Posts Comments

You are here: Home / Virus Removal / My Security Shield

Virus RemovalIf You Need Expert Help we recommend you hire a Ninja! Ninja's are well trained in the art of virus removal and can remove all threats from your computer right now. See this Computer Repair site or check out www.pcninja.com for live help.

My Security Shield

August 16, 2010 By 7 Comments

Description: My Security Shield is a notorious rogue anti-malware program related to such heavyweights in the malware field as Security Master AV, Virus Doctor and My Security Engine.

It attempts to trick users into purchasing a software license that is completely fake. My Security Shield gets installed on a user’s system via Trojan viruses that get downloaded through bogus websites which claim to have security scanners and along with fake video codec packs. Once installed, My Security Shield disables all security software present on the system along with essential system tools such as Windows Task Manager and Registry Editor, and proceeds to load at startup. It then performs fake security scans on the system, returning false results that claim that the computer is severely infected with malicious software.

It also displays a large number of fake pop-ups from the Windows taskbar, which warn the user of potential ‘threats’ to the computer. Meanwhile, My Security Shield constantly request the user to purchase the ‘full’ version of the software, claiming that the currently installed ‘trial’ version of My Security Shield is insufficient to completely clean the system. However, it is important to note that My Security Shield is a fake application and therefore its so-called ‘full’ version is just as incapable of scanning or cleaning any system as the ‘trial’ version.

My Security Shield

My Security Shield

» Download My Security Shield Removal Software

As soon as you find a copy of this malicious program on your system, you should take steps to immediately remove My Security Shield. For My Security Shield removal, it is necessary to stop processes, unregister DLLs, delete files and folders and remove registry entries.

Automatic My Security Shield Removal

Online My Security Shield Removal Service

computer repair

Remove Proxy Setting so You Can Connect to the Internet Again.

Proxy Settings

My Security Shields Removal Video

This text will be replaced


My Security Shield Manual Removal Procedures

The first step you need to take in order to remove My Security Shield is to stop the following processes from execution:

  • MS345d_2129.exe
  • DBOLE.exe
  • kernel32.exe

Next, it is necessary to unregister the following DLL files to ensure My Security Shield removal:

  • mozcrt19.dll
  • sqlite3.dll
  • fan.dll
  • PE.dll
  • std.dll

The next step you need to take in order to delete My Security Shield is to delete the following files and folders:

Windows XP:

  • c:Documents and SettingsAll UsersApplication Data345d567
  • c:Documents and SettingsAll UsersApplication Data345d5674475.mof
  • c:Documents and SettingsAll UsersApplication Data345d567mozcrt19.dll
  • c:Documents and SettingsAll UsersApplication Data345d567MS345d_2129.exe
  • c:Documents and SettingsAll UsersApplication Data345d567MSS.ico
  • c:Documents and SettingsAll UsersApplication Data345d567sqlite3.dll
  • c:Documents and SettingsAll UsersApplication Data345d567BackUp
  • c:Documents and SettingsAll UsersApplication Data345d567MSSSys
  • c:Documents and SettingsAll UsersApplication Data345d567MSSSysvd952342.bd
  • c:Documents and SettingsAll UsersApplication Data345d567Quarantine Item
  • c:Documents and SettingsAll UsersApplication DataMSHBXRCOBWS
  • c:Documents and SettingsAll UsersApplication DataMSHBXRCOBWSMSJYQMS.cfg

Windows Vista/Windows 7:

  • %UserProfile%Application DataMicrosoftInternet ExplorerQuick LaunchMy Security Shield.lnk
  • %UserProfile%AppDataMy Security Shield
  • %UserProfile%AppDataMy Security Shieldcookies.sqlite
  • %UserProfile%AppDataMy Security ShieldInstructions.ini
  • %UserProfile%DesktopMy Security Shield.lnk
  • %UserProfile%Recentcid.drv
  • %UserProfile%RecentCLSV.tmp
  • %UserProfile%RecentDBOLE.exe
  • %UserProfile%Recentdelfile.sys
  • %UserProfile%Recentfan.dll
  • %UserProfile%Recentgrid.sys
  • %UserProfile%Recentkernel32.exe
  • %UserProfile%Recentkernel32.sys
  • %UserProfile%RecentPE.dll
  • %UserProfile%RecentPE.tmp
  • %UserProfile%Recentrunddlkey.drv
  • %UserProfile%RecentSICKBOY.drv
  • %UserProfile%Recentstd.dll
  • %UserProfile%Recenttempdoc.tmp
  • %UserProfile%Recenttjd.sys
  • %UserProfile%Start MenuMy Security Shield.lnk
  • %UserProfile%Start MenuProgramsMy Security Shield.lnk

After these steps have been completed My Security Shield no longer resides on your hard disk. While following the mentioned procedures may proof indeed efficient it is still recommended to conduct a full system scan using genuine antivirus software such as Spyware Doctor with Antivirus. In this way, unknown or yet undetected threats that may still reside on your PC can be discovered and neutralized professionally without taking any risk of damaging personal data or sensitive operating system files.

If you find this threat too hard to remove yourself and need an expert we recommend www.pcninja.com . They charge far less than others and are great at what they do.

