My Security Shield


Call Toll Free in the US and Canada!


Remove My Security Shield. Description and removal instructions

 
Title: My Security Shield Also known as: MySecurityShield
Type: Spyware
Severity scale:  (72 / 100)
 

My Security Shield is a rogue anti-spyware program from the same family as Security Master AV and My Security Engine. Just like its predecessors, My Security Shield is promoted through the use of fake online scanners and other bogus websites or malware that displays fake security alerts on your computer. The scareware states that your PC is infected with spyware, adware and other viruses and that you should download and install My Security Shield in order to remove the infections. In reality, though, this is nothing more but a scam. And if you decide to install My Security Shield then it will make your computer almost unusable.

Once installed, the rogue program will install a variety of files on your computer that act as fake malware so that the program will find them while scanning. These files are: cid.drv, CLSV.tmp, DBOLE.exe, delfile.sys, fan.dll, grid.sys, kernel32.exe, kernel32.sys, PE.dll, PE.tmp, runddlkey.drv, SICKBOY.drv, std.dll, tempdoc.tmp, tjd.sys and other. All these files are located in %UserProfile%Recent folder.

While My Security Shield is running, it will automatically start scanning your computer and then will state that there are many infected files that should be removed, but this can be done only with a full version of the program. You may also find that your computer starts to become slower. Furthermore, My Security Shield will constantly display fake security alerts stating that your computer is infected and that you should purchase the program immediately to protect your computer. The text of some of these alerts are:


Warning! Virus detected
Threat Detected: Trojan-PSW.VBS.Half
Description: This is a VBScript-virus. It steals user’s passwords.

Memory access problem
WindowsErrorForm has encountered a problem at address 0x1FC408.
We are sorry for the inconvenience.
If you see this error again, operational information can be irrevocably lost.

As you can see, My Security Shield uses misleading methods to scare you into purhcasing the program. The removal guide below will walk you through removing the My Security Shield and any associated malware that may have been installed with it. You can remove this virus manually, but we strongly recommend you to use an automatic removal tool. Finally, if you have already purchased the bogus program then contact your credit card company and dispute the charges.


FORUM:
Discuss My Security Shield in
spyware removal forum

Related files: 4475.mof, mozcrt19.dll, MS345d_2129.exe, MSS.ico, sqlite3.dll, vd952342.bd, MSJYQMS.cfg, My Security Shield.lnk, cookies.sqlite, Instructions.ini, cid.drv, CLSV.tmp, DBOLE.exe, delfile.sys, fan.dll, grid.sys, KERNEL32.exe, kernel32.sys, PE.dll, PE.tmp, runddlkey.drv, SICKBOY.drv, std.dll, tempdoc.tmp, tjd.sys

My Security Shield properties:
• Changes browser settings
• Shows commercial adverts
• Connects itself to the internet
• Stays resident in background

My Security Shield snapshot:

Automatic My Security Shield removal:

remover for My Security Shield

My Security Shield manual removal:

Kill processes:
MS345d_2129.exe

HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\Software\3
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\MS345d_2129.DocHostUIHandler
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=2129&q={searchTerms}”
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=2129&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PRS” = “http://127.0.0.1:27777/?inj=%ORIGINAL%”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0SER AGENT\POST PLATFORM “CONTROL/7.02129”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “My Security Shield”
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=2129&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = “no”

HELP:
how to unregister malicious DLLs

Delete files:
4475.mof mozcrt19.dll MS345d_2129.exe MSS.ico sqlite3.dll vd952342.bd MSJYQMS.cfg My Security Shield.lnk cookies.sqlite Instructions.ini cid.drv CLSV.tmp DBOLE.exe delfile.sys fan.dll grid.sys kernel32.exe kernel32.sys PE.dll PE.tmp runddlkey.drv SICKBOY.drv std.dll tempdoc.tmp tjd.sys

HELP:
how to remove harmful files

Delete directories:
c:\Documents and Settings\All Users\Application Data\345d567\
c:\Documents and Settings\All Users\Application Data\MSHBXRCOBWS\
%UserProfile%\Application Data\My Security Shield\