Does anybody know what "My Security Shield" is and how to get rid of this? Is this a virus or spyware?
It has randomly appeared on my computer and there is now an icon (very similar to McAfee icon)
on the bottom taskbar. I keep getting popups warning me that there are viruses/trojans infecting
my computer. I can't get rid of these popups or the icon that has appeared.
I ran a full scan using McAfee but it did not detect any viruses or anything suspicious.
But surely it should have detected this fake "my security shield" ?
Any help would be much appreciated!
Moved to Malware Discussions.
Hi, 'My Security Shield' is a rogue antispyware program and as such most antivirus applications have a hard time spotting it.
There is an excellent removal guide HERE. Scroll down that page as the first links you see are advertising links.
I have this virus on my computer too, I tried the process out lined on Bleepingcomputer.com, all works, but i can't complete step 17 & 18 replacing the HOSTS file. The spermware utility works, step 17, i get black blink of window as it mentions in procedure, but when i try to delete HOSTS file i can't see that file in the folder. Neither it gets replaced when i try to download new file from the link to the mentioned location. I have Windows Vista 32bit system.
PLEASE ADVISE IF ANYONE HAS COMPLETED THESE STEPS SUCCESSFULLY
STEP 17) As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system. Please note that if you or your company has added custom entries to your HOSTS file then you will need to add them again after restoring the default HOSTS file. In order to protect itself, My Security Shield changes the permissions of the HOSTS file so you can't edit or delete it. To fix these permissions please download the following batch file and save it to your desktop:
STEP18) We now need to delete the C:\Windows\System32\Drivers\etc\HOSTS file. Once it is deleted, download the following HOSTS file that corresponds to your version of Windows and save it in the C:\Windows\System32\Drivers\etc folder. If the contents of the HOSTS file opens in your browser when you click on a link below then right-click on the appropriate link and select Save Target As..., if in Internet Explorer, or Save Link As.., if in Firefox, to download the file.
Windows XP HOSTS File Download Link
Windows Vista HOSTS File Download Link
Windows 2003 Server HOSTS File Download Link
Windows 2008 Server HOSTS File Download Link
Windows 7 HOSTS File Download Link
Your Windows HOSTS file should now be back to the default one from when Windows was first installed.
STEP 19) Now reboot your computer.
Message was edited by: jnmistry on 9/20/10 7:22:46 PM CDTMessage was edited by: jnmistry on 9/23/10 11:00:58 AM CDT
You may have to turn off a feature in McAfee SecurityCenter in order to change the HOSTS file.
Double-click the taskbar icon to open SecurityCenter
Click Navigation (top right)
Click General Settings and Alerts in the ensuing menu.
Click Access Protection to expand
Uncheck 'Use Access Protection' and then click Apply.
Those instructions are for the 2010/11 products, if yours is the 2009 product (square taskbar icon) please post and I will try to find the instructions for that product.
Please do not use the private messaging system as it takes forever to reach me due to the fact that all PM's are subject to Administrator's approval, plus I have no idea when the message comes in due to this board's notification failures.
Once this is all done please re-enable Access Protection.
Any questions regarding a BleepingComputer tutorial should be asked on the BleepingComputer forums.Message was edited by: Ex_Brit on 23/09/10 4:32:36 EDT PM