Home Malware Programs Rogue Anti-Virus Programs Security Shield

Security Shield

Posted: August 30, 2011

Threat Metric

Threat Level: 10/10
Infected PCs: 3,040
First Seen: December 8, 2010
Last Seen: April 18, 2018
OS(es) Affected: Windows

ScreenshotOur malware experts have dug into Security Shield and found that it contains no ability to remove viruses and protect you from malware or any of the other functions that it markets. However, Security Shield has shown a marked proclivity towards traditional rogue security program tactics, including presenting itself as a free product while attempting to steal money by forcing you to register it. Since Security Shield hasn't even a drop of positive features, you should immediately uninstall Security Shield with a genuine security program to protect your computer and your wallet.

The Emptiness Behind Security Shield's Shiny Marketing

As far as rogue security products go, Security Shield has an exceptionally resilient and multifaceted marketing scheme. You'll find glowing references to Security Shield on social networking sites like Facebook and Twitter, as well as scattered throughout the web in general software storehouse sites. Security Shield claims to be able to perform a multitude of unrelated PC security and maintenance functions, but this isn't terribly surprising, since, although it would be difficult to program a product that had such functions, it's a cinch to market functions that aren't present in the first place! Despite Security Shield's various claims and the persistently positive marketing veneer that it hides behind, Security Shield isn't capable of performing even one of the functions that it advertises.

Don't Let Security Shield's Fancy Image Seduce You into Giving Away Your Wallet

Like other forms of scamware from the WinWeb Security family, Security Shield's only real purpose is to steal money and credit card information. You should, therefore, avoid giving away either of these in your attempts to remove Security Shield and stop any of the many problems that it may cause while on your computer. Security Shield hasn't been linked directly to older scamware like Antivirus Security, System Security, AntiSpyware Pro 2009, Total Security, Total Security 2009, Security Tool, Trojan.RogueAV.a.gen, System Adware Scanner 2010, FakeAlert-KW.e, Advanced Security Tool 2010, System Tool 2011, MS Removal Tool, Antivirus Center, Personal Shield Pro, Advanced PC Shield 2012, Security Sphere 2012 and Futurro Antivirus.

Typical rogue security program dangers that Security Shield variants may incorporate include:

  • Creating fake error messages or infection warnings at random opportunities.
  • Blocking programs, such as anti-virus scanners, Notepad or Task Manager, under the fiction that they've been infected or damaged.
  • Hijacking your web browser to redirect you to one of Security Shield's websites, as noted earlier.
  • Setting your web browser's homepage to a Security Shield website and refusing to let you change it back.
  • Constant requests for you to spend money on Security Shield to fix any or all of the above problems.

However, there's no need to pay Security Shield's rather expensive price to delete it; instead, you can delete Security Shield with any sufficiently-competent anti-malware program.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%LOCALAPPDATA%\595230097.exe File name: 595230097.exe
Size: 1.14 MB (1146368 bytes)
MD5: d3a901302b63a05d4cdbaac9488d0201
Detection count: 508
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: May 6, 2011
%LOCALAPPDATA%\6323257655.exe File name: 6323257655.exe
Size: 875 KB (875008 bytes)
MD5: 5b015e44b7dc0b36c6c98d93e0d0108b
Detection count: 363
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: May 6, 2011
%LOCALAPPDATA%\246950008.exe File name: 246950008.exe
Size: 875 KB (875008 bytes)
MD5: 330719fc514f618192665d70985ace2d
Detection count: 363
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: May 6, 2011
%LOCALAPPDATA%\663846548.exe File name: 663846548.exe
Size: 865.28 KB (865280 bytes)
MD5: 2fa507da93111f0f620cbfebde1223ed
Detection count: 363
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: May 6, 2011
%LOCALAPPDATA%\4158304675.exe File name: 4158304675.exe
Size: 898.04 KB (898048 bytes)
MD5: b6afc9a9d7cdc8a597c42003649b63b0
Detection count: 356
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: May 6, 2011
%LOCALAPPDATA%\932735408.exe File name: 932735408.exe
Size: 888.83 KB (888832 bytes)
MD5: a26fbb8a4f0f03396b220e2e932f80bf
Detection count: 356
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: May 6, 2011
%UserProfile%\Local Settings\Application Data\487839044.exe File name: 487839044.exe
Size: 391.16 KB (391168 bytes)
MD5: b5faeb27a51c90d8e28da3cb3c7189ab
Detection count: 24
File type: Executable File
Mime Type: unknown/exe
Path: %UserProfile%\Local Settings\Application Data
Group: Malware file
Last Updated: December 8, 2010
%AppData%\Microsoft\Windows\Start Menu\Programs\Security Shield.lnk File name: %AppData%\Microsoft\Windows\Start Menu\Programs\Security Shield.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%UserProfile%\AppData\Local\[RANDOM CHARACTERS].exe File name: %UserProfile%\AppData\Local\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%UserProfile%\Start Menu\Programs\Security Shield.lnk File name: %UserProfile%\Start Menu\Programs\Security Shield.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "[RANDOM CHARACTERS]"

Additional Information

The following messages's were detected:
# Message
1Security Shield
"cmd.exe" is infected with "Worm.Win32.Autorun.bnb". Do you want to register your copy and remove all threats now?
2Security Shield
Security Shield Firewall Alert
Security Shield has prevented a program from accessing the internet.
"iexplore.exe" is infected "Trojan-Dropper.Win32.Agent". This worm has to tried to use "iexplore.exe" to connect to remove host and send your credit card information
3Security Shield Warning
Intercepting malicious software that may violate your privacy and harm your computer has been detected. Click here to remove now with Security Shield.
4Security Shield Warning
Some of the important system files on your PC were modified by malicious software. It may cause system crashes and data losses.
Click here to prevent non-authorized changes and remove threats (Recommended)
5Security Shield Warning
Spyware.IEMonster activity detected. This form of spyware attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other commonly used programs. Click here to immediately remove it with Security Shield.

Related Posts


  • becky says:

    this is a piece of crap secrity should be against the law for these websites to exsist!!!!!!!!im not really sure how to remove it but im tryin my laptop dont work right wouldnt let get ur website kept popping up danger dont go on website said ur a virus!!!!thx becky

  • rita says:

    How do I get this out of my computer? I do not want it or need it!

  • Herb says:

    I need to get rid of Security Shield and need to do it right waway. It is a fake program and it is affecting my daily use of my computer

  • abdool rohoman says:


  • Jack Phillips says:

    I want this out of my computer

  • sury mistry says:

    can you help with the removeble of securiry shield please...

  • robert nichols says:

    please remove security shield from my computer

  • Ann Setzer says:

    Take this off my computer. I am tired of it poping up

  • Unitarian Fellowship says:

    I can't even open anything!!!! What can I do???? Help!

  • Ann Setzer says:

    Take this off of my computer. I am tired of it poping up

  • lawrence loranger says:

    please remove security sheild from my computer i cant do nothin on my computer cause security shield keeps popping up i dont no how to remove it im sld whitch means i have a slow learning disability and i really dont understand wut all of this stuff mean im about to throw away a 2 thalsond dallour computer please remove it for me

  • Jim Fulghum says:

    Can you be of any service to physically help me to remove Secuity Shield. It stops everything I try to do by putting in a warning message.

  • get nthis off of my pc ! says:

    Please tell me how to stop this from popping up non stop.
    I didn\'t ask for it want or like it

  • Barbara says:

    I am trying to get rid of this security shield but every time I try to get a program downloaded it pops up & blocks it what can I do

  • john says:

    please help me to remove this dam thing cant do any thing on my lap top.. GOING NUTS WITH THIS HELP HELP

  • john says:


  • john says:

    help it is driving me insane

  • Larry says:

    Help me remove this security crap.

