purchase it.  I am also hesitant to create the backup disks until I know the system is safe.  Any suggestions??

        • 1. Re: My Secuity Shield-malware-Restore

          If as you say a Restore only has a 30% chance of ridding your laptop of this rogue program you're better off assuming it's still present, I would say.


          There are instructions on how to remove it at BleepingComputer - click on this link


          You don't have to buy Malwarebytes at this stage, or even at all. There's a free download available here.


          'My Security Shield' is one of those borderline cases where an AV program will not object to its presence - it looks like a genuine program to the AV software. We of course know it's not.

          1 of 1 people found this helpful
          • 2. Re: My Secuity Shield-malware-Restore

            Okay, I did not need the Rkill as I had no problem downloading.  I did download the Malwarebytes Anti-Malware and ran it.  It found one infected file, RogueSecurityShiled.  I listed the log below.  I ran Malwarebytes again and it came out clean, ran McAfee again and it is clean.  Am I missing anything I should still check?  If not I was going to get my backup disks created.  Thank you for all your help!!  I really appreciate it!


            Scan type: Full scan (C:\|D:\|E:\|)
            Objects scanned: 283497
            Time elapsed: 34 minute(s), 56 second(s)

            Memory Processes Infected: 0
            Memory Modules Infected: 0
            Registry Keys Infected: 0
            Registry Values Infected: 0
            Registry Data Items Infected: 0
            Folders Infected: 0
            Files Infected: 1

            Memory Processes Infected:
            (No malicious items detected)

            Memory Modules Infected:
            (No malicious items detected)

            Registry Keys Infected:
            (No malicious items detected)

            Registry Values Infected:
            (No malicious items detected)

            Registry Data Items Infected:
            (No malicious items detected)

            Folders Infected:
            (No malicious items detected)

            Files Infected:
            c:\Users\Lewis\AppData\Roaming\microsoft\Windows\start menu\Programs\security shield.lnk (Rogue.SecurityShield) -> Quarantined and deleted successfully.