eddiemccloud wrote:There is a program called "My Security Shield" that is on my computer that I did not download. It has trojan, malware listed on it etc. It is what is called a "rogue" site that says I have infected files so that I can purchase their service. I need to know how to manually delete this program off of my computer.Thanks,Eddie
My Security Shield is in fact a Rogue program. So, I agree that you should Not purchase their services.
A really good description of this program can be found here at BleepingComputer.com http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield
with good instruction on how to remove this 'program.' Follow the instructions carefully using all of the steps listed. Note that you may need rkill.com and MalwareBytes Anti-Malware program. Also note that your Hosts file may have been changed and the need to manually repair this as well. Check for the 'Associated My Security Shield Files:' and manually remove as needed.
Good luck and post back with any more questions.
Ron MetzgerMessage was edited by: rmetzger (Ex-Brit beat me to it!) on 8/14/10 5:09:12 AM EDT
I'm having a similar problem as the original poster. As the malware has apparently disabled me from downloading anything using Internet Explorer, I'm trying to download rkill and Malwarebytes on another computer (the one I'm working from at the moment) and then transferring the files using a flash drive. Following the removal instructions you posted, when I try to download rkill on this computer my McAfee Anti-Virus apparently immediately deletes it, saying it detected and automatically deleted a trojan. Is my McAfee Anti-Virus being overzealous, or is there really a trojan associated with rkill in this instance? What do I do? I have not tried running Malwarebytes without first running rkill, because there are things popping up all over the screen that I assume are associated with processes that need to be killed first.
I know that you can at least download, update and run Malwarebytes in 'Safe Mode with Networking' which you could try on the infected machine.
Nope, I've tried Safe Mode With Networking, and it won't let me connect to the Internet. Hence resorting to transferring files via a flash drive.
No answer to the question about rkill being perceived as a trojan and automatically deleted?
I have no idea on that score sorry. I would ask about rkill on the BleepingComputer forums perhaps. They are experts in that field.
The only other thing I can suggest is that you download Hijackthis and post its log on one of the following forums for expert advice. Do not try to fix things yourself.
Do not post Hijackthis logs here, we can't help with those!
Post the logs at a specialist Forum:
Be sure to read all the sticky announcements/instructions at the top of each malware forum!
Advice to all. If an application wont run because an infection is preventing it. The usual way around that is to save it as a different name before trying to install and run it.
Malwarebytes questions should really be going to their forums. http://www.malwarebytes.org/forums/