Windows Privacy Module. How to remove? (Uninstall guide)

removal by Olivia Morelli - -   Also known as Windows Privacy Module | Type: Rogue Antispyware
12

Windows Privacy Module is scareware that uses misleading tactics to trick users into purchase completely bogus PC security product. This rogue anti-spyware program displays a list of predetermined malware infections on compromised computer to scare users into believing that their machines are indeed infected by malicious software. Windows Privacy Module also displays fake security alerts and pop-ups saying that your computer is infected or might be infected with some serious malware; let's say banking trojans or malware that steals personal information when visiting popular sites and entering your login credentials. While other pop-ups may claim that your computer is under attack from servers controlled by hackers or scammers. One way or another, this rogue program floods the compromised computer with many fake security alerts just to make the impression of badly infected computer.

Once installed, Windows Privacy Module will pretend to scan the compromised computer for viruses and spyware. In reality thought, the rogue program simply loads a list of infections and randomly lists them in order to fill in the table where supposedly found malware are being displayed. Just like all the fake security alerts, these fake scan results can be safely ignore. Do not follow its on screen instructions, do not pay for fake virus removal and do not attempt to uninstall reported files manually. First, you probably won't even find those files and secondly, you may remove genuine Windows files which may cause random system crashes.

When running, Windows Privacy Module will also block Windows task manager or simply replace with its own. You won't be able to run registry editor and some other Windows tools that might be useful when dealing with this virus. Hopefully, all these tools can be used without any restrictions in safe mode with networking or you can try to disable the rogue program manually which isn't that difficult because the malicious files is dropped in the Application Data folder and can be renamed very easily. See the list of malicious files below. Once you rename the file, restart your computer and the rogue program shouldn't start and as a result it won't block legitimate malware removal software. Also, it won't redirect your web browser to misleading sites or block security related web pages.

If your computer is infected with Windows Privacy Module, download an automatic removal tool give below and run a full scan. Even if you removed core files of this infection manually, you still need to scan your computer with legitimate malware removal software to remove associated malware from your computer and to ensure that your PC is completely clean.

The latest parasite names used by FakeVimes:
[newest]

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Windows Privacy Module you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Windows Privacy Module. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.
Windows Privacy Module snapshot
Windows Privacy Module

Windows Privacy Module manual removal:

Kill processes:
Protector-[rnd].exe

Delete registry values:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMainFeatureControlFEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings "WarnOnHTTPSToHTTPRedirect" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegedit" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegistryTools" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableTaskMgr" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "Inspector"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "ID" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "net" = "2012-2-17_2"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "UID" = "rudbxijemb"

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avp32.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avpcc.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashDisp.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsdivx.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmostat.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsplatin.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstapinstall.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionszapsetup3001.exe



Unregister DLLs:
npswf32.dll

Delete files:
Protector-[rnd].exe

npswf32.dll

About the author

Olivia Morelli
Olivia Morelli - Ransomware analyst

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

More information about the author