Windows Shield Tool is a rogue anti-spyware program that reports non-existent infections and computer security threats. The main goal of this program is to convince you that your computer is infected with viruses and that you should purchase a full version of WindowsShieldTool to protect your computer from all dangerous malware circulating on the net right now. Of course, we strongly recommend you not to do so because this program is nothing more but a scam. Instead, remove Windows System Suite from the system as soon as possible; otherwise it may cause serious problems and lead to data loss.
Usually, Windows Shield Tool is promoted through the use of Trojans and fake online virus scanners. Those fake scanners display warnings about serious computer problems and recommend you to download bogus security program to remove supposedlt found infections. Regardless of what you click in those warnings, you will be redirected to the pay page of this bogus anti-spyware program. This parasite is also distributed via infected and hacked websites that lead to rogue infections.
When running, Windows Shield Tool will imitate system scan and report a variety of infections, from adware to rootkits. Those infections of course are false and won't harm your computer. The rogue program will state that your computer is infected with Spyware, Trojans and adware. In reality, though, the only infection is Windows Shield Tool itself. To make things worse, it will display legitimately looking security alerts from Windows Task bar. Some of them may look very realistic as they usually impersonate existing Windows alerts and notifications.
Keylogger activity detected. System information security is at risk.
It is recommended to activate protection and run a full system scan.
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.
Your web will be hijacked and you won't be able to open certain security websites or download antivirus program. It is possible that your computer will works slower than usual because of this malicious program. If you can't run anything on your computer, try rebooting the system in safe mode with networking and running our recommended malware removal tool. Do not purchase this rogue program. Contact your credit card company and tell them what happened if you already paid for this virus. Please use the removal guide below to remove Windows Shield Tool from your computer.
The latest parasite names used by FakeVimes:
Windows Shield Tool manual removal:
Delete registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegedit" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegistryTools" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableTaskMgr" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "ID" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "net" = "2012-2-17_2"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avp32.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avpcc.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashDisp.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsdivx.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmostat.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsplatin.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstapinstall.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionszapsetup3001.exe
%appdata%Inspector-[3 random characters].exe
%desktopdir%Windows Shield Tool.lnk
%StartMenu%ProgramsWindows Shield Tool.lnk