Home Malware Programs Rogue Anti-Spyware Programs Security Shield Pro 2011

Security Shield Pro 2011

Posted: May 14, 2011

ScreenshotSecurity Shield Pro 2011 is a rogue security program without any of the supposed benefits that it tells you that it has. Although you'll see plenty of error messages while Security Shield Pro 2011 is active, this is because Security Shield Pro 2011 is creating fake errors to make you want to purchase an activation or registration key. Security Shield Pro 2011 may also block your ability to use a variety of applications, particularly applications related to real computer security. You should not buy Security Shield Pro 2011's useless upgrade and then remove Security Shield Pro 2011 by using well-reputed anti-malware scanners.

Security Shield Pro 2011: Not a Shield Nor Security for Your PC

You might stumble across Security Shield Pro 2011 on a website with poor upload security that lets the uploaders dress up Security Shield Pro 2011 like a helpful anti-virus and security program. However, you're more likely to be infected by Security Shield Pro 2011 through drive-by downloads from malicious advertisements and websites. Disabling scripts like Flash and JavaScript can reduce the possibility of getting infected by Security Shield Pro 2011.

Security Shield Pro 2011 is part of an extremely wide-spanning group of rogue programs, including the infamous System Tool as well as many different variations on the 'Security Shield' theme like Security Shield, Security Shield Pro 2010 and Security Shield 2010. These rogue programs may require different updates to threat definitions for scanners to detect them, but all of them, Security Shield Pro 2011 included, use the same malicious functions to harm your PC.

Although Security Shield Pro 2011 can't detect threats to your PC, you'll still see plenty of fake alerts from Security Shield Pro 2011. Some possible alerts include:

Security Shield Pro 2011 Warning
Your PC is infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
Click here to activate protection.

Warning: Your computer is infected
Windows has detected spyware infection!
Click this message to install the last update of Windows security software...

Security Monitor: WARNING!
Attention: System detected a potential hazard (TrojanSPM/LX) on your computer that may infect ex-ecutable files. Your private information and PC safety is at risk. To get rid of unwanted spyware and keep your computer safe you need to update your current security software.
CLick [sic] Yes to download official intrusion detection system (IDS software).

Security Shield Pro 2011 Warning
Intercepting programs that may compromise your private and harm your system have been detected on your PC.
Click here to remove them immediately with Security Shield Pro 2011.

Breaking Past the Security Shield Pro 2011 Blockade

Besides distracting you with errors about unreal threats, Security Shield Pro 2011 may also stop you from using any number of other applications, not because they're infected, but because Security Shield Pro 2011 doesn't want you to access anti-malware tools. Accordingly, the usual victims of Security Shield Pro 2011's wall-off include basic Windows programs like MSConfig, Task Manager and the Registry Editor, as well as popular brands of anti-malware scanners.

There are several ways you can work past this:

  • Renamining the program executable files. Most rogue programs like Security Shield Pro 2011 will allow files named 'iexplore.exe' or 'explorer.exe' to launch without checking anything beyond the file name.
  • Using this free code to register Security Shield Pro 2011: '64C665BE-4DE7-423B-A6B6-BC0172B25DF2.' Registration may lower the frequency of Security Shield Pro 2011's attacks, but you should still get rid of Security Shield Pro 2011 when possible.
  • Switching to Safe Mode or rebooting your computer from an external source or with a different operating system. Any of these tactics will keep Security Shield Pro 2011's startup Registry entries from triggering, so Security Shield Pro 2011 won't be active to block your applications.

Security Shield Pro 2011 and similar rogue programs are also known to hijack web browsers, and you should be suspicious of any strange browser error messages or links that appear while Security Shield Pro 2011 is active.


ScreenshotScreenshotScreenshotScreenshotScreenshot

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %AppData%\Security Shield Pro\SSP.exe
    2 %AppData%\Security Shield Pro\Support.url
    3 %Desktop%\Security Shield Pro on the Web.lnk
    4 %Desktop%\Security Shield Pro.lnk
    5 %Documents and Settings%\[UserName]\Local Settings\Application Data\pemd_mvc.dat
    6 %Documents and Settings%\[UserName]\Local Settings\Application Data\sig_light.dat
    7 %Documents and Settings%\[UserName]\Local Settings\Application Data\sig_light2.dat
    8 %Documents and Settings%\[UserName]\Local Settings\Application Data\Support
    9 %Documents and Settings%\[UserName]\Local Settings\Application Data\unins000.exe
    10 %Documents and Settings%\[UserName]\Local Settings\Application Data\vk_bhotb.dat
    11 %Documents and Settings%\[UserName]\Local Settings\Application Data\vk_sscan.dll
    12 %Documents and Settings%\[UserName]Local Settings\Application Data\SSP.exe
    13 %Documents and Settings%\[UserName]Local Settings\Application Data\unins000.dat
    14 %Programs%\Security Shield Pro\
    15 %Programs%\Security Shield Pro\Security Shield Pro on the Web.lnk
    16 %Programs%\Security Shield Pro\Security Shield Pro.lnk
    17 %Programs%\Security Shield Pro\Uninstall Security Shield Pro.lnk
    18 %UserProfile%\Application Data\Microsoft\Security Shield Pro 2011.exe
    19 c:\Documents and Settings\[USERNAME]\Local Settings\Application Data\[RANDOM CHARACTERS].exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKCU\Software\Microsoft\Windows\CurrentVersion\Run "SSP"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "%Documents and Settings%\[UserName]Local Settings\Application Data\SSP.exe"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Security Shield Pro_is1
Loading...