My Security Shield Registry Removal Procedures

Removing files and folders is not enough to ensure complete My Security Shield removal. To completely remove My Security Shield, you need to delete the following keys and settings from the Windows Registry:

  • HKEY_CURRENT_USERSoftware3
  • HKEY_CLASSES_ROOTCLSID{3F2BBC05-40DF-11D2-9455-00104BC936FF}
  • HKEY_CLASSES_ROOTMS345d_2129.DocHostUIHandler
  • HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerSearchScopes "URL" = "http://findgala.com/?&uid=2129&q={searchTerms}"
  • HKEY_CURRENT_USERSoftwareClassesSoftwareMicrosoftInternet ExplorerSearchScopes "URL" = "http://findgala.com/?&uid=2129&q={searchTerms}"
  • HKEY_CURRENT_USERSoftwareMicrosoftInternet Explorer "PRS" = "http://127.0.0.1:27777/?inj=%ORIGINAL%"
  • HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload "RunInvalidSignatures" = "1"
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings5.0User AgentPost Platform "control/7.02129"
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "My Security Shield"
  • HKEY_CLASSES_ROOTSoftwareMicrosoftInternet ExplorerSearchScopes "URL" = "http://findgala.com/?&uid=2129&q={searchTerms}"
  • HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload "CheckExeSignatures" = "no"

You should now run a full security scan to ensure no other threats are installed on your computer if you have not already done so.

My Security Shield Directories:

Vista / Windows 7

  • %UserProfile%AppDataMy Security Shield

XP

  • c:Documents and SettingsAll UsersApplication Data

Conclusion

It is not recommended for inexperienced users to attempt to remove My Security Shield, as any mistake on your part could cause damage to the operating system. Therefore inexperienced users are advised to use an online repair service such as www.pcninja.com or legitimate antivirus software such as Spyware Doctor with Antivirus to completely and safely delete My Security Shield.

Related Article Keywords: My Security Shield, Remove My Security Shield, My Security Shield Removal, How to Remove My Security Shield

VN:F [1.9.10_1130]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.10_1130]
Rating: 0 (from 0 votes)
Filed Under: Virus Removal Tagged With: , , , ,
  • technical admin

    The guides are as user friendly as we can make them with out them being 10 pages long.

    We have step by step instructions in the How to Guides section of our website. There you will find more detailed guides that will walk you though exactly how to stop a running process, how to edit the registry and the like. Give that section a try if you do not know or understand what the guide is telling you to do.

    VA:F [1.9.10_1130]
    Rating: 0.0/5 (0 votes cast)
    VA:F [1.9.10_1130]
    Rating: 0 (from 0 votes)
  • Anonymous

    I was trying to remove this particular spyware… and could not get the spyware doctor to run. I tried installing it two separate ways, as was recommended… I installed it from a file downloaded from my laptop onto a pen drive, and then attached to the infected pc… but it would not run. I also could not get the Task manager to run on the infected pc. I also looked for the infected files and Registry errors as well and had no luck. But i get the annoying pop ups, and i have seen the very same page as what you show here in your first picture. I am on an XP machine… please if you could assist me I would be grateful.

    VA:F [1.9.10_1130]
    Rating: 0.0/5 (0 votes cast)
    VA:F [1.9.10_1130]
    Rating: 0 (from 0 votes)
  • Anonymous

    I am having trouble my security shield removal can you please take me step by step using user friendly context. For example where would I start to execute the stopping of the following exercises without the virus interfering: MS345d_2129.exe,
    DBOLE.exe. and kernel32.exe. If you can this would be very helpful.

    VA:F [1.9.10_1130]
    Rating: 0.0/5 (0 votes cast)
    VA:F [1.9.10_1130]
    Rating: 0 (from 0 votes)
  • technical admin

    Boot into safe mode with networking and download and install both Spyware Doctor with Antivirus and Malwarebytes. We have links to both on this site.

    Run them both in safe mode and then manually remove whatever the SDA client finds and just hit the remove button for what the MBMA client finds.

    You can also follow the manual guide in safe mode as well. The paths should be very close to what is on your computer

    VA:F [1.9.10_1130]
    Rating: 0.0/5 (0 votes cast)
    VA:F [1.9.10_1130]
    Rating: 0 (from 0 votes)
  • no-virus

    thank you for this info

    VA:F [1.9.10_1130]
    Rating: 0.0/5 (0 votes cast)
    VA:F [1.9.10_1130]
    Rating: 0 (from 0 votes)
  • wildwestgoh

    I used the “My Security Shield removal tool”, it does good job removing those processes and source, but I can’t run task manager nor the antivirus that I installed, both in normal and safe mode, is there anyway to restore that?

    If possible reply to my email, thanks a bunch.

    VA:F [1.9.10_1130]
    Rating: 0.0/5 (0 votes cast)
    VA:F [1.9.10_1130]
    Rating: 0 (from 0 votes)
  • technical admin

    I am unfamiliar with a security product called “My Security Shield removal tool”. Who is the maker?

    That program is obviously lacking if it did not restore your access to the Task Manager. My guess is it also did not restore access to System Restore and possibly regedit.

    we need more information about your security product that you can not run. What is the name of the product. Is it a paid or free client and your operating system. If you can provide us that information we should be able to provide some guidance.

    Also have you already followed the manual guide to ensure this virus has been removed? Are you able to install the SDA client and run a scan with that to see if you did indeed remove all the threats?

    VA:F [1.9.10_1130]
    Rating: 0.0/5 (0 votes cast)
    VA:F [1.9.10_1130]
    Rating: 0 (from 0 votes)
RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.