Windows Shield Tool
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 9 |
First Seen: | February 24, 2012 |
Last Seen: | January 8, 2020 |
OS(es) Affected: | Windows |
ESG security researchers have received many reports of infections involving fake security programs belonging to the FakePAV family of malware. Windows Shield Tool is one of the many fake anti-spyware programs in the infamous FakeVimes family of malware, which also includes bogus security programs with names like Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
These are all versions of the same malware application, a fake security program with no true anti-malware capabilities. Windows Shield Tool is composed of a graphic user interface designed to mimic Microsoft Security Essentials. As part of its installation process, Windows Shield Tool makes changes to the Windows Registry which then allows Windows Shield Tool to display constant error messages and notifications from the Taskbar that seem to come from the victim's computer itself. By using these, Windows Shield Tool preys on inexperienced computer users, convincing them to purchase a useless anti-malware program.
Table of Contents
Dealing with a Windows Shield Tool Infection
Windows Shield Tool should be removed from the infected computer immediately. However, this fake security program has the capacity to mess with the infected computer's system restore features, disable legitimate security applications, and, in some cases, even load when the victim starts up in Safe Mode. Because of this, what is recommended by ESG security researchers is the utilization of a reliable anti-malware application that preferably has anti-rootkit capabilities. Windows Shield Tool will usually spread through corrupted advertisements that take advantage of vulnerabilities in Flash and JavaScript as well as being contained in fake video codecs that are often part of poorly-regulated pornographic video galleries.
How the Windows Shield Tool Scam Works
Fake security applications like Windows Shield Tool are known as rogue anti-malware programs. Basically, criminals use these in order to convince their victims that the infected computer system is in fact in severe trouble due to an outrageous malware infestation. Windows Shield Tool is presented as an effective solution to these nonexistent threats, but only if the victim pays for a useless 'full license' of Windows Shield Tool. Since Windows Shield Tool has no way to detect, remove, or protect from malware, ESG security researchers strongly advise against purchasing Windows Shield Tool or letting Windows Shield Tool remain on your computer system. Usually, the presence of Windows Shield Tool will indicate that other malware is also installed on the victim's computer and, if not removed immediately, will often result in the infected computer system becoming nearly useless.
SpyHunter Detects & Remove Windows Shield Tool
Windows Shield Tool Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | Protector-ntu.exe | 3e1177906fb1222590f01678f5352c40 | 1 |
2. | Protector-yco.exe | 9ca4f33ba3b524015f00b0b39c99b571 | 1 |
3. | Protector-qsy.exe | 179982a6ce74b96c1efe6286a84ae9f6 | 1 |
4. | Protector-ngo.exe | 0e565afa6f7233aa78cd7e848785b935 | 1 |
5. | %AppData%\Protector-oak.exe | ||
6. | %AppData%\NPSWF32.dll | ||
7. | %CommonPrograms\%Windows Shield Tool.lnk | ||
8. | %Desktopdir%\Windows Shield Tool.lnk |