Security Shield is a rogue security product that pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application. VIPRE detects it as SecurityShield.
Security Shield graphic user interface:
(click on graphic to enlarge)
Security Shield fake warning screen:
(click on graphic to enlarge)
Security Shield fake firewall alert screen:
(click on graphic to enlarge)
How to remove Security Shield:
If Security Shield has infected your pc, you should remove it immediately. Click here to use VIPRE to remove Security Shield from your computer now.
It will not let this cleaner run... what should I do?
ReplyDeleteHi Kim,
ReplyDeleteYou should run VIPRE Rescue in SafeMode. Here are instructions on how to download onto a thumb drive and how to boot and run the program in Safe Mode:
http://live.sunbeltsoftware.com
To register (and help removal), copy paste this code: 64C665BE-4DE7-423B-A6B6-BC0172B25DF2
ReplyDeleteI have run this program but still have this awful
ReplyDeleteprogram. what do i do to get rid of this?
Hi Marcia,
ReplyDeleteIf you ran the VIPRE Rescue and still have the infection. You should try the free MalwareBytes scan.
Can we sue the people who made this because of repetitive, forced publicity? It's illegal isn't it?
ReplyDeleteHi Alexandre O,
ReplyDeleteMy computer became infected the same day as yours & not sure how I got it. I have been trying the recommended MalwareBytes scan, but Security Shield keeps popping up & won't let it run. Was wondering if you had any luck.....
Kimberly,
ReplyDeleteDid you run the VIPRE Rescue program in safe mode?
The rogue is preventing you from running security software unless you are in safe mode. You can also check out bleepingcomputer.com on for other methods to remove this rogue.
Another thought is if you purchase VIPRE for $29.95 you will get free tech support and malware remove assistance with your purchase. If they can't remove the malware, you can get 100% refund.
is there anyway i can do it manually or get it taken off for free? i dont have a credit card to pay for the software
ReplyDeleteSaw this in the wild yesterday - client was infected from an email attachement
ReplyDeletesee http://www.petenetlive.com/KB/Article/0000183.htm for details
Pete
I got it myself! YES! listen- here's how you do it... I was looking around at some things to try and remove it, I'm 14 and pretty good with batch javascript jaca html and some C++, so all in all a good programmer. I went here... I found online that this is where it installs. Go to start>mydocuments at the bar at the top type in
ReplyDeleteC:\Documents and Settings\yourcomputerusername\Local Settings\Application Data then go down and find the thing that has the icon of security shield. It will not let you delete it. Rename is to "crappyshittyshit.txt" MAKE SURE TO USE.txt. I tried editing it in notepad and erasing it then saving, but it wouldn't let me save because it was running. Disconnect from your internet, and double click or on the security shield icon down at the bottom by the time. Then exit, and double click again. Go to settings, uncheck a few things, and click change or whatever it says(it's removed now and I can't remember). then say no and exit it all and click about 5 times on the icon at the bottom next to the time. It will ask you to connect to the internet (which is why you disconnect) and hit stay offline and it will say "...encountered a problem and needs to close". You then have like 10 seconds to rightclick the file we got to above and click delete. Then it's gone. Remove it from your start menu. Whew
I have ran this program 3 times and it will not get rid of Security Sheild.....also ran Malware. No luck! What now???
ReplyDeletedoes anyoone know anything about web root? will it remove security shield? i clicked on rhapsody to listen to a tina marie song and instantly this security shield took control of my computer loaded itself on my computer and even task manager cant stop it and it is not shoing in my system files. i am running web root now want to use viper but am afraid to uninstall web root because of this security shield rogue programviper says you have to uninstall any programs to run viper.
ReplyDeleteJustjo,
ReplyDeletePlease call our free tech support they will help you remove this infection from your PC:
Telephone
Consumer Support: 877-673-1153
Worldwide: 1-727-562-0101 Ext 500
I had this on a workstation today, I entered the registration code that S!R! posted, was then able to "exit" the application with the tray icon. Once the S.S. was shutdown I was able to run Malewarebytes to rid the machine of this annoyance.
ReplyDeleteThanks a ton S!R!
the registration code worked for me as well! thank you so much!!
ReplyDeletei have it! dont need 2 install anything!
ReplyDeleteEZ PZ PUMPKIN SQUEEZY!
1.disconnect from ur internet
2.put "security..." into the COMPUTER serch engine. do not click on the icon, click on the area (documents 4 ex.) tht the icon is stored in.
3.right click on the icon and click on open file location
4.rename it whatever u like -just remember the name and use ".txt" at the end of the name.
5.go to the bottom right hand of ur screen by the time, open the program.
6.go 2 settings, unclick all the things tht were checked, DO NOTHING BUT exit out.
7.restart ur computer.
once restarted, do step 2 again, right click and delete it. :D have fun with ur computer again! ;] -Ruby 15 yr old. c? teens r good 4 something right? :)
I was able to remove Security Shield from my computer by restarting in safe mode, choosing, system restore & selecting a date & time prior to that when Security Shield invaded my computer.
ReplyDeleteIt was as simple as that.
Malware? Wikipedia says there is a FAKE version of this, which can cause just as much damage. HELP!!!
ReplyDeleteIt was easy for me after reading how alexkolozsygames led me to where the
ReplyDeleteexe file was.
