Jump to content

Security Shield Virus

turk621
 Share

Recommended Posts

turk621

turk621

Posted
Posted

A little background...I had the Security Shield virus a week ago(went right through my McAfee AV), followed all the recommended solutions to get it off my computer, but the virus wouldn't let me do it. I had to take my computer in to have it removed, cost $65 an hour for tech time. When I got my cleaned computer back, I downloaded Malwarebytes Pro trial version, then after 2 days bought it. Loaded and works fine, but here's the question. I have a Seagate external backup drive that I still haven't plugged back in...fearful that Security Shield is in there lurking...if I plug in the backup drive, will MB Pro find and kill it? I'm afraid the virus will escape the Seagate and infect my computer again.

Thanks in advance for any advice

Link to post
Share on other sites
Assassin7772

Assassin7772

Posted
Posted

If you think you are infected, here are the steps needed to get your computer cleaned....

Please read the following so that you can begin the cleaning process:

IMPORTANT: Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:

  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in the

Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have.

  • Please read and follow the directions >>Right HERE<<, skipping any steps you are unable to complete.
  • After posting your new post, make sure under options, you select Track this topic and choose Immediate Email Notification,
    so that you're alerted when someone has replied to your post.

NOTE: Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

  • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
    Or
  • You may send a Private Message to a Moderator asking for assistance.

OPTION 2

Alternatively, as a paying customer, you can contact the help desk by filling out the form located >>Right HERE<<

OPTION 3

If you would like to use our Malwarebytes Premium Services, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our Malwarebytes Premium Services support site >>Right HERE<<

Please be patient, someone will assist you as soon as possible.

PS: Please use the "Reply to this Topic" or "More Reply Options" buttons (instead of the “Quote” and “MultiQuote” buttons) when replying here & at the other forums. That will make your topic easier to follow. :)

Link to post
Share on other sites
Firefox

Firefox

Posted
Posted

Assuming the shop you took it to did a good job removing the infection, and you have a current antivirus running and also have Malwarebytes Pro enabled, you should be able to plug that external drive in.

Once you plug it in, if you like run a full scan with your AV and a full scan with Malwarebytes to make sure there is nothing left behind on that drive.

Link to post
Share on other sites
turk621

turk621

Posted
  • Author
Posted

Thanks for the quick response. When I had the computer cleaned, the backup drive wasn't included, that's why I'm concerned it might be in there. I guess I'll live dangerously, plug it in, and run an MBAM Pro scan. How do you find out if Security Shield is in the MBAM signature? As I said in my first post, my McAfee AV didn't catch it when it originally downloaded(I just ordered Kaspersky Internet Security 2012 to replace McAfee, but haven't received it yet).

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

(I just ordered Kaspersky Internet Security 2012 to replace McAfee, but haven't received it yet).

Hi, turk621:

Please stay with Trusted Advisor Firefox re: scanning your USB external HDD for malware. :)

I'm just popping in to this thread with a couple of suggestions as another home user who is both a McAfee survivor and a current KIS2012 user. :)

1) Before you try to install KIS, please be sure to completely, cleanly uninstall McAfee using their removal tool.

There's a current topic here in another section of the forum with replies that contain links to the tutorial and download site for that tool >>HERE<<.

KL products go bonkers if there are traces of other AVs or security programs left on the system during their installation.

2) You'll also need to temporarily uninstall MBAM in order to get a clean install of KIS. KIS will try to do it itself during the process, but my personal recommendation is that you do it manually first. I would suggest that you follow these steps (it looks harder than it is):

  • If you are running MBAM PRO, please be sure you have your license ID and key available (sent via email at the time of online purchase, or in the box).
  • Download and run mbam-clean.exe from HERE.
  • It will ask to restart your computer; please allow it to do so - this is very important!
  • After the computer restarts, download and install the current version of KIS2012 from HERE, as it will be more current (by several major patches) than anything you'll get on a CD; just use the activation code that comes with the CD to activate your program after you download it. Make sure you have KIS completely updated, activated and configured. When all is good...
  • ...then download the latest version of Malwarebytes' Anti-Malware from HERE, then temporarily pause protection in KIS and run the MBAM installer. (Ignore all 'Recommended' or 'Sponsored' software which are prominently displayed on the mirror sites -- they are ads and MBAM does not have any association with them.)
  • If you are using MBAM PRO, you will need to reactivate (register) the program using the license ID & key.
  • Launch the MBAM program and (if you are using MBAM PRO) set the Protection and Registration.
  • Then go to the UPDATE tab (if not done during installation) and check for updates.
  • Restart the computer again and verify that MBAM is in the system tray (if using the PRO version).
  • Now set up the mutual file exclusions for KIS and MBAM, and resume protection in KIS. You may use the guides posted in the FAQs HERE, or ask and we'll explain how to do it.

(At the risk of drifting off-topic ;) , there is an excellent KB for KIS2012 HERE. If you need additional, home-user level help with it, send me a PM and I will try to assist.)

Hope this helps a bit,

daledoc1

Link to post
Share on other sites
  • 2 weeks later...
turk621

turk621

Posted
  • Author
Posted

daledoc,

Did my deletions and installs, everything went fine. McAfee removal took about 30 minutes, pretty slow. I was ready to reboot because I thought it got stuck! The only thing I didn't do was the temporary pause in KIS before MBAM install. Worked OK anyway.

Now, what is "mutual file exclusions"?

Thanks again for the great advice. I now feel like my PC has a giant condom protecting it with KIS and MBAM!!

Link to post
Share on other sites
Assassin7772

Assassin7772

Posted
Posted

Hi turk621,

Since DD isn't here, I'll try to help you out the best I can. Basically, mutual file exclusions means that the two programs won't scan each other. This is to prevent both programs to think the other one is a virus/intruder and try to block it. MBAM is very good at acting nice with other programs, but sometimes things don't work out. Some programs are just too fiesty (like Norton or Comodo). There is an easy solution though! Here are the proper exclusions for MBAM and Kaspersky! Remember, don't start the MBAM protection module until after you set the exclusions. If you have already started it, please uninstall MBAM via Control Panel, restart, and then run mbam-clean, you'll have to reinstall MBAM.

Set Exclusions for Malwarebytes' Anti-Malware in Kaspersky Internet Security and Kaspersky Anti-Virus on 32 bit Windows Versions:

  • Open Kaspersky and click on Settings in the upper right-hand corner
  • Click on the right-most icon in the upper left to access Detected Threats and Exclusion Rules
  • Under Exclusions click on Settings...
  • In the Trusted zone window that pops up click on the Trusted applications tab
  • Click on the Add button and select Browse
  • In the browse window that opens navigate to C:\Program Files\Malwarebytes' Anti-Malware
  • Double-click on mbam.exe and in the window that pops up, click the box next to each of the items listed in the window so that they are all checked and click on OK
  • Do the same for each of the following:
    • mbamgui.exe
    • mbamservice.exe

Once that is complete, click on OK to close the exclusions window

Click on Apply at the bottom of the Settings window then click on OK

Close the Kaspersky main window

Set Exclusions for Malwarebytes' Anti-Malware in Kaspersky Internet Security and Kaspersky Anti-Virus on 64 bit Windows Versions:

  • Open Kaspersky and click on Settings in the upper right-hand corner
  • Click on the right-most icon in the upper left to access Detected Threats and Exclusion Rules
  • Under Exclusions click on Settings...
  • In the Trusted zone window that pops up click on the Trusted applications tab
  • Click on the Add button and select Browse
  • In the browse window that opens navigate to C:\Program Files (x86)\Malwarebytes' Anti-Malware
  • Double-click on mbam.exe and in the window that pops up, click the box next to each of the items listed in the window so that they are all checked and click on OK
  • Do the same for each of the following:
    • mbamgui.exe
    • mbamservice.exe

Once that is complete, click on OK to close the exclusions window

Click on Apply at the bottom of the Settings window then click on OK

Close the Kaspersky main window

Set Exclusions for Kaspersky Anti-Virus and Kaspersky Internet Security in Malwarebytes' Anti-Malware:

  • Open Malwarebytes' Anti-Malware and click on the Ignore List tab
  • Click the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files and click once on Kaspersky Lab and click OK
  • Close Malwarebytes' Anti-Malware

To know what version of Windows you have (32 or 64) do this:

Click Start > right-click "Computer" > select properties, a page should come up, look under "System" and find the "System type". That should tell you your operating system type.

As soon as DD comes back, you can ask her any questions as she is more knowledgeable than me. I don't use Kaspersky but I've heard great things about it. You'll be well protected. DD uses it and she can add any more info on top of what I've given you. Have a great day!

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

Hello, turk621:

Thanks for the update.

Yes, the instructions posted by Assassin7772 are essentially correct -- I didn't catch which version of Windows you are running, but just use the version of the stepwise instructions relevant to your OS.

The following KIS2012 KB articles may also be helpful:


http://support.kaspersky.com/kis2012/settings/options?qid=208284275
http://support.kaspersky.com/kis2012/settings/options?qid=208284276

Glad everything is working for you now -- IMHO, KIS and MBAM PRO is a very robust combination.

Best regards,

daledoc1

Link to post
Share on other sites
turk621

turk621

Posted
  • Author
Posted

Thanks to both of you...since I have both MBAM Pro and KIS currently running, I should delete MBAM, restart, then clean MBAM, reload it, then set the exclusions in both KIS and MBAM? Just want to make sure.

Thanks again

PS I have XP Media Center Service Pack 3

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

Hi,

Nope, that shouldn't be necessary, so long as everything is working OK. :)

I would just make sure MBAM has full permissions/exclusions in KIS.

(It probably already does, since I've not found it necessary to manually set these, at least with the current KIS version. IOW KIS will probably automatically assign MBAM to the correct trust level.)

Best regards,

daledoc1

PS (You might want to keep the overall install/exclusions instructions handy, as there will be a major version update to KIS soon (probably within the next month or so). You'll want to follow the same procedure when the time comes to upgrade to the new KIS version.)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.