What is Red Shell virus?

Red Shell is a spyware virus. It developed for markets to illustrate what channels generate the most traffic for game sales, to help with choosing advertising methods. Usually, it can redirect every browser or game to third party sites or shows pop-ups with different commercial information without user contest. Moreover, Red Shell can lock the screen by showing of banners with ads every hour while the user tries to visit popular sites, such as Facebook, Instagram, Steam etc. Several players found Red Shell in The Elder Scrolls Online, Conan Exiles, a few of Sega’s Total War games, Civilization 6, Dead by Daylight installers. In result, victims usually have troubles with system resources, Internet browsers, games and other software. Besides, Readshell collects and shares users personal data with affiliates and other third parties. Our recommendation to remove Red Shell virus as soon as possible, and we try to describe how you can remove it completely in our article (below).

Red Shell spyware

How Red Shell virus gets on your PC?

Red Shell virus comes into your computer with freeware’s web-apps and other installers. Some steam users, report, that they got the virus through installed games and their open ports. Infiltration can be hidden, victims firstly don’t realize that something wrong. Unfortunately, Windows Defender can pass the virus. Therefore, many users aren’t even aware that their computer has been compromised by Red Shell virus. Always use antivirus software, follow the installation process, read the user agreement and select only the “Advanced” installation type. Don’t settle for installation of the suspicious software. Don’t rush to press the “Next” button. Also, you can always read reviews about a program. Be careful and attentive. If Red Shell virus has already come into PC, then you urgently need to get rid of this program.

How to remove Red Shell virus from your computer?

To uninstall Red Shell virus remove it from Control Panel, then delete all files and registry keys.

In our view, there are 3 products that potentially have Red Shell virus in their database. You can try to use them for removing Red Shell.

Recommended Solution:

Norton is a powerful removal tool. It can remove all instances of newest viruses, similar to Red Shell virus – files, folders, registry keys.


Download Norton*Trial version of Norton provides detection of computer viruses for FREE. To remove malware, you have to purchase the full version of Norton.

Alternative Solution:

Norton Antivirus – detects files, registry values and folders of viruses that show the same behavior as Red Shell virus.


Download Norton

You can try both of these products to remove Red Shell virus

Or uninstall Red Shell virus manually.

Step 1: Remove Red Shell spyware by BlockRedshell.bat

[wpdm_package id=’21660′]

  1. Download and extract BlockRedshell.zip
  2. Right cick on BlockRedshell.bat and choose Run as administrator.
  3. Press Enter to close it.
  4. You system is free from Red Shell.

Step 2: Remove Red Shell virus from Control Panel

Windows XP:

  1. Click Start.
  2. Control Panel.
  3. Then click Add or Remove Programs.
  4. Find Red Shell.
  5. Click Uninstall.

Learn more about uninstallation of programs in Windows XP.

Windows 7/Windows Vista:

  1. Click Start.
  2. Then Control Panel.
  3. Click Uninstall a Program.
  4. Find Red Shell and click Uninstall.

Learn more about uninstallation of programs in Windows 7.

Windows 8/Windows 8.1:

  1. Open the Menu.
  2. Click Search.
  3. After that click Apps.
  4. Then Control Panel.
  5. Then as in Windows 7, click Uninstall a Program under Programs.
  6. Find Red Shell, select it and click Uninstall.

Learn more about uninstallation of programs in Windows 8 (8.1).

Windows 10:

  1. Click on the Start button (or press the Windows key) to open the Start menu, click on the Settings at the top.
  2. Click on App & features on the left menu.
  3. On the right side, locate Red Shell and click it, then click on the Uninstall button.
  4. Click on Uninstall to confirm.

Learn more about uninstallation of programs in Windows 10

Note: If you can’t find required program, sort programs by date in Control panel and search for last installed programs.

After that remove Red Shell from your browser.

Step 3: Remove Red Shell virus from browsers

Google Chrome:

  1. Open Google Chrome
  2. Push Alt + F.
  3. Click Tools.
  4. Choose Extensions.
  5. Find Red Shell.
  6. Click the trash can icon to remove it.

Learn more about removing extensions from Chrome.

Mozilla Firefox:

  1. Open Firefox.
  2. Push Shift + Ctrl + A.
  3. Choose Red Shell.
  4. Click Disable or Remove button.

Learn more about removing extensions from Firefox.

Internet Explorer:

  1. Open IE.
  2. Push Alt + T.
  3. Click Manage Add-ons.
  4. Select Toolbars and Extensions.
  5. Click DisableRed Shell.
  6. Click More information link in the left-bottom corner.
  7. Click Remove button.
  8. If this button is grayed out – perform alternative steps.

Learn more about removing extensions from IE.

Step 4: Resetting your browser search and homepage settings

Reset browser setting in Google Chrome:
  1. Click the Chrome menu (3 bar button) in the top right corner.
  2. Choose Settings.
  3. Click Show advanced settings.
  4. Go to Reset browser settings section.
  5. Click Reset browser settings.
  6. In the dialog that appears, click Reset.

Learn more about resetting browser settings in Google Chrome.

Reset browser setting in Mozilla Firefox:
  1. Open Mozilla Firefox.
  2. Go to Help.
  3. Go to Troubleshooting information.
  4. Click Reset Firefox… button.

Learn more about resetting browser settings in Mozilla Firefox.

Reset browser setting in Internet Explorer:
  1. Open Internet Explorer.
  2. Click on the cogwheel in the right upper corner.
  3. Click Internet options.
  4. Got to Advanced tab.
  5. Click Reset button.
  6. Put a tick near Delete personal settings checkbox.
  7. Click Reset button.

Learn more about resetting browser settings in Internet Explorer.

Step 5: Remove following files and folders of Red Shell virus:

Remove following regitry entries:

no information

Remove following files:

no information

Remove following folders

no information

Written by Tim Kas

One comment

  1. Thank you, Tim Kas. Its time and past time that everyone refers to RedShell for what it is, a virus. Much respect to you for posting this critical step-by-step guide to help victims of illegal malware regain control of their devices and their privacy.

Leave a Reply

Your email address will not be published. Required fields are marked *