My Shield Security

Updated: March 2, 2012 Rogue 1 Comment

My Shield Security is a malicious application that puts computer in trouble. It is fake security software that clearly shows the same quality as its previous version called My Security Shield. Typically, this type of program does not require physical installation. It will not even ask for user’s approval before loading itself on to the system. My Shield Security was designed to download and install on itself with the help of malicious web sites. It employs a drive-by-download process to infect computers who visited web sites put up for the sole purpose of spreading My Shield Security. Not only that rogue authors are creating specific web sites, other legitimate and known web site are also serving the same purpose if the same Trojan invaded it. My Shield Security aims at these web sites simply because they want Internet users to catch the virus in unexpected way.

My Shield Security begins to let users know of its presence after a successful installation. It starts with impressive detection of computer threats. Continuous pop-up alerts will be seen urging users to resolve the issue as soon as possible. Conditionally, it will help you clean the system but registered version of My Shield Security should be purchase first. The method sells My Shield Security even though we all know that rogue software is not capable of removing viruses. The whole thing is a misleading process that needs special attention. You should not believe on scan results and alerts. All of these are part of its misleading action to persuade victims. There might be no other virus present on the computer except My Shield Security itself. You need to remove this thing as soon as possible. Its continuing existence may cause more harm and will degrade the performance of the computer.

Screen Shot Image:

Image of My Shield Security

Technical Details and Additional Information:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

[cf]regis[/cf] [cf]files[/cf]

How to Remove My Shield Security

Restore Windows Components

If this virus enters your system, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. If you have a saved restore point before My Shield Security virus infiltrates the computer, please restore Windows to previous settings.

My Shield Security Removal Tool

In order to remove the threat completely, you need to download and run Malwarebytes Anti-Malware. This is a free malware removal tool. If Trojan infection blocks the downloading of this program, get it using a clean computer. Rename the executable file before executing on the infected PC.

Manual Removal Procedure

1. Press Ctrl+Alt+Del on keyboard to stop the process associated to "My Shield Security". When Windows Task Manager opens, go to Processes tab. Find and end this process.
MS(random characters).exe

2. You need to update your installed antivirus software. Please connect to the Internet and download the most recent database. This is a one-click process from your AV program’s console.

3. Thoroughly scan the computer and remove any threats found by your antivirus program. If delete option is not available, your best next choice is to quarantine the infected file. There is also a need to manually locate and delete malicious files. Please see the file section for items that are relevant to My Shield Security.

4. Next, you need to remove registry entries created by My Shield Security. Please refer to registry section to view entries related to the rogue program.
- (Windows 2000/XP) Go to Start > Run, type "regedit" on dialog box then press Enter on keyboard.
- (Windows Vista/7) Go to Start > Search Program and Files, type "regedit" and press Enter.

5. Exit registry editor when you are done.

6. Get rid of My Shield Security start-up entry by going to Start > Run, type msconfig on the "Open" dialog box. It will launch a new window containing System Configuration Utility. Click on the Startup tab and uncheck the following item.
MS(random characters).exe

7. Click Apply. You need to restart the computer.

Alternative Removal Method for My Shield Security

Option 1 : Use Windows System Restore to return Windows to previous state

If My Shield Security enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before My Shield Security infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.

Option 2 : My Shield Security manual uninstall guide

IMPORTANT! Manual removal of My Shield Security requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to My Shield Security.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for My Shield Security files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.

4. Delete all files dropped by My Shield Security.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Technical Reference

Associated Files and Folders:

%Documents and Settings\All Users\Application Data\[random]\MS[random].exe
%Documents and Settings%\[UserName]\Application Data\My Shield Security \
%Documents and Settings%\[UserName]\Application Data\My Shield Security \cookies.sqlite
%Documents and Settings%\[UserName]\Recent\ANTIGEN.drv
%Documents and Settings%\[UserName]\Recent\ANTIGEN.exe
%Documents and Settings%\[UserName]\Recent\cid.dll
%Documents and Settings%\[UserName]\Recent\CLSV.drv
%Documents and Settings%\[UserName]\Recent\DBOLE.sys
%Documents and Settings%\[UserName]\Recent\ddv.dll
%Documents and Settings%\[UserName]\Recent\ddv.sys
%Documents and Settings%\[UserName]\Recent\FS.drv
%Documents and Settings%\[UserName]\Recent\gid.drv
%Documents and Settings%\[UserName]\Recent\PE.drv
%Documents and Settings%\[UserName]\Recent\PE.exe
%Documents and Settings%\[UserName]\Recent\PE.sys
%Documents and Settings%\[UserName]\Recent\std.exe
%Documents and Settings%\[UserName]\Recent\tjd.drv
%Documents and Settings%\[UserName]\Recent\tjd.sys
%Documents and Settings%\[UserName]\Recent\runddlkey.dll
%Documents and Settings%\All Users\Application Data\[random]\MS8d7c_2155.exe

Added Registry Entries:

Comments and Suggestions

On this area you can find Visitor's personal suggestions. We cannot control and evaluate each recommended procedure from visitors so please use it at your own risks. If your inquiry pertains to My Shield Security payment refund or lost serial key, kindly check the FAQ for rogue program first.

One Comment

Lucy M Aiken
Sep 27, 2011 @ 08:06:28

I like very much to remove this Internet Sercurity Sheild Virus…Thank you…