They say that the new is actually the long forgotten old. And I cannot argue with it having in mind that such a thing as Security Shield is back and ready to give you a run for your money. This program has recently appeared again and, even though it is hard to believe it, this rogue causes numerous problems to computers worldwide. The latest clone of this fake software is System Care Antivirus.
The bottom-line is that the sooner a user removes Security Shield from the infected system the better; however, the reality is that the removal frequently takes place when the rogue has already done everything it had intended to.
The main intention of Security Shield is to pocket the user’s money and be done with it as soon as possible. That is actually what all rogue antispyware applications do, so it should not come as a surprise. Unfortunately, due to the fact that the program in question is named “Security Shield” inexperienced (and sometimes simply negligent) users do not think twice before they click on the rogue’s registration icon and enter their vital financial information into the blanks. Once they send away this information to the creators of the rogue (or the antivirus program vendor, as they might think), the game is over: they literally provide a key to their bank account for cyber criminals.
So how does this work, and why is Security Shield successful at wriggling into the depths of an operating system without anyone noticing anything? Well, for starters, users who have been battling fake antivirus programs (else known as rogue antispyware) for years must have heard of Security Shield already. There have been quite a few versions of the same program released ever since 2010, and the truth is, the name is so generic that even unrelated rogue applications share the same title as well. The Security Shield we are dealing with right now is directly related to another fake antivirus program called Security Tool. Security Shield makes use of the same tactics that has been employed by Security Tool in order to deceive the user into believing that his computer is compromised – once the malicious application has been installed on the target computer it drops a number of absolutely harmless files onto the system and then kicks into a full system scan mode, “detecting” those files as dangerous threats.
The files in question can be loader2.exe, ddhttp.exe, Dumped_.exe and so on. Actually, the detection of unknown and suspicious looking files is more than enough to convince a significant number of users that Security Shield is a genuine security application. Nevertheless, the first alarm bell should ring when the user encounters the customer service – Security Shield offers to contact its customer service via email addresses that are hosted on free email domains ( [email protected] and [email protected] ). No legitimate antivirus company would have its emails hosted by a free server. Even if it did, it would have the domain name changed into the company’s name.
When we get down to the point, we know that Security Shield is not to be trusted, and no one should ever pay for this application. However, money and robbery is just one side of this infection. The other and actually more frustrating problem is that Security Shield hinders the infected operating system and the user cannot utilize his computer the he is used to. This problem requires an immediate solution otherwise; if the infection is left untreated it can result in an ultimate system failure. The best way to thwart Security Shield is to “activate” it, or at least make the program “think” that it has been activated. For that purpose, the user infected can make use of the following code:
64C665BE-4DE7-423B-A6B6-BC0172B25DF2
Once this code is pasted into the rogue’s registration window, all the fake alarm messages disappear and Security Shield behaves as though it has removed all the malicious infections from the computer. Yet it goes without saying that it is all a blatant lie and if nothing is done to terminate Security Shield, then the rogue will be back soon enough with all of its antics. And it will not stop until the operating system is ruined.
There are two ways to remove Security Shield and the same applies to any other rogue out there – manual and automatic removals are what can deal well with things like Security Shield. Manual removal requires the user to terminate all rogue-related files and processes by himself. That is only recommended for those users, who have worked with their Registry and system files before, because one simple negligent action can leave you without important system file that might overall cause the system breakdown. Manual removal consists of three stages – first of all the user has to terminate all the processes related to Security Shield, then delete registry entries that were created by the rogue and finally, get rid of all the rogue-related files.
On the other hand, if the user chooses the automatic removal option, then Security Shield will be terminated for him by a computer program of choice. The important aspect of automatic removal is the fact that the security program of choice needs to be downloaded from the Internet and Security Shield does block the Internet connection. In order to bypass it, the user should download a security program (like SpyHunter, for example) from the Internet on another computer and then transfer in into a USB flash drive or burn it onto CD. Then plug the CD or the USB flash into the infected computer and load the security program’s installer file. The program should kill Security Shield automatically, install itself and after a full system scan, delete the rogue completely.
In the case of the Security Shield infection immediate countermeasures are vital in order to protect the user’s money and the operating system. Thus, the sooner Security Shield disappears from the computer the better.