I simply went to C:\Documents and Settings\yourcomputerusername\Local Settings\Application Data found file
RtkBtMnt.exe changed the .exe to .txt
deleated file and rebooted file was gone.
This system messed my computer,i know my computer is free of virus but it is telling me that i am unprotected and my PC is full of virus.tell me what i have to do,please please!
ReplyDeleteThis thing has messed up my puter too. I tried doing what ruby and alexkolozsygames said but I don't have a security shield icon next to my clock on the bottom of the screen....and I don't know anything about computers....Can anyone help me?
ReplyDeleteTried for ages last night to get rid of this thing but no success. Did what alexkolozsygames and ruby suggested and it worked first time !!!
ReplyDeleteThanks for the help xx :)
I did what bryanvanalst did, and i'm good
ReplyDeleteMy computer was infested with this virus. I tried to install whatever this is in safe mode and it would not let me. I ran a full system can of Norton and it did not pick up the virus. It connected me with Norton online support and they took over my comuter and solved the problem with no charge.. If you have Norton I would definately go this route.. It was very easy and quick, I did nothing but watch... Problem solved!!!
ReplyDeleteNeed help ASAP. The virus has taken over my computer. I can no longer use the internet, run any type of virus scans or restore the computer from a checkpoint. I think I deleted the virus but problems are still there. I have a vista and I'm really not that computer savvy. Any help on how to fix this manually is much appreciated. If anyone can get back to me, I'm at my college right now typing this. Thanks
ReplyDeleteSimply restart in safe mode... holding F8 whilst posting/booting .. or from typing msconfig in search box.. start in safe mode and do a system restore to a point before this evil little program showed up..
ReplyDeleteuse onecare scanner in google thats how i got it off takes a few hours for it to leave but its the best way that how i did it its free of charge from microsoft
ReplyDeleteThis just happened to me about 15 minutes ago!!! Believe me when i say that i am NOT computer literate and that it is actually really easy to fix i promise!
ReplyDeleteOne minute i accidently clicked on an ad from a Google search result and next minute i get the rather professional looking pop up as pictured above, of Security Sheild software telling me frantically that my computer was being invaded by all sorts of nasties and to download the software. Then there was a blue and red shield in the bottom of my screen and a infuriating pop up every 30 seconds telling me to download the Security Sheild ... this is a work laptop so obviously my first thought 'oh god i am in so much trouble'
What you need to do is a system restore, which basically means you can restore your computer to how it was at a particular time before the Security Sheild invaded.
I have Windows Vista software installed on my laptop but this should hopefully work for everyone.
Restart your computer and when it sounds like it is beginning to whurl and start up press and hold F8.
This will bring you to a black screen and you want to use your down arrow to highlight and select Safe Mode, then click the enter key.
When you start your computer in Safe Mode is looks almost identical if not a little fuzzy from your normal desktop and you should have a box greeting you explaining the options to you in Safe Mode.
You need to scroll through the information in the box and find where it explains all about system restores this should be a clickable piece of text underlined in blue, so click and it will open another box with your system restore options.
You want to find a list of all your computers automatic system restores (your computer does an automatic save an various intervals when you are using it that you might not be aware of but it does as a type of backup)
For example my computer was Security Shield invaded at 3.30ish today so i selected the system restore time of 3.08 knowing that would be the best one.
Once you have chosen the time, select and your computer will instruct you to say that you must not turn off your computer or press anything whilst it does a restore ... mine took about 10 minutes in total so just be patient.
One it has done the system restore it will start and load up as it normally does and if like me you might get a little box on your desktop to say that the system restore of 3.08pm (in my case) was successful, just click OK and close.
TAA DAA no more pop ups, annoying shields in the corner of your screen etc. It was as if it never happened. The only problem is that you might lose and work that you were working from and not saved when you were infected.
Hope that helps :)
Ok guys just an update I rid of the security shield virus by using Malwarebytes Anti-Malware but I'm still unable to use the internet. It not an internet problem because its says I'm connected and I talked to my internet company (for 5 hours) and they said everything was okay. They told me my best opinion was reinstall vista but my computer was pre installed. I Tried every thing from the basics my internet company told me to changing hosts files. I don't know what to do, also as I said before all my system restore files are corrupt.
ReplyDeleteHi Jim,
ReplyDeleteYou need to renew your internet connection.
1. In IE, from the Tools menu, click on Internet Options.
2. Select the "Connections" tab
3. Click on the "LAN Settings" button
4. Uncheck the checkbox labeled >Use a proxy server for your LAN< in Proxy Server section
Hope this works for you.
Thats what my internet compnay told me to do nothing was checked to begain with and I'm still was blocked. I don't know what the virus did to my internet.
ReplyDeleteYou guys are all awesome! Thanks so much for the detailed steps. I tried to rename the program to the .txt with no luck. When I restarted in safe mode and restored to yesterday everything was A ok. Good luck to you. :)
ReplyDeleteUse Malwarebytes' malware to remove fake antivirus. It does work. http://mytechencounters.wordpress.com/2011/06/10/how-to-remove-fake-antivirus-software
ReplyDeleteReboot your PC in safe mode and scan with mbam. If you can't download it because of the infection, you can reboot into safemode with networking and download. Have a look at here for more details http://mytechencounters.wordpress.com/2011/06/10/how-to-remove-fake-antivirus-software/
ReplyDelete