Home Malware Programs Rogue Anti-Virus Programs My Security Shield

My Security Shield

Posted: August 5, 2010

Threat Metric

Threat Level: 10/10
Infected PCs: 54
First Seen: August 6, 2010
Last Seen: February 16, 2023
OS(es) Affected: Windows

ScreenshotMy Security Shield tries to look like a real anti-malware program, but My Security Shield's functions are strictly devoted to creating junk files and making hoax displays of fake infection results. This rogue anti-malware program shares many traits in common with other malware, since My Security Shield is based off of preexisting rogue anti-malware threats – My Security Shield will corrupt the Windows registry, force imitation scans that always return poor results and pester you into 'registering' My Security Shield. My Security Shield has no purpose being on anyone's PC, let alone purchased, since My Security Shield's functions are only irritants at best and security risks at worst!

My Security Shield's Malware that Makes Its Own Infections

My Security Shield is closely related to such previous rogue anti-malware threats as Virus Doctor, Security Master AV and My Security engine; all these applications share behavior and coding even if their names and appearances differ. Most rogue anti-malware applications add entries to the registry to run during system startup, and My Security Shield follows in this path worn by My Security Shield's predecessors. Any computer that has a My Security Shield infection will probably be forced into letting the rogue anti-malware product go through a show of a system scan after each reboot.

My Security Shield also uses error messages like the following to supplement My Security Shield's scans:

Warning! Virus detected
Threat Detected: Trojan -PSW.VBS.Half
Description: This is a VBScript-virus. It steals user's passwords
.

Warning! Access conflict detected!
An unidentified program is trying to access system process address space.
Process Name: AllowedForm
Location: C:\Windows\…\notepad.exe

Warning! Identity theft attempt detected
Memory access problem
WindowsErrorForm has encountered a problem at address 0x1FC408.
We are sorry for the inconvenience.
If you see this error again, operational information can be irrevocably lost.

There are no unidentified programs, viruses or other threats on your system, however... at least, none that My Security Shield can detect! In fact, My Security Shield will actually create useless files in your %UserProfile%\Recent\ folder just so it has something to declare to be an infection. After all that, it should be obvious that deleting My Security Shield, not purchasing it, is what you need to do if it's invaded your hard drive.

Punishing My Security Shield for Its Intrusion

Any machine running Windows 2000, 9x, Vista or Windows 7 is at risk of infection by My Security Shield. Removing My Security Shield should be done only after My Security Shield and any other malware are all shut down, since active malware can bypass standard quarantine and deletion procedures.

The majority of rogue anti-malware applications are delivered by Trojans, so keep one eye peeled for other malware while you get rid of My Security Shield. Kicking one problem out while missing the other may only require you to go through the entire process again when the Trojan drops a second rogue anti-malware threat.

My Security Shield belongs to the FakeVimes family, which includes members such as Privacy Guard Pro, PrivacyGuard Pro 2.0, Extra Antivirus, Fast Antivirus 2009, Presto TuneUp, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, Live PC Care, PC Live Guard, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus and Smart Security.

ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



file.exe File name: file.exe
Size: 3.04 MB (3043328 bytes)
MD5: 351a5543add0d8d60703932e1b4ac96f
Detection count: 88
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 16, 2013

Registry Modifications

The following newly produced Registry Values are:

File name without pathMy Security Shield.lnk

Additional Information

The following messages's were detected:
# Message
1Warning! Virus detected
Threat Detected: Trojan-PSW.VBS.Half
Description: This is a VBScript-virus. It steals user's passwords.

Memory access problem
WindowsErrorForm has encountered a problem at address 0x1FC408.
We are sorry for the inconvenience.
If you see this error again, operational information can be irrevocably lost.

7 Comments

  • Sam says:

    When i do Alt+CTRL+Delete it doesent come up with procssess? :S

  • ls85 says:

    Just in case anyone else cant find the Registry keys in the location described above, I found it in "HKEY_CURRENT_USER\Software\My Security Shield."

    Thanks for helping me get rid of this!

  • joseph says:

    When I type in the instructions for opening the Task Manager nothing happens. What am I doing wrong?

  • R eleanora says:

    Please delete this viruis from my computer you. Thank you

  • erick vergara says:

    GRACIAS POR LA AYUDA.

  • Brooke says:

    i finally found it in my HKY_USERS - I HAD TO DO A SEARCH FOR IT, BU T I GOT IT AND BELIEVE IT IS GONE YEAH!

  • Luc says:

    Once viruses wouldn't let me go anywhere I decided to purchase My Security Shield, though never heard of it before. Unlike the persons who posted a comment above My Security Shield had cleaned up my system from all the crap and I'm quite satisfied with it so far.
    Also why didn't you used the support service? I did it and it helped me a lot.

Loading...