Severity scale  
  (72/100)

Windows Shielding Utility. How to Remove? (Uninstall Guide)

removal by - -   Also known as WindowsShieldingUtility | Type: Rogue Antispyware
12

Windows Shielding Utility is a rogue anti-spyware program that deliberately displays fake security alerts and reports false system infections to make you think that your computer is infected with viruses and other dangerous computer threats. The graphical user interface of this rogue anti-spyware program is identical to other widely spread rogueware from the same family. When this malware is installed on your computer it will list a variety of dangerous infections and prompt you to pay for a full version of the rogue anti-spyware program to remove non-existent infections from the system. It goes without saying that you shouldn't purchase this bogus program. We strongly recommend you to remove Windows Shielding Utility from your computer as soon as possible to avoid future damage.

Windows Shielding Utility is installed mostly via fake online anti-spyware scanners and Trojans. Trojans, usually FakeAV, display fake security alerts and notifications stating that your PC is infected or under attack by an Internet virus. FakeAV variants may also download additional malware on to your computer and make the situation even more complicated. It may for example install a password stealer on the compromised computer and steal your sensitive information. Once active, Windows Shielding Utility will be automatically configured to demonstrate system scan and display bogus results each time you log on into Windows. As we have already mentioned, the scan results are fake, you may safely ignore them. The main goal of this infection is to trick you into purchasing totally bogus software.

Furthermore, Windows Shielding Utility will block security related programs and certain websites to protect itself from being deleted. It may disable Task Manager, Registry Editor and other Windows system tools as well. The program will also impersonate Windows Security Center and state that you must purchase Windows Shielding Utility to ensure full system protection. As you can see, this program is nothing more but a scam. Please use the removal guide below to remove Windows Shielding Utility from your computer once and for all.

The latest parasite names used by FakeVimes:
Windows Internet Guard, Windows Web Watchdog, Windows AntiBreach Patrol, Windows Antivirus Patrol, Windows Pro Defence Kit

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
Reimage - remover Happiness
Guarantee
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Windows Shielding Utility. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Windows Shielding Utility. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
Plumbytes
We are testing Plumbytes's efficiency (2012-08-02 01:54)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2012-08-02 01:54)
Hitman Pro
Webroot SecureAnywhere AntiVirus
Windows Shielding Utility screenshot
Windows Shielding Utility snapshot

Windows Shielding Utility manual removal

Kill processes:
Protector-[rnd].exe
Delete registry values:
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Policies\\System "DisableRegedit" = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Policies\\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Policies\\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Run "Inspector"
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Settings "net" = "2012-3-11_2?
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Settings "UID" = "origkboryd"
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\InternetExplorer\\Main\\FeatureControl\\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\atcon.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\bipcp.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\ecengine.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\infwin.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\msconfig
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\PavFnSvr.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\sahagent.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\titaninxp.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\wsbgate.exe
Delete files:
%AppData%\NPSWF32.dll
%AppData%\Protector-3 characters.exe
%AppData%\result.db
%CommonStartMenu%\Programs\Windows Shielding Utility.lnk
%Desktop%\Windows Shielding Utility.lnk

Information updated:

Comments on Windows Shielding Utility

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)