Menu Close

Windows Shield Tool rogue anti-spyware program

Windows Shield Tool is a rogue anti-spyware program from the Rogue.VirusDoctor family. This program is classified as a rogue as it displays false information in order to trick you into purchasing the program. This particular variant is spread via two methods. The first method is the use of hacked web sites that exploit visitor’s vulnerable programs in order to install the rogue without their permission. The second method uses web sites that display fake online anti-malware scanners that pretend to scan your computer, state that it is infected, and then prompt you to download and install Windows Shield Tool in order to clean it.

Once the rogue is installed on your computer it will be configured to start automatically when Windows starts. Once started it will perform a fake scan and then state that there are numerous infections present. If you attempt to use the program to remove these infections, though, it will state that you first need to purchase it before it can do so. This is a scam as the scan results are all fake, and in many cases, the infected files do not even exist on your computer. Therefore, please ignore the scan results and do not purchase the program.

 

 

Windows Shield Tool screenshot
Windows Shield Tool screenshot
For more screen shots of this infection click on the image above.
There are a total of 4 images you can view.

 

While the rogue is running it will also hijack many of the infected computer’s functions. For example, when you attempt to run an executable it will terminate it automatically. Furthermore, Windows Shield Tool will hijack the Windows Task Manager and Registry editor so that when you launch them, it will instead open the rogue’s Advanced Process Control screen, which acts like a task manager. This allows the rogue to take full control of your computer until you pay the “ransom”.

Last, but not least, this infection will also display fake security warnings that are designed to make you think that your computer has a severe computer security