  • Larry says:

    I can\'t even tell if its letting me send this, help

  • Roe says:

    This a horrible thing. There should be a way to press charges against the creator. Who ever did this should find a job and get something to do besides jacking up people equipment.

  • Nadine says:

    I to have Serurity Shield on my pc, its driving me craze.

    how to I go aout manually removing it? e.g : c:\Documents and Settings\[USERNAME]\Local Settings\Application Data\[RANDOM CHARACTERS].exe

    Where do I put this entery in or find it. Please help.

  • ladybug says:

    tired of security shield pops up ALL THE TIME!!!!!!!!!!!!!! I want it OFF NOW!!!!!!!!!!!!!

  • Pierpaolo Riccio says:

    help me to get this security shield off pls...!!

  • Pierpaolo Riccio says:


  • bev says:

    Please take this off

  • LILA says:


  • Nadia says:

    Hi There. I have just got secrity sheild on my computer and im like everyone else, its keeps popping up and effecting my use. I tried the Spy HUnters free download, and it shut my computer down and restarted it. Now its still here, im confused wethere or not i have actually done it correctly. I need to get this off my computer.

  • John says:

    please get this off my computer, now,

  • Bob says:

    Help this darn program has defeated me at every turn there ought to be a law against programs such as these. It blocks all the programs that is supposed to remove it. It is an evil thing.

  • Mary Smith says:

    I need to get rid of this Security Shield, it is constantly on my computer.......

  • Robin says:

    need security shield removed

  • Steve says:


  • kirby says:

    I need help to remove this Crap now!!!!!!!

  • caroline stitt says:

    please tell me how to get this security shield off my pc.i havent a clue what to do

  • donna gregory says:

    want this off security shield off computer...need assistance and can\'t pay anything...

  • imad says:

    remove security shield from this computer. thank you

  • Angela says:

    I wish I could help you! I had my brother on the phone for 2hours last night and I think it worked - unless it' replicates. Best suggestion is take it to a friend who is computer savvy and tell them to google this site and follow the above instructions - THEY DO WORK! (so far)

  • thomas says:

    i have nortonon my computer how do i get rid of security sheild

  • bert says:

    can please remove security sheild as pops up all the time

  • sofi says:


  • Yvette says:

    Please help me remove this Security Shield from my computer! It's very annoying! I do not know how I got it but I am going crazy! Please help me!!!

  • Traci says:

    I am having the same problems as everyone else on here. this is riduculous, there is no way to get it off!!!!!

  • amanda says:

    i want this security shield off of my computer...i cant do anything!!!

  • SANDY says:


  • joanna mcginn says:

    i want to remove security sheild as i have a anti virus

  • E. Pickersgill says:

    Please help, i need to get this off my pc!!

  • Denise says:

    security sheild just showed up on my comp. and i can\'t get rid of it. i would like to know how to get it out so i can use my comp. How do I do that or can you do it for me?

  • jamie says:

    i want the damn thing off my pc now

  • natika says:

    I can't get this freaking thing off my computer. Sooo pissed off. I have a paper due and I can't get to where I need to go. GET IT OFF MY LAPTOP!!!

  • carmen says:

    security sheild just showed up on my comp. and I can get rid of it. I would like to know to get it out so I can use my comp. Hod do I do tat or can you do it for me?

  • shirley says:

    Get this security shield pop ups off my computer



  • johnny says:

    idk how this security shield got put on my computer but i really need it of.couse i can't do anything on my computer without it poping up n the way r read my mail r a book so plz help me


    i want this out NOW please help, im 12 lol i dont need this stress

  • i killed it says:

    HI, i have removed security shield manualy and i will tell you how:
    first open "task Manager" (ctrl,alt,del.) than open security shield. switch back to task manager and you will see security sheild, left click and on the little menu select "go to process". when your there it will be automaticly selected then click on the "end process" button, that will shutdown security shield. next use the directory above to get to security shield. drag it into the recycle bin and that's the end of that.

  • OMG says:

    it blocks control,Alt,Delete......omg wat am i gunna do :O

  • KAS says:

    Hi, I've just removed this shit from my notebook running XP. Reboot you machine and hold F8, you'll get different options to boot with, take safe mode with command prompt. Once you'll get the command prompt, follow the above mentioned 3 steps and you'll be fine. Type "regedit" on command prompt to get the registry editor. In my case the directory structure was c:\Users\[USERNAME]\AppData\Local\[RANDOM CHARACTERS].exe.

    Hope this help.

  • Ian says:

    Security Shield has driven me crazy, opening up porn sites i do not want my kids to see and then not allowing me to use the PC. Malcolm Morris advises to use system restore and he is correct, but Speed is essential. Power down your PC and leave a few minutes. Re open and as soon as you get to the start screen click
    Start - Control Panel - Performance & Maintenance - System Restore.
    If Security Shield starts to scan press STOP on it.
    Choose a date before SS infected you and let the PC restore your PC to a good working date. Seems to have fixed my PC for now. Good luck.

  • hanna says:

    I do not have security against viruses on my computer and your thing and then said to me how to remove the ok.

  • Daboy says:

    Use SYSTEM RESTORE... it works just fine. Just make sure you chose a date when your pc was not yet infected by security shield malware/adware. good luck guys!

  • kristi says:

    OMG, that worked!! Thank you so much!

  • pete says:

    the use of system restore seems to have worked on my sons laptop and i have installed a better internet security programme (PANDA INTERNET SECURITY 2012) dont know if it will stop this nasty bit of software but I hope so.
    Is there a program out there that we can send the proliferator of this to eat their hard drive

  • Bob says:

    This is terrible! THIS CAME ON MY COMPUTER... I try to go on the internet to destroy it, BUT HOW TO GET RID OF IT!!!!

  • steve says:

    i did a system restore in safe mode...worked fine but couldnt get to any programs without safe mode....click f8 key repeatedly upon startup to get to safemode networking and then do a normal system restore

  • CSpahn says:

    I shut off the PC for 5-10 minutes, re-booted went directly to system restore and set for 2 days prior. So far so good.

  • Robin Severson says:

    Thank you, thank you. I believe shutting down the pc and going into system restore seems to have solved my problem with security sheild. I tried to get into my add and remove but it wouldn't let me. Shutting down is the key. Thanks again

  • Sandra Jones says:

    HELP! I have tried exactly what has been advised about going to system restore etc, but at every attempt this sofware constantly blocks even this and it wont even allow me to open system restore. How do you overcome this factor as I cant get anything done at all as it just blocks every single thing???

  • Martha Name says:


  • Linda says:

    I'm trying it out now fingers crossed!

  • Bev says:

    Seems to have done the trick - a lot quicker & easier than some other online suggestions which we couldn't get to work at all! Thank you.

  • Bev says:

    Seems to have done the trick - a lot quicker & easier than some other online suggestions which we couldn\'t get to work at all! Thank you.

  • JJ says:

    I really need help, my Security Shield won't even allow me to access the internet so I can't download any type of things to remove it. If you could help I would be very happy.

  • Bob says:

    It doesnt let me acess the internet either.

  • Celeste says:

    I need help.

  • Belen says:

    Wow that sucked.....the system restore worked perfectly just make sure you go back a couple of days...thanks so much

  • Micah says:

    Security Shield will not let me download this. Help?

  • Dave says:

    Can anyone tell me how to locate these problem files (such as "6323257655.exe" from the list above)?
    Once found, can they simply be deleted?

  • ian says:

    can anyone help me get security shield off my pc

  • Frank says:

    In windows 7 I found a strange file ucfkizfa.exe in C:\users\<user>\AppData\Local
    Start Windows in Safe mode (F8) and you are able to remove this file.
    After that the Security Shield messages has gone. But system is still infected. Now I'm going to install a virus scanner.

  • David says:

    this security is so f*****

  • Paul says:

    Thanks for the advice, re system restore. I thought I was going to have to get my pc rebuilt due to this hiddeous spyware!

  • ali says:

    i cant download spyhunter if the security shield wont let me do anything

  • Mohit Jain says:

    It worked, I manually deleted exe and crap cookies from system, so able to remove spyware completely

  • Iam Yourhelper says:

    (Username)\Local Settings\Application Data\
    There will be an exe file named something random. The symbol is a green V thingie.
    Open Task Manager and type in the letters. Close the file to make it stop popping up all the time, it will just stop the pop-ups until next time you start Windows.

  • Fredrik Eriksson says:

    I got this installed from surfing at ebay.co.uk...... WTF is up with that?

    System restore seems to have solved my problems for now at least. Doing a full system scan and I will try to different malware remvoing softwares. ESET NOD32 might not be good enough since it didnt report anything...

  • Daniel says:

    I had Security Shield on my computer and it did not appear as any of the files, processes or services that various removal instructions said it would. However, AVG found a file called liquid9529749.exe in C:\Users\[Username]\AppData\Local\Temp\ which it removed and I now appear to be clean of Security Shield.

  • TrickyMisfit says:

    Tried all the solutions below without luck. In C:/Users/[username]/Local Settings I found a file named afimba.exe (Icon is a shield with light green and white squares) that had the date/time about when I contacted this bast*ard. It would not let me delete it. I found the registry entry for it in HKEY_LOCAL_MACHINE\Software\Wow6432Node/Microsoft/DirectDraw/ Trying to delete the Key causes a blue screen of death. First delete the values. I then changed the file name of afimba.exe to 0000.exe and it seems to have stopped the program from running. The program can be deleted using the DOS prompt. This malware seems to be self-mutating. Running McAfee virus scan did not detect it.

  • Laura says:

    Security Shield just showed up on my computer last night - how do I get rid of it - I can't get on the internet without this screen popping up saying I have viruses - no number to call - just a screen on what type of subscription I want and to put in my credit card #.

  • DH says:

    Did C:\Users\[Username]\AppData\Local\Temp\ and at bottom of page saw green and white shield and after I got the program closed I right clicked deleted. Sent to the recycle bin emptied then did a system restore and no more problems but for the 30 mins prior talk about pure HELL!!!!! Thanks guys The Fix seemed to work great!!

  • john says:

    i need help to get securty shield off my computer so i can use it an they have done every this

  • James says:

    I hope Ican install theremover to the infected unit

  • Zeus says:

    I ran System Restore as soon as it started annoying me and I found out that it was itself malware. It's gone. No personal data or files lost. Easy as pie.

  • travlor says:

    shut computer off then turn back on pressing f8 vigorously until utility screen pops up scroll down to safe mode networking and click ok inside you should be able to access your virus protectection

  • Joe K says:

    found the shield deleteed it and all is well also had to uninstall and reinstall security esentials really did a number on that

  • ken says:

    hell no!!this security shield has destablised my pc.I cant find where the f***k in the installed programes it is.
    I tried malwarebytes and cant do a thing to stop this sh**t.Even restoring is stuck...any suggestions guys?

  • Marie says:

    Security sheild just showed up in my comp and I can't even get to my home page. How can I get this removed and not lose any of my doc's? Is there anyone that can give me direction step by step! I'm very frustrated. Do need to take my computor in and have some one else fix it.

  • Greg says:

    Easy fix. Find the file, drag to your desktop, restart your computer, click and delete BEFORE it can auto start.

  • Romich says:

    i've worked on this security shield, i tried offline antivirus, it worked good, i restart the comp, and dl some antivir program (just one), but i when i want to dl an antimalware, this f...... program wake up, and no more to do. can you give me the best way to remove this wonderfull program (LOL). good luck with it....

  • Lu.L says:

    Hope to receive some assistance from http://www.spywareremove.com if I will have any questions. Wish you luck!

  • lida pills says:

    Rogues are usually Website author? No. There's nothing OP at 90. All items have it really is some weakness. The only Post author part of this game can be low-level prot players.