Ask a new question

How to remove Security Shield Virus

Hello, I run MS Safety Scanner to remove this virus via safe mode with networking, but though the scan claims to have removed 3 infected files, this did not remove the virus. I trid almost all the solutions suggested on MS and breepingcomputer sites, but did not work. I have Vista - can someone suggest any other solution?

 

I run the MS Safety Scanner for the first time and after it has finished, went back to open the Windows normally. The virus was still there, much alive and kicking.

 

Apart from running the Safety Scanner, I run RKill i explore (downloaded from breepingcomputer) before cleaning for the second time, but the computer switches itself off after a while (the display is set "Never" to switch off.) When the Safety Scanner was run for the second time, up to the point when it was switched off, it said to have found 1 infected file.

 

What else can I do?

 

With my many thanks!

 

 

 

Answer
Answer

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=SecurityShield

 

See the following: http://www.bleepingcomputer.com/virus-removal/remove-security-shield

 

This is a new variant and the malware authors seem to be altering the characteristics and signatures on a daily basis to help the program avoid detection.

 

Have you sought assistance from your antimalware provider (Avast, Avira, AVG, McAfee, Norton, Trend, etc.)?

 

Are you running Microsoft Security Essentials?

If so

Start here - https://support.microsoftsecurityessentials.com/  and select the link that says - I think my computer is infected. Options will vary by region, but phone support leads you to Microsoft Answer Desk (http://www.answerdesk.com/) in the US at this time. After an initial free consultation, a fee may be charged for assistance, based on the details of the case.

 

If not:

 

You can start here:  https://consumersecuritysupport.microsoft.com/  (which will also lead to the paid support options if you are in the US)

 

In other regions not served by the link above, go here:   http://Support.microsoft.com/security and go to the “assisted support” or contact us menu.   For international information, see your local subsidiary Support site.

 

Alternatively, try these on demand scanners which will not interfere with your resident AV program:

 

 

Go to www.malwarebytes.org and download, install, update and run the free version – just follow the prompts.  The prompt  asks if you want to Start trial or Decline.  To get the free version (without real-time scanning or web site blocking features) you need to choose Decline.  You may need to rename the installation file to 123.exe or something similar to prevent the malware from disabling/blocking the installation.  Or you might want to download the installation file to a flash drive or CD and then install Malwarebytes on the infected computer.

 

And/or

Try Superantispyware Portable at: http://www.superantispyware.com/portablescanner.html

SAS Portable is "designed" to be downloaded onto a flash drive (or CD) and you could then insert the drive into your computer and run it from there.  If you do that you may need to scan the flash drive for malware after using it on the infected computer.  SAS is a very good scanner but will also identify and remove cookies which are not considered to be malware.

And/or

Try Hitman Pro Trial Version: http://www.surfright.nl/en/hitmanpro   This can be run from a flash drive.

And/or

Try TDSS Killer: http://support.kaspersky.com/faq/?qid=208283363   This can be run from a flash drive.

And/or

Try the Eset Online Scanner: http://go.eset.com/us/online-scanner

And/or

Try this MS scanner: http://www.microsoft.com/security/scanner/en-us/default.aspx

 

Free malware-removal forum options include:

http://www.bleepingcomputer.com 

http://discussions.virtualdr.com/forumdisplay.php?f=71

 http://www.dslreports.com/forum/cleanup

 http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/64

 http://www.geekstogo.com/forum/forum/118-security/

 

 

Good luck...

 

http://voices.washingtonpost.com/securityfix/2009/09/what_to_do_when_rogue_anti-vir.html#more

 

http://ask-leo.com/i_run_antivirus_software_why_do_i_still_sometimes_get_infected.html  

 

MVP Consumer Security 2014-2016
Windows Insider MVP 2016-2018

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Answer
Answer

Dear Le Boule and everyone,

 

Thank you very much for your advice.

 

I am afraid MS safety scanner and Windows Defenders did not remove Security Shield. Nor any advice offered by Microsoft were effective.

 

I have now successfully moved Security Shield by running RKill to stop the process interferring with the cleaning process, run Malwarebites, then, resetting the proxy by running host perm.

 

I have also lost my faith in Windows Defender and installed AGV.

 

The other tip is to ensure all the programmes such as Adobe are up to date as spyware tend to tag onto the old programmes.

 

Thank you again for your advice.

 

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info

Last updated April 22, 2025 Views 2,809 Applies to: