DotFab Blog » Malware Removal»How to Remove Web Surf Shield Browser Virus?

How to Remove Web Surf Shield Browser Virus?


Okay So I’ve got this virus rerouting Google, Facebook, and YouTube (mainly) to a little Hylian Shield with the words “Web Surf Shield” and a link to “take a survey.” I’ve tried scanning my computer and deleting the vicious files but that had to affect. What do I do?

In this article, we will guide you how to get rid of this Web Surf Shield virus and get your web browser working correctly again. Read on.



What Is Web Surf Shield?



Web Surf Shield is a Trojan that modifies your Windows hosts file targeting various popular sites like Google, Facebook, Bing, YouTube, and so on. After being infected by this virus, you will be redirected to Web Surf Shield page which states “Access to this page has been temporally blocked. Please take time to download our web shield update below. You can continue accessing the site after installing update. Thank you” and an additional online survey page whenever you try to browse the Internet.

Below is a screenshot of Web Surf Shield hijacked page, see for your reference:

Web Surf Shield hijacking


Don’t try to download whatever it demands you to download and don’t fill in any online surveys to access the site you desired. All this is designed by cyber criminals to make money. If you download the Web Shield thing, you may end up with more malware and adware on your computer. Filling the deceptive online survey, you will fall victim to credit theft, extortion schemes, and identity theft, as well as other forms of severe cybercriminal acts.


This Web Surf Shield message is a scam. You should follow the guide below to get rid of this hosts file hijacker immediately. Should you have any question concerning the removal of this virus, please leave a comment below and we will try our best to help you.



How to Remove Web Surf Shield Virus? (Removal Guide)



Outline of the removal guide:

Step 1 > Boot your computer to Safe Mode with Networking

Step 2 > Check hosts file and proxy settings

Step 3 > Restore web browser settings

Step 4 > Scan and remove malicious files



Step 1 > Boot your computer to Safe Mode with Networking


1. Turn off your computer and then back on.

2. During the start, tap F8 key repeatedly till you are brought to the Windows Advanced Options Menu.

Safe Mode with Networking


3. Use the arrow keys to highlight Safe Mode with Networking and then press Enter.



Step 2 > Check hosts file and proxy settings


Check and repair hosts file:

For Windows operating system (Window XP, Windows Vista, Windows 7 or Windows 8), go to C:\windows\system32\drivers\etc\.

1. Backup the hosts file.

2. Double click the hosts file and open it in a text editor.

You should see something like this:

Hosts file

3. Delete additional lines and save the hosts file.


Check proxy settings: 

1. Start Internet Explorer, go to gear icon or Tools at the top right corner > Internet options > Connections


2. Click on LAN settings to open the LAN settings menu, ensure to uncheck the use a proxy server as your LAN

Proxy settings



Step 3 > Restore web browser settings


Web Surf Shield virus may have tampered with the settings of your internet browser. You’d go though the following steps to get your web browser working correctly again.

You can make use of Anvi Slim Toolbar to manage browser extensions and plugins, and modify homepage and default search engine. Or you can modify browser settings manually.


1. Download and install Anvi Slim Toolbar by clicking the link below.

Anvi Slim Toolbar free download link:

Anvi Slim Toolbar


2. Delete unwanted and suspicious extension and add-ons:

Launch Anvi Slim Toolbar → Switch to Manage tab → Chech or tick unwanted and suspicious extension and add-ons → hit Remove button

Funmoods toolbar removal


3. Empty trash bin:

The removed toolbars and extensions are placed in the trash bin in case you want them back, so you need to empty the trash bin regularly.

Click on the trash bin icon, then you can restore or remove toolbars and extensions there.

Slim toolbar-trash bin


4. Modify browser settings:

Go to Browser Repair tab → chose the browser you are going to repair → set the homepage to your preferred website → select a desired search engine → click on the Repair button

Next step–scan and remove malicious files



Restore browser settings manually


For Internet Explorer Users
For Mozilla Firefox Users
For Google Chrome Users


For Internet Users:

1. To change homepage: click on the gear icon or Tools at the top right corner → select Internet options → hit General tab in the menu → set the homepage to a preferred domain like or choose Use default

IE-homepage set


2. To remove extension: click on the gear icon or Tools → select Manage Add-ons → go to Toolbars and Extensions tab → search for any suspicious toolbar and extension → right click on it  → choose Disable in the drop-down menu → close the window and click on OK button



3. To reset search provider: Switch to Search Providers tab → right click a desired search provider → select Set as default → right click on any suspicious search provider → select Remove → click Apply and OK to complete the setting

IE-Search Providers


For Mozilla Firefox Users:

1. To remove extensions and plugins: click on the orange Firefox button firefox button on the upper left corner of the browser → hit Add-ons → go to Extensions tab → Remove suspicious extensions

Switch to Plugins tab → Disable suspicious plugins


2. To change homepage: click on the orange Firefox button firefox button → hit Options→ select General → choose Restore to Default.


3. To reset default search engine: Click on the inverted triangle in the search bar → choose Manage Search Engines → locate any suspicious search engines → hit Remove and OK → click the inverted triangle again → select a preferred search provider as default search engine from the menu

Firefox-search engine


For Google Chrome Users:

Click on Customize icon (Wrench or 3 bar icon) →select Settings

Chrome settings


1. To reset startup page: hit Set pages → remove malicious website address by clicking the X at the end of the bar


2. To change homepage: hit Change →change homepage to or any other webs you desire


3. To reset default search engine: click on Manage search engine → set a desired search engine as your default search engine → remove any unwanted and suspicious search engine from the list


4. To remove extension: click Extensions above Settings → search for suspicious extensions → click the Recycling Bin to remove it



Step 4 > Scan and remove malicious files


After getting into your computer, Web Surf Shield virus will create various malicious files and overwrite the registry entries. You are strongly recommended to run as system scan with a antimalware program like Anvi Smart Defender to remove those malicious file.


1. Run a computer scan with Anvi Smart Defender and remove the infected files.

Anvi Smart Defender direct download link:

Download and install Anvi Smart Defender → run Anvi Smart Defender → switch to Scan tab → run a Full Scan

Anvi Smart Defender-1


Then boot your computer into normal mode. Now, your computer should have been free of the infection of Web Surf Shield virus. Any question, please leave a comment and we will reply as soon as possible.