Posts Comments

How to Remove Private Shield

By dojo on May 23, 2012 Leave a Comment

What is Windows Private Shield?

Windows Private Shields is a false security client. Once installed on the users computer it acts like a real security client. All the scan results and warnings given off are bogus.

 How Did I get infected with Windows Private Shield?

There are several ways in which users get infected. The main reason is from a drive by download. This happens when a normal website gets hacked and malicious code is installed. When you visit the website a forced download happens and the virus installs it's self. If you did not install any programs at the time you got infected then chances are you did not have a good antivirus to protect your computer. You should consider upgrading to a antivirus client that can block such infections.

What is Windows Private Shield Doing to My Computer Right Now?

The scan results found by this bogus security client are all fake.  The warning messages shown are also fake. Normally Windows Private Shield hijacks the users desktop on XP systems and shows the following message:

Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Error
Attempt to run a potentially dangerous script detected.
Full system scan is a highly recommended.

Error
Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan.

From our testing's we found that Windows Private Shield will block executable files from running. This can make it very hard to remove.

Here are some examples of FALSE messages that Windows Private Shield puts out.

Windows Private Shield Warning
Your PC is infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
Click here to activate protection.

Windows Private Shield Warning

Intercepting programs that may compromise your private and harm your system have been detected on your PC.
Click here to remove them immediately with Windows Private Shield.

Warning: Your computer is infected
Windows has detected spyware infection!
Click this message to install the last update of Windows security software…

Windows Private Shield

Private Shield

» Download Windows Private Shield Removal Software

You need to remove Windows Private Shield as soon as you can. In many cases users have other hidden trojans installed on their computer as well. This is why it's so important to run a full virus scan even if you follow the manual removal guide below. Be sure to run a full virus scan once you have manually removed Windows Private Shield.

Automatic Windows Private Shield Removal

Online Windows Private Shield Removal Service

computer repair

Windows Private Shield Video for Windows 7 / Windows Vista

HELP US:  We took the time to make this video and help you.  Please take a quick second and hit the facebook like button on the top right for us or write about our website somewhere online to help us grow our user base.

Don't forget.  If it's too hard for you to remove yourself or things just aren't working for you then a cheap route for repair is www.pcninja.com.

Remove Proxy Setting so You Can Connect to the Internet Again.

Private Shield

 

Windows Private Shield Manual Removal Procedures

The first step you must take in order to remove Windows Private Shield is to stop the following process. Watch the video for guidance.

  • Protector-[random].exe ( Example is Protector-1an.exe ) Your file trace will be named different.

To Stop this process you can

A. Browse to the file location shown below and re-name the file first and then restart your computer. Then browse to that file location again and delete the file.

B.  Boot into Safe Mode and delete the file

C:  Use this process explorer tool http://www.removevirus.org/process-killing-software-654  to find the location of the file and re-name it then delete after re-boot.

D:  Log-into another users account and see if you can delete the file.

E:  Start the Task Manager the very second you login and terminate the process that way.

The next step in Windows Private Shield removal is to delete the following file:

Windows XP:

  • C:\Documents and Settings\All Users\Application Data\[random]\Protector-[random].exe
  • New Path C:\Documents and Settings\USER NAME\Local Settings\Application Data

Windows Vista/7:

  • C:\ProgramData\[random characters ]\Protector-[random].exe
  • New Path C:\Users\USER NAME\AppData\Local
  • New Path C:\ProgramData\[random characters]\Protector-[random].exe (Please NOTE  ProgramData is a hidden folder)

Once you have deleted the above executable, Windows Private Shield will no longer be running. At this time you need to run a full virus scan. RUN THE  SCAN!. We recommend wither Spyware Doctor with Antivirus or Spyware Doctor with Antivirus. You need to ensure no other viruses are on your computer.  So many people skip this very simple step.  Take an extra few minutes and ensure you have all the viruses removed.

If you find this threat too hard to remove yourself and need an expert we recommend www.pcninja.com . They charge far less than others and are great at what they do.

Windows Private Shield Registry Removal Procedures

Once you have deleted the above Windows Private Shield file trace you will also want to remove the infected registry item. This is not a requirement as you already deleted the main executable.:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-5-20_4"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "jcplbfflpl"
HKEY_CURRENT_USER\Software\ASProtect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AluSchedulerSvc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gator.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msblast.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prizesurfer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teekids.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupdate.exe

You should now run a full security scan to ensure no other threats are installed on your computer. We recommend you download a copy of Spyware Doctor with Antivirus.

Windows Private Shield Directories:

  • %AppData%\
  • %CommonStartMenu%\Programs\
  • %Desktop%\

Conclusion

It is not recommended for inexperienced users to attempt to delete Windows Private Shield manually, as any mistake made during removal could result in your system getting damaged. Therefore, inexperienced users are advised to use a web-based repair service such as www.pcninja.com or legitimate antivirus software such as Spyware Doctor with Antivirus to completely and safely remove Windows Private Shield. Many of our users report they really like the look and feel of Spyware Doctor with Antivirus so that is the main client we have been starting to recommend.

We have also created a dedicated site at http://www.removemsremovaltool.com to help people out.

Related Article Keywords: Windows Private Shield, Remove Windows Private Shield, Windows Private Shield Removal, How to Remove Windows Private Shield

How to Thank Us for the Guide?  If we are able to help you out all we ask for in return is you bookmarking our site and writing about us on your blog or facebook page.  Posting a comment of thanks goes a long ways as well.  Helps to build trust with other users.

Filed Under: Virus Removal Tagged With: , , , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.