Windows Private Shield is a rogue anti-spyware program that performs a fake system scan and outputs many, usually more than twenty, false system security threats and infections to make you think that your computer is infected with spyware, adware, worms and other viruses. The rogue anti-spyware program is promoted via Trojan downloaders and droppers, fake online virus scanners and spam messages. Once installed, Windows Private Shield will report numerous fake and non-existent infections and then will ask to purchase the program to remove the infections in order to clean your PC and protect it against other malware threats. Of course, you shouldn't buy it, because Windows Private Shield is nothing more but a scam and it won't protect your computer or remove any infections simply because they do not exist. Instead, please use the removal instructions below to remove Windows Private Shield from your computer using legitimate malware removal software listed below.
When running, the rogue anti-spyware program will block legit PC software and state that it's infected or corrupted. Of course, it will block anti-virus and anti-spyware programs in the first place, but that's not all, it will also block such programs as notepad or task manager and Windows registry editor. Some of the fake Windows Private Shield popups will impersonate Widows Security Center and will claim that your computer is not protected or under attack from the net. It will also display fake security alerts and pop-ups like every on or two minutes. Some of the fake security alerts read:
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.
Recomended: Please use secure encrypted protocol for torrent links.
Torrent link detected!
Receiving this notification means that you have violated the copyright laws. Using Torrent for downloading movies and licensed software shall be prosecuted and you may be sued for cybercrime and breach of law under the SOPA legislation.
Please register your copy of the AV to activate anonymous data transfer protocol through the torrent link.
As you can see, Windows Private Shield is absolutely useless and scam program that should be removed from the computer upon detection. If you have already purchased it, then you should contact your credit card company and dispute the charges. Then, follow the removal instructions below to remove Windows Private Shield and any related malware from your computer. We strongly recommend you to use legitimate malware removal software to remove this rogue security product from the system.
The latest parasite names used by FakeVimes:
Windows Private Shield manual removal:
Delete registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegedit" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegistryTools" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableTaskMgr" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "ID" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "net" = "2012-2-17_2"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avp32.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avpcc.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashDisp.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsdivx.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmostat.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsplatin.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstapinstall.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionszapsetup3001.exe