Remove Security Shield (UPDATE)

Security Shield is reported to be a new scam software that targets computers worldwide. Digital criminals developed this application to lure computer users into paying for it. First, the users are misled into thinking their machines are seriously infected, and they need to be fixed immediately. After that, Security Shield imitates a legitimate and reliable anti-malware application that wants to help users in fixing their machines. To do that, Security Shield copies the layout and actions of a genuine anti-virus program. This tool pretends to be able to warn users about system errors and problems. Moreover, this tricky virus even wants to make people believe that their computers are heavily infected and provide them with information about any malicious files that need to be removed.

Figure 1. Security Shield fake scan

Security Shield is part of the same family of fake computer security software as MS Removal Tool. The attackers from this family are spread via malware. Using this technique, Security Shield can penetrate your computer without asking for permission. Moreover, the user of the compromised PC will not know that his computer is infected. After Security Shield has managed to get into the targeted machine, the fake tool will create many compromised files. These files have names of random combination of letters and numbers, and will be hidden in the following location:

C:\Documents and Settings\\Local Settings\Application Data\ for Windows XP
C:\Users\\AppData\Local\ for Windows Vista and Windows 7

Next, Security Shield will make some system changes that will ensure it will load and run automatically on system start up. Then it starts its evil plan. To make it impossible for the infected user to scan his computer using legitimate and reliable anti-virus software, Security Shield will stop any security-related executable file that you are trying to use. This malicious tool is also able to prevent other genuine applications from running. Security Shield may claim that your programs are compromised, and this is why they cannot be started. The message displayed will have the following meaning:

Security Shield
“notepad.exe” is infected with “Backdoor:Win32/Hackdef.O”.
Do you want to register your copy and remove all threats now?

After that, rogue security program will start displaying fake warnings. These faulty windows will keep coming, regardless of whether you are trying to close them, or not. The messages will tell you about serious system problems and errors that you need to fix immediately. The warnings will include the following information:

Security Shield Warning
Security Shield has found viruses at your system.
We highly recommended to get license for Security Shield to remove harmful software now.

Security Shield Warning
Your computer is under the infections threat. Turn on instantshield protection to safe your data and prevent internet attacks for your credit card information.
Select this to turn instantshield on.

Security Shield Warning
Spyware.IEMonster process is found. This is virus that is trying to send your passwords from Internet browser (Explorer, Mozilla Firefox, Outlook & others) for the third-parties.
Click here to protect your data with Security Shield.

In order to make you think that the situation is really serious, the fake computer security program will even make a fake scan of your PC. The scan will finally show terrifying results. Security Shield will pretend to have detected many compromised files that have to be removed as soon as possible. However, even if you try to remove the specified files manually, you will not be allowed to do that. Security Shield will tell you that the only way to fix your system is to buy the full version of the fake security program. To make it easier for you, and to scare you into thinking you really need to pay for this bogus tool to solve any problems, you will be redirected to the web page of the fake program. If you have a closer look at the web site, you will notice that there is almost no information about Security Shield. Nevertheless, you will see a detailed billing form that requires you to submit your personal and bank account details and to pay for this nasty parasite.

Do not be fooled by any of these fake messages, and do not send your information to hackers. Otherwise, your computer and information will be in real danger. Remove Security Shield immediately, and use a reliable security program.

Security Shield Manual Removal Instructions:

Stop These Security Shield Processes:
(Learn how to do this)

[random_letters].exe
Find and Delete These Security Shield Files:
(Learn how to do this)
C:\Documents and Settings\[User]\Local Settings\Application Data\[random_letters].exe
Remove These Security Shield Registry Values:
(Learn how to do this)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “[random_letters]”

Free Antispyware Scan

Tags: , ,

By

Speak Your Mind

*