What is Security Shield 2012?
Security Shield is a computer infection from the same family as MS Removal Tool. This program is a long running infection that was first seen in 2010 when it was simply called Security Shield. In 2011 it changed its name to Security Shield 2011 and it is now called Security Shield 2012. Security Shield 2012 is categorized as a Rouge Antispyware program as it pretends to be an anti-virus program, but is actually a program that displays fake security alerts and scan results in order to make you think your computer is infected.Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue. Security Shield is installed through the use of malware that will install the program onto your computer without your knowledge or permission. When installed, the infection files will be created in a random named folder in c:\Documents and Settings\<UserProfile>\Local Settings\Application Data\, in XP, or C:\Users\<UserProfile>\AppData\Local\, in Windows Vista and Windows 7. It will then be configured to start automatically when you login to your computer. You are strongly advised to follow our removal instructions below.
This Is how Security Shield Virus Look like:
You will find these icons in your taskbar:
You will get these warnings:
How Can I Remove Security Shield 2012 or Security Shield
Registration codes for Security Shield
As an optional step,you can use the following license key to register Security Shield and stop the fake alerts.
Security Shield License Key: 64C665BE-4DE7-423B-A6B6-BC0172B25DF2
Please keep in mind that entering the above registration code will NOT remove Security Shield from your computer , instead it will just stop the fake alerts so that you’ll be able to complete our removal guide more easily.
Security Shield Removal Steps
Step 1: Turn Off the Infected Computer
Step 2: Find your F8 button on the keyboard. F8 is conventionally situated on the top row of the keyboard. Prepare yourself to tap F8 Key immediately on the following step.
Eg:
Step 3: Turn ON the infected computer and press F8 until the WINDOWS ADVANCED OPTIONS MENU pops up.
Step 4: Click down the WINDOWS ADVANCED OPTIONS MENU using the down key on the keyboard and highlight SAFE MODE WITH NETWORKING. Hit ENTER.
eg:
Step 5: After getting safemode with networking,Click and hold down the WINDOWS KEY on the keyboard. This key is commonly located to the left side of the space bar next to the control key and then press the R key. The RUN BOX will appear.
Step 6: Enter iexplore.exe in the RUN BOX. Click OK.
Step 7: Internet Explorer will now start. On the top navigation click TOOLS. Under the sub-menu of TOOLS click INTERNET OPTIONS.
Step 8: Choose the CONNECTIONS selection within the INTERNET OPTIONS box.
Step 9: Locate the LAN SETTINGS option and click it.
Step10: Locate the PROXY SERVER section. If there is a check-mark in the box labeled “Use a proxy server for your LAN”, then uncheck the box. If the box is not check then Security Shield 2011 did not change the proxy settings and you can move on to the next step. Click Ok buttons to close.
Step 11:
IF Malwarebytes Anti-Malware will not start, double-click on the other renamed files until you find one will work, which will be indicated by a black DOS/command prompt window.
3. Follow the onscreen instructions to press a key to continue and Chameleon will proceed to download and install Malwarebytes Anti-Malware for you.
4. Once it has done this, it will update Malwarebytes Anti-Malware, and you’ll need to click OK when it says that the database was updated successfully.
5.Malwarebytes Anti-Malware will now attempt to kill all the malicious processassociated with Security Shield.Please keep in mind that this process can take up to 10 minutes
6.Next, Malwarebytes Anti-Malware will automatically open and perform a Quick scan for Security Shield malicious files.
7. After completing scan, click on Show Result
8. You will get a screen showing the malware infections that Malwarebytes Anti-Malware has detected.
Make sure that everything is Checked (ticked),then click on the Remove Selected button.
Security Shield is a computer infection from the same family as MS Removal Tool. This program is a long running infection that was first seen in 2010 when it was simply called Security Shield. In 2011 it changed its name to Security Shield 2011 and it is now called Security Shield 2012. Security Shield 2012 is categorized as a Rouge Antispyware program as it pretends to be an anti-virus program, but is actually a program that displays fake security alerts and scan results in order to make you think your computer is infected.Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue. Security Shield is installed through the use of malware that will install the program onto your computer without your knowledge or permission. When installed, the infection files will be created in a random named folder in c:\Documents and Settings\<UserProfile>\Local Settings\Application Data\, in XP, or C:\Users\<UserProfile>\AppData\Local\, in Windows Vista and Windows 7. It will then be configured to start automatically when you login to your computer. You are strongly advised to follow our removal instructions below.
This Is how Security Shield Virus Look like:
You will get these warnings:
How Can I Remove Security Shield 2012 or Security Shield
Registration codes for Security Shield
As an optional step,you can use the following license key to register Security Shield and stop the fake alerts.
Security Shield License Key: 64C665BE-4DE7-423B-A6B6-BC0172B25DF2
Please keep in mind that entering the above registration code will NOT remove Security Shield from your computer , instead it will just stop the fake alerts so that you’ll be able to complete our removal guide more easily.
Security Shield Removal Steps
Step 1: Turn Off the Infected Computer
Step 2: Find your F8 button on the keyboard. F8 is conventionally situated on the top row of the keyboard. Prepare yourself to tap F8 Key immediately on the following step.
Eg:
Step 3: Turn ON the infected computer and press F8 until the WINDOWS ADVANCED OPTIONS MENU pops up.
Step 4: Click down the WINDOWS ADVANCED OPTIONS MENU using the down key on the keyboard and highlight SAFE MODE WITH NETWORKING. Hit ENTER.
eg:
Step 5: After getting safemode with networking,Click and hold down the WINDOWS KEY on the keyboard. This key is commonly located to the left side of the space bar next to the control key and then press the R key. The RUN BOX will appear.
Step 6: Enter iexplore.exe in the RUN BOX. Click OK.
Step 7: Internet Explorer will now start. On the top navigation click TOOLS. Under the sub-menu of TOOLS click INTERNET OPTIONS.
Step 8: Choose the CONNECTIONS selection within the INTERNET OPTIONS box.
Step 9: Locate the LAN SETTINGS option and click it.
Step10: Locate the PROXY SERVER section. If there is a check-mark in the box labeled “Use a proxy server for your LAN”, then uncheck the box. If the box is not check then Security Shield 2011 did not change the proxy settings and you can move on to the next step. Click Ok buttons to close.
Step 11:
Remove Security Shield malicious files with Malwarebytes Anti-Malware
Malwarebytes Chameleon technologies will allow us to install and run a Malwarebytes Anti-Malware scan without being blocked by Security Shield.
1. Download Malwarebytes Chameleon from the below link, and extract it to a folder in a convenient location.
2. Make certain that your infected computer is connected to the internet and then open the Malwarebytes Chameleon folder, and double-click on the svchost.exe file.
IF Malwarebytes Anti-Malware will not start, double-click on the other renamed files until you find one will work, which will be indicated by a black DOS/command prompt window.
3. Follow the onscreen instructions to press a key to continue and Chameleon will proceed to download and install Malwarebytes Anti-Malware for you.
4. Once it has done this, it will update Malwarebytes Anti-Malware, and you’ll need to click OK when it says that the database was updated successfully.
5.Malwarebytes Anti-Malware will now attempt to kill all the malicious processassociated with Security Shield.Please keep in mind that this process can take up to 10 minutes
6.Next, Malwarebytes Anti-Malware will automatically open and perform a Quick scan for Security Shield malicious files.
7. After completing scan, click on Show Result
8. You will get a screen showing the malware infections that Malwarebytes Anti-Malware has detected.
Make sure that everything is Checked (ticked),then click on the Remove Selected button.
After your computer restarts, open Malwarebytes Anti-Malware and perform a Full System scan to verify that there are no remaining threats.
Step 12: Remove Security Shield rootkit with HitmanPro
In some cases,Security Shield will also install a rootkit on victims computer.To remove this rootkit we will use HitmanPro.
1.Download HitmanPro from the below link,then double-click on it to start this program.
HitmanPro will start and you’ll need to follow the prompts (by clicking on the Next button) to start a system scan with this program
2.HitmanPro will start scanning your computer for Security Shield malicious files as seen below.
3. Once the scan is complete,you’ll see a screen which will display all the infected files that this utility has detected, and you’ll need to click on Next to remove this malicious files.
4. Click Activate free license to start the free 30 days trial and remove all the malicious files from your computer.
Double check for any left over infections with Emsisoft Emergency Kit
1. You can download Emsisoft Emergency Kit from the below link,then extract it to a folder in a convenient location.
2. Open the Emsisoft Emergency Kit folder and double click EmergencyKitScanner.bat, then allow this program to update itself.
3. After the Emsisoft Emergency Kit has update has completed,click on the Menu tab,then selectScan PC.
4.Select Smart scan and click on the SCAN button to search for Security Shield malicious files.
5. When the scan will be completed,you will be presented with a screen reporting which malicious files has Emsisoft detected on your computer, and you’ll need to click onQuarantine selected objects to remove them.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.