Security Shield 2012

Security Shield 2012 Description

ScreenshotSecurity Shield 2012, also appearing as Security Shield or Security Shield Pro, is just one of dozens of fake security applications belonging to the WinWebSec family of rogue security applications. One of the characteristics that differentiate the family of rogue security software from other fake security programs is that fact that Security Shield 2012 and its clones have the ability to block certain security programs as well as preventing the victim from accessing their web browser, displaying a fake firewall notification instead. ESG PC security researchers recommend starting up in Safe Mode and using a dedicated anti-malware application to delete Security Shield 2012 from the infected computer system.

There are many clones of Security Shield 2012, including

There are several versions of each of these fake security programs, some ending with the year of their release (for example, Security Shield 2010 or Security Shield 2011) or by adding 'Pro' to the end of the bogus security program's name (for example, Security Shield Pro). Regardless of their name or year, these are all the same application with slight changes to the graphic user interface.

Security Shield 2012 Will Not Provide Protection for Your Computer System

Security Shield 2012 has no way of removing malware from your computer, especially since Security Shield 2012 is a kind of malware infection. This program is designed entirely to convince its victims to purchase a 'full version' of a useless fake security application. Since Security Shield 2012 has the ability to disable your security software, it may be necessary to boot your computer from an external drive or in Safe Mode in order to gain access to your security software.

In some cases, renaming your security program with a name corresponding to an unblocked file process (such as explorer.exe) can bypass Security Shield 2012 and allow your security software to activate. In many cases, ESG security researchers have found that the fake registration code 64C665BE-4DE7-423B-A6B6-BC0172B25DF2 can stop many of Security Shield 2012's most intrusive symptoms, giving you access to your web browser and security software in order to remove Security Shield 2012. It is important to understand that this will not stop a Security Shield 2012 infection, but merely stop Security Shield 2012 from affecting your computer long enough for you to use a legitimate security tool to remove Security Shield 2012 from your operating system.

Technical Information

File System Details

Security Shield 2012 creates the following file(s):
# File Name Detection Count
1 %AppData%\SecurityShield 2012 N/A
2 %StartMenu\%Programs\SecurityShield 2012\SecurityShield 2012.lnk N/A
3 %StartMenu\%Programs\SecurityShield 2012 N/A
4 %AppData%\Microsoft\Internet Explorer\Quick Launch\SecurityShield 2012.lnk N/A
5 %StartMenu\%Programs\SecurityShield 2012\How to Activate SecurityShield 2012.lnk N/A
6 %StartMenu%\ProgramsSecurityShield 2012\Help SecurityShield 2012.lnk N/A
7 %UserProfile%\Start Menu\Programs\SecurityShield 2012.lnk N/A
8 %AppData%\SecurityShield 2012\IcoActivate.ico N/A
9 %StartMenu\%Programs\SecurityShield 2012\Activate SecurityShield 2012.lnk N/A

Registry Details

Security Shield 2012 creates the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SecurityShield 2012
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SecurityShield 2012"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"
HKEY_CURRENT_USER\Software\SecurityShield 2012

One Comment

  • best:

    There is noticeably a bundle to comprehend this. I assume you have made certain nice
    points in functions also.