Security Shield, the malware that first appeared quite a long time ago (in fact, back in December of 2010), continues to appear periodically, from time to time, with various degrees of severity. There have been several other posts we’ve devoted to this rogue in the past, but it seems that time has come for us to pay more attention to this scareware utility, since today it is being spread via certain special infected links that used to spread other malwares over the past few months. They were known as one-day rogues, but today these same malicious links spread Security Shield rogue “veteran”. What you should know about this hoax is that it is a fake antivirus and not legitimate security application. This is why, when you see it, make sure to ignore all its deceitful scans and reports regarding various sorts of infections on your system.
The rogue reports various infections in fact, such as backdoors, fake rogues, worms, dialers, spywares and malwares as clear from the screenshot above. This is done after the imitated (fake) scan of your PC with Security Shield scam is successfully accomplished. It is peculiar that such scans are launched automatically each time you turn your computer on. The malware is distributed in various languages, in particular, English, German, Spanish, French and Italian. It is quite predictable that countries where such languages are spoken could be the targets of the malware’s impact and attacks.
The malware annoys users with many fake security warnings, alerts and other notifications that come up quite often, thus really creating troubles for users while working with their PCs. Here is the example of the message you might see to be generated by the hoax:
It should also be mentioned that this malware replaces legitimate Windows Security Center with its own, fake one. So, here is another example of the misleading and scary alert you might see once the hoax is doing its malicious job on your computer:
Consider the fact that the very scan of Security Shield does not last too long, just a couple of seconds, so it is illogical to consider that real and serious infections can be detected or removed by this rogueware. Still, the malware doesn’t give up while trying to implements its malicious plots. Its goal predestined by the online hackers and its developers is to make you purchase its licensed version. Here is the example of the popup that actually prompts users to register the rogue:
When the hoax is on your computer you should first of all understand that there is nothing good to expect of its presence on your system. So, instead of buying its fake and powerless license you must search for the proper solution to remove it once and for all. Again, here is the fake payment processing page that you should avoid by all means:
In order to remove Security Shield infection from your system please download our recommended security software called GridinSoft Trojan Killer, install and update the software and run the scan with it. When the infections have been detected and the scan has been completed please click “Remove selected” button and reboot your computer. If you have any problems deleting Security Shield malware please get in touch with us immediately for further assistance.
Security Shield automatic remover:
Security Shield manual removal guide:
Delete Security Shield files:
Delete Security Shield registry entries:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce “[random numbers]”