Your computer is infected with malicious software? Do you have pop-ups on your PC?
If so, search this blog for removal instructions or browse computer threats by category.

Thursday, December 9, 2010

How to Remove Security Shield (Removal Guide)

Tell your friends:
Security Shield is a rogue anti-spyware program that gives exaggerated reports of infections on your computer. It performs a fake system scan and states that your computer is infected with trojans, adware, worms and other malicious software. After the fake scan it will prompt you to activate the program in order to remove supposedly found malware. If you choose to purchase this bogus program you will be redirected to a predefined web page and perform a payment transaction. Do not buy it; otherwise you will give your credit card details to cyber criminals. If you have this rogue program on your computer, please follow the step in the removal guide below to remove Security Shield for free using legitimate anti-malware software.

New graphical user interface (Security Shield 2011)


Old graphical user interface



While Security Shield is running, it will display fake security warnings and notifications saying that malware is trying to steal your passwords and send them to a remote server. Some of the fake security alerts will display the following information:


Security Shield Warning
Spyware.IEMonster activity detected. This form of spyware attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other commonly used programs. Click here to immediately remove it with Security Shield.

Security Shield Warning
Intercepting malicious software that may violate your privacy and harm your computer has been detected. Click here to remove now with Security Shield.


Furthermore, Security Shield 2012 will block certain programs on your computer, e.g. task manager, command prompt, registry editor and security software saying that you have chosen to open a program which is infected and may cause serious problems. The fake warning that you will see when you attempt run a program is:
Security Shield
"taskmgr.exe" is infected with "Worm.Win32.Autorun.bnb". Do you want to register your copy and remove all threats now?


Security Shield may also hijack your web broswers and redirect you to various malicious websites full of adware and other malicious software. It also displays fake virus attack warning in Internet Explorer:



 SecurityShield is from the same family as Security Tool rogue. As you can see, Security Shield is is nothing more but a scam. If you have already purchased this bogus program, please contact your credit card provider and dispute the charges. Then please follow the removal instructions below to remove Security Shield from your computer. If you have any questions or additional information about this malware, please leave a comment. Good luck and be safe online!


Quick removal:

1. You can use this debugged serial key 64C665BE-4DE7-423B-A6B6-BC0172B25DF2 to register Security Shield in order to stop the fake security alerts that are really annoying. Just click the Register button and then select "Activate manually". Don't worry, this is completely legal.



Once this is done, you are free to install anti-malware software and remove the rogue anti-virus program from your computer properly.

2. Download recommended anti-malware software and run a full system scan to remove Security Shield from your computer.


Alternate Security Shield removal instructions:

1. Delete Security Shield files manually. Go into:
  • C:\Documents and Settings\[User Name]\Local Settings\Application Data\ (Windows XP)
  • C:\Users\[User Name]\AppData\Local\ (Windows Vista/7)
Note: by default, Application Data folder is hidden. If you can't see such folder/files, please read Show Hidden Files and Folders in Windows

2. Find hidden executable file in this folder. In our case it was called ufoesziizo.exe, but I'm sure that the file name will be different in your case. Rename ufoesziizo.exe to virus.exe and click Yes to confirm file rename. Then restart your computer.



3. Download recommended anti-malware software and run a full system scan to remove this virus from your computer.

NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.


Security Shield removal instructions:

Download recommended anti-malware software and run a full system scan to remove this virus from your computer.

NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.

If you can't download it, please reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Open Internet Explorer and download Spyware Doctor. Once finished, run the setup. That's It!


NOTE: Login as the same user you were previously logged in with in the normal Windows mode.



Security Shield associated files and registry values:

Files:

Windows XP:
  • C:\Documents and Settings\[User Name]\Local Settings\Application Data\[SET OF RANDOM CHARACTERS].exe
Windows Vista/7:
  • C:\Users\[User Name]\AppData\Local\[SET OF RANDOM CHARACTERS].exe
Registry values:
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "[SET OF RANDOM CHARACTERS]"
Share this information with other people:

31 comments:

Héctor said...

Perfect!!

Thanks a lot.

Anonymous said...

It worked. I had a hard time deleting it or downloading correcting program because it had taken over completely. I found the answer, but hate to let it out publicly because if they monitor your site they will take counter action to prevent it. Please post where we can contact you in private to let you know the secret.

Anonymous said...

Thank you i think i removed it

Anonymous said...

Thanks very much. I removed this malware!!!!

Anonymous said...

Muhcas gracias el metodo manual es bueno sencillo y rapido agradesco el TIP

Anonymous said...

I'm on it now, seems to be working so far. Thank you so much!

Anonymous said...

Thank you man. I used your method and managed to remove this malware from hell. I am Brazilian and I could not find any efficient method to remove that crap, I had to resort to foreign sites to pull it off. Thanks again

Anonymous said...

OH MY DEAR LORD!

Truelly amazing, never expected to work, I'm so gracefull to you guys!!!

Keep this website running no matter what!

Very many thanks and kind regards,
Ravi

Anonymous said...

Thank you for the advice, it really worked >>>

Keep up the good work......

SJOSE said...

Muchisimas gracias, consegui eliminarlo del todo. GRACIAAAAAAAAAASSSS.

Anonymous said...

Works as described, Thanks Ron.

Anonymous said...

thanks very2 much!!
the last method is the simplest but working!

Anonymous said...

thank you very much. Could not remove this malware from hell, it blocked my internet access and other programs. Had to use my other computer to follow instructions on this site. It works!!
thanks, kind regards

Anonymous said...

it's worked!!!


thanks very-very alot

Anonymous said...

OMG!!!!....thanks soooo much!

Leah said...

Perfect Perect Help. THANK YOU.

Diego said...

This program took over my PC. Thank you so muchIt worked! You are dynamite.

There needs to be a movement to punish these peeps who producer this malicious software.

Anonymous said...

I dont know how to say thanks but for those who are reading this blog i would say this is a total solution for the security sheild virus..my life was screwed up due to this virus.. And the tutorials in this blog solved my problem... Heads up for such a great work..

Anonymous said...

i cant find the security shield icon or program in my computer to remove it, and it keep coming up. i really need help this, my laptop is my life. please how can i contact the one who posted this? :c pleaseeeeeeeee

Anonymous said...

thank you so much!

Alexx said...

The version I got cleverly denied my access to c:\DOcuments and Settings, and shuts down cmd as well.

Anonymous said...

Great. This really worked.. Thanks,

Anonymous said...

DUDE! thank you! Anatomy lecture would have sucked if this thing kept popping up. was about the hurl my laptop into the wall. Im running Microsoft security essentials atm to see if that works. if not ill dl malware bytes or however its spelled. btw you sound like Agent Smith from the Matrix haha. good job though hah!

Anonymous said...

attempting a manual removal method, seeing if that works since my parents have yet to give me the full admin rights....

Adão Aguiar said...

Obrigado por sua ajuda!!
Tenho certeza de que este trabalho ajudará muitas pessoas.
Parabéns.

Anonymous said...

im not sure if its clean theres still a file in tempo doesnt delete.. thnx .. i hope its clean

Anonymous said...

I think this has done it. There came a "Your system is now clean, would you like to reboot now?" message that made me jump a bit but otherwise I think your code worked. THANK YOU!

Anonymous said...

Tks a lot. I just removed the .exe file from Local folder and it worked !

Anonymous said...

Thank you soooo soooo sooooo much! I don't know how the hell I got this! You're a lifesaver!

Yuki said...

It work ! Big Thanks !

flabutza said...

cool!thx a lot :***