1. Symantec/
  2. Security Response/
  3. SecurityShieldFraud


July 17, 2013 10:46:28 AM
Also Known As:
Troj/FakeAV-CDA [Sophos]
Misleading Application
Risk Impact:
Systems Affected:
Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
The program must be manually installed.

The program displays a message once it has been installed.

The program reports false or exaggerated system security threats on the computer.

The user is then prompted to pay for a full license of the application in order to remove the threats.

The program periodically displays messages informing the user that the computer has been infected.

When the program is executed, it creates the following files:
  • %UserProfile%\Local Settings\Application Data\[RANDOM NUMBER].exe
  • %UserProfile%\Start Menu\Programs\Security Shield.lnk
Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube