9 Replies Latest reply on Mar 9, 2012 5:58 AM by Peter M

    Security Shield, please help

      I was surfing the web and went to a green site about of all things, the guiness book of world records, only for Security shield to suddenly pop up like it was no tomorrow without Mcafee batting an eyelash. I immediately killed the process and deleted it from appdata, which killed the fake scans and popups, then I proceeded to read up on this hell of a virus, and did a couple system restores ranging back in time for good measure. However, as I've read on, this thing is insideous, and I can't afford to lose this computer. Nor can I afford to hire anybody to fix what may be beyond my ability. I have checked my registry in the reccomended areas for suspicious files and have found none. However there is something that deeply concerns me. My desktop executable files now have this exclamation bubble. What reason could this be for? And does this indicate that I am completely doomed still? example.jpg

      The symbol in question.

       

      If, in fact I am doomed, would it be plausible to wipe my computer to factory default in a last ditch to save this without involving money I cannot spend to have this fixed in any way shape or form?

      If in fact I am not, may I please know the details of this issue in relatively simple terms?

       

      Thank you for your help.

        • 1. Re: Security Shield, please help
          Peter M

          No you aren't doomed.  That symbol is the one used by Videolan's VLC Player (which by the way is now version 2 according to the website:  http://www.videolan.org/vlc/ ).

           

          What operating system and service pack are you using?

           

          The first thing to try would be System Restore and I'm assuming your desktop is useless right now so reboot into 'Safe Mode' by tapping F8 repeatedly while booting up.

           

          System Restore can be accessed in several ways, but the easiest one is to go to Start/Run and type in rstrui.exe and OK any prompts.

           

          Or go to Start/All Programs/Accessories/System Tools or in recent systems right-click Computer and select Properties and select System Protection on the left.

           

          Then see if you can go back to before all this happened.   If successful open that System Protection and turn off System restore temporarily to delete the infected restore point.

           

          If not, post back.

          • 2. Re: Security Shield, please help

            Well, as I have said I have already done a system restore, and I do recognize the videolan vlc player. It is the small circular exclamation point bubble that I did not have previous to this incident I don't recognize.. I'm no longer having visible issues beyond this, but considering the insideous nature of the virus, I want to be certain, especially when videolan is not the only file on my desktop with that new symbol by it. It has also effected video files, and txt files on desktop. But if these files are moved, the eclamation bubble no longer appears. Do you know of a reason why this would happen and if it might apply to the rogue still being in my system after the steps I have taken?

            I am currently using Windows Vista Home Premium service pack 2.

             

            Message was edited by: chickens999 on 3/7/12 5:39:43 PM CST
            • 3. Re: Security Shield, please help
              Peter M

              Sorry I missed that bit.  If you did several restores then it's unlikely the infection is still there.   After a restore you need to update a lot of things, Windows, McAfee and whatever else is needed.

               

              If you aren't satisfied it's gone then run Hijackthis and post the result on one of the speciiaist forums:

               

              See the lower part of the page of the last link in my signature.

              1 of 1 people found this helpful
              • 4. Re: Security Shield, please help

                You could also try the removal guide.By bleeping computer.If you follow all the steps It should work.But If you do go this route I would still post in 1 of the forums peter has on bottom of his signiture.just In case.Sometimes these Rogues Install other undesirables on your machine.Here is the link to Guide below.If Rkill does`nt run try a differany1

                http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield

                1 of 1 people found this helpful
                • 5. Re: Security Shield, please help

                  Thanks for the adivce, I was considering running a Hijackthis but I wanted to check to see if anyone might see the icons and recognize them/the possible issue before putting all that info in their laps. From what I've read up on this virus has a tendency to leave remnants in the registry and other places, and since those exclamation bubbles popped up at the same time the virus entered my computer I want to get to the bottom of it in case it's lurking to redownload itself, whether or not I've cut off the head of the dragon by taking those first steps. I've scanned the registry for any unusual entries but so far no dice. This is beyond me though so I am definitely going to do a hijackthis log.

                   

                  Thanks Peter.

                  • 6. Re: Security Shield, please help

                    @newjack,

                     

                    The removal guides were the first things i looked to when I freaked out and did a ton of research, and yeah for sure.. That was my worry considering what I've read about this little monster everywhere I've gone. I'm doing a log and will be sure to post it for review. You've all been incredibly helpful.

                    • 7. Re: Security Shield, please help
                      Peter M

                      chickens999 wrote:

                       

                      Thanks for the adivce, I was considering running a Hijackthis but I wanted to check to see if anyone might see the icons and recognize them/the possible issue before putting all that info in their laps. From what I've read up on this virus has a tendency to leave remnants in the registry and other places, and since those exclamation bubbles popped up at the same time the virus entered my computer I want to get to the bottom of it in case it's lurking to redownload itself, whether or not I've cut off the head of the dragon by taking those first steps. I've scanned the registry for any unusual entries but so far no dice. This is beyond me though so I am definitely going to do a hijackthis log.

                       

                      Thanks Peter.

                      It's possible I suppose but equally likely that it simply corrupted some things.  I don't use VLC Player so can't help there I'm afraid.   Their Support might though:  http://www.videolan.org/support/

                      • 8. Re: Security Shield, please help

                        To remove this virus, you should run a full system scan with a reputable anti-spyware. However, when trying to remove, people find difficulties to launch its executable file because of the virus that disables its victims from that. However, you can try entering its url address straight to your address bar. Don't wait until virus downloads more malware on your computer or disables you from the internet!

                        • 9. Re: Security Shield, please help
                          Peter M

                          We've already linked the removal guide.   Any problems, people can ask on that forum.