Security Shield is a variant of Win32/Winwebsec
- a family of programs that claims to scan for malware and displays fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats.
In mid to late January this variant of Win32/Winwebsec was observed being distributed via Twitter. A number of tweets were sent to users that contained a malicious link that directed them (via a redirector) to download a copy of the Security Shield variant of Rogue:Win32/Winwebsec.
programs are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products will detect and remove this threat: