My Security Shield
Posted: August 5, 2010
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 54 |
First Seen: | August 6, 2010 |
---|---|
Last Seen: | February 16, 2023 |
OS(es) Affected: | Windows |
My Security Shield tries to look like a real anti-malware program, but My Security Shield's functions are strictly devoted to creating junk files and making hoax displays of fake infection results. This rogue anti-malware program shares many traits in common with other malware, since My Security Shield is based off of preexisting rogue anti-malware threats – My Security Shield will corrupt the Windows registry, force imitation scans that always return poor results and pester you into 'registering' My Security Shield. My Security Shield has no purpose being on anyone's PC, let alone purchased, since My Security Shield's functions are only irritants at best and security risks at worst!
My Security Shield's Malware that Makes Its Own Infections
My Security Shield is closely related to such previous rogue anti-malware threats as Virus Doctor, Security Master AV and My Security engine; all these applications share behavior and coding even if their names and appearances differ. Most rogue anti-malware applications add entries to the registry to run during system startup, and My Security Shield follows in this path worn by My Security Shield's predecessors. Any computer that has a My Security Shield infection will probably be forced into letting the rogue anti-malware product go through a show of a system scan after each reboot.
My Security Shield also uses error messages like the following to supplement My Security Shield's scans:
Warning! Virus detected
Threat Detected: Trojan -PSW.VBS.Half
Description: This is a VBScript-virus. It steals user's passwords.
Warning! Access conflict detected!
An unidentified program is trying to access system process address space.
Process Name: AllowedForm
Location: C:\Windows\…\notepad.exe
Warning! Identity theft attempt detected
Memory access problem
WindowsErrorForm has encountered a problem at address 0x1FC408.
We are sorry for the inconvenience.
If you see this error again, operational information can be irrevocably lost.
There are no unidentified programs, viruses or other threats on your system, however... at least, none that My Security Shield can detect! In fact, My Security Shield will actually create useless files in your %UserProfile%\Recent\ folder just so it has something to declare to be an infection. After all that, it should be obvious that deleting My Security Shield, not purchasing it, is what you need to do if it's invaded your hard drive.
Punishing My Security Shield for Its Intrusion
Any machine running Windows 2000, 9x, Vista or Windows 7 is at risk of infection by My Security Shield. Removing My Security Shield should be done only after My Security Shield and any other malware are all shut down, since active malware can bypass standard quarantine and deletion procedures.
The majority of rogue anti-malware applications are delivered by Trojans, so keep one eye peeled for other malware while you get rid of My Security Shield. Kicking one problem out while missing the other may only require you to go through the entire process again when the Trojan drops a second rogue anti-malware threat.
My Security Shield belongs to the FakeVimes family, which includes members such as Privacy Guard Pro, PrivacyGuard Pro 2.0, Extra Antivirus, Fast Antivirus 2009, Presto TuneUp, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, Live PC Care, PC Live Guard, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus and Smart Security.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:file.exe
File name: file.exeSize: 3.04 MB (3043328 bytes)
MD5: 351a5543add0d8d60703932e1b4ac96f
Detection count: 88
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 16, 2013
Registry Modifications
File name without pathMy Security Shield.lnk
Additional Information
# | Message |
---|---|
1 | Warning! Virus detected
Threat Detected: Trojan-PSW.VBS.Half Description: This is a VBScript-virus. It steals user's passwords. Memory access problem WindowsErrorForm has encountered a problem at address 0x1FC408. We are sorry for the inconvenience. If you see this error again, operational information can be irrevocably lost. |
When i do Alt+CTRL+Delete it doesent come up with procssess? :S
Just in case anyone else cant find the Registry keys in the location described above, I found it in "HKEY_CURRENT_USER\Software\My Security Shield."
Thanks for helping me get rid of this!
When I type in the instructions for opening the Task Manager nothing happens. What am I doing wrong?
Please delete this viruis from my computer you. Thank you
GRACIAS POR LA AYUDA.
i finally found it in my HKY_USERS - I HAD TO DO A SEARCH FOR IT, BU T I GOT IT AND BELIEVE IT IS GONE YEAH!
Once viruses wouldn't let me go anywhere I decided to purchase My Security Shield, though never heard of it before. Unlike the persons who posted a comment above My Security Shield had cleaned up my system from all the crap and I'm quite satisfied with it so far.
Also why didn't you used the support service? I did it and it helped me a lot.