Security Shield

9 December 2010 Rogue 6 Comments

Security Shield is a fake anti-virus software. Follow the removal guide on this page to get rid of Security Shield from an infected PC.

Security Shield is a fake antivirus program that uses Trojans and fraud security web sites to promote itself. Security Shield or also known as the SecurityShield virus, can easily get inside the system via through Trojan infection. This harmful Trojan will exploit certain software weak spot found to gain secret access on the target PC. With the use of scam web sites, this malware will automatically scan victim’s PC and post an alert of possible infection. Then it will prompt to download and install Security Shield as the needed software to remove detected threats. No matter how one has obtained this fake AV, its effect once installed on the computer is very devastating. It will block your access to Internet and prevents running of any software.

To push user in obtaining the full version of this fake security tool, it will pop-up fake alerts from time-to-time. It may be hard to remove Security Shield once it set itself on the system. It is capable of configuring a self-start to run the software when Windows starts. Once loaded, it has the ability to kill any installed anti-virus program and block your entire security software.

With these damages made on to the system, there is a slight option that it can be removed with the normal software uninstall process. So far, the best way to remove Security Shield and other rogue product is by using a trusted anti-malware program as stated in the guide below. Valid antivirus program can also help in removing malicious files that are hidden on the system folder that are linked with Security Shield.

Screen Shot Image:

These images are the versions of Security Shield. Security Shield ‘Protect Your PC In New Level’ is the newest version.

Image of Security Shield

Technical Details and Additional Information:

Security Shield is Also Detected As:
Trojan.Win32.Heur.Gen (ByteHero), Trojan-Dropper.Win32.Dapato.upm (Kaspersky), Trojan.FakeAV!rem (PCTools), Trojan.FakeAV (Symantec)

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Malware Behavior
Once Security Shield is running on the computer, it will never stop producing fake security alerts. These deceiving techniques attempts to persuade users to purchase the registered version of this malicious product. Some of the false information it will provide are the following:

Security Shield Firewall Alert
Security Shield has prevented a program from accessing the Internet.
“iexplore.exe” is infected with “Trojan-Spy.Win32.Agent”. This worm has tried to use “iexplore.exe” to connect to remote host and send your credit card information.

Harmful software detected
Security Shield has detected malicious software that may cause PC crash. Click Remove All button below to remove them now.

Warning message from your Internet browser. This page is under virus attack. This may crash your system.

New database updates are available
Automatic updating is required for real time system protection against new viruses, Trojans and worms.

Added Registry Entries:

HKEY_CURRENT_USER\Software\Security Shield
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"

Associated Files and Folders:

%AppData%\[random]
%AppData%\[random]\[random].bat
%AppData%\[random]\[random].cfg
%AppData%\[random]\[random].exe
%UserProfile%\Desktop\Security Shield.lnk
%UserProfile%\Start Menu\Programs\Security Shield.lnk

How to Remove Security Shield

Activating Security Shield

Security Shield will block running of any programs. It also prevents access to Internet particularly anti-virus web sites. Execution of Windows tools like Task Manager, Registry Editor and Control Panel is similarly block by the rogue program. Activating the program using the registration key below will regain access to the mentioned services.

Activation Code: 64C665BE-4DE7-423B-A6B6-BC0172B25DF2

Once activated, downloading of necessary program to scan and remove Security Shield is now possible.

Automatic Removal Procedure

1. Download Anti-Malware Tool and save it on your Desktop or any location on your PC.
2. When finish downloading, double-click on the file to install the application.
3. Follow the prompts and install with default configuration.
4. Before the installation completes, check on the prompts about update and launch.
5. Click Finish. Program will run automatically and you will be prompt to update the program before doing a scan. Please update.

Restart the Computer in Safe Mode

6. Next thing to do is to reboot the computer in Safe Mode with Networking to avoid Security Shield from loading at start-up. You may want to print this procedure as we have to restart the computer to complete the removal process.
- Restart the computer.
- Before Windows begins to load, press F8 on your keyboard.
- It will display an Advanced Boot Options menu. Select Safe Mode with Networking.
- Windows will now start in Safe Mode.

7. When on Safe Mode of Windows, open the removal tool. Select Perform full scan on main screen to check your computer thoroughly.
8. When scanning is finished click on Show Results.
9. Make sure that all detected threats are checked, click on Remove Selected. This will delete all files and registry entries that belongs to Security Shield.
10. Restart your computer.

Note: If Security Shield prevents downloading of recommended tool. Download the software from another computer. Renaming it to something like 'anything.exe' can help elude the malware.

What to do next...

Comments and Suggestions

On this area you can find Visitor's personal suggestions. We cannot control and evaluate each recommended procedure from visitors so please use it at your own risks. If your inquiry pertains to Security Shield payment refund or lost serial key, kindly check the FAQ for rogue program first.

6 Comments

S.Carras
Dec 14, 2010 @ 21:44:54
Well, I see that aside from “SystemTool” [which has a NICE PINKISH look! HA!] Security Tool has still MORE sister viruses [there is one other, I think it's Windows Security or something or other here.] now..that “Get FULL protection” [yeah right, it is MORE like "Get FOOL INFECTION!" ha ha] legend [which they will be, only in a DIFFERENT way], is a DEAD give-away. On December 13, [great LUCKY number kiddies, RIGHT?], 2010, yesterday, I got…..SYSTEM tool. Oh year! Yecch.
We should do a kind of “Social Network” flick follow up about such virus causers…only it would have to be fictional.,…ha ha ha like THOSE crooks would EVER should their face [well, a few in Maryland have been ID'd as A MAIN part.] We could do a sort of “Social Network” meets “Easy A” deal…hgih school kids create virus, “uncool” types {Ellen Page or Emma Stone could play these] refuse to scam, prinicapl busts scammer,s or set it in in a workplace. Hollywood, getting any movie ideas here?
Steve
jamie
Dec 15, 2010 @ 23:29:33
If you run malwarebytes in safe mode after running a program called rkill you have a very good chance of removing this virus, it has worked for all the other fake virus programs so far to date.
ana
May 15, 2011 @ 21:32:08
hola! este virus es exactamente el q adquirio mi compu, es super fastidioso, pero misteriosamante desaparecio, de la nada, cuando me di cuenta a los dias ya no estaba, q ocurrio? agradecere alguien me pueda orientar. es posible q el antivirus norton lo haya eliminado?
Noey
Jun 09, 2011 @ 17:42:13
I got this virus and panicked big time. I read that many of the “solutions” require you to pay for the download. I tried restarting in Safe Mode and the computer prompted me with the System Restore and I used it. It basically erased every temporary file created from the present to a time in the past when the computer was operating virus free. So far no Security Shield. So try the System Restore option if you computer has it.
Vinod
Mar 21, 2012 @ 06:23:11
Noey’s suggestion of trying the system restore worked for me too! Thanks.
YSTandiera
Mar 23, 2012 @ 10:13:18
Still can’t remove because can’t run *.exe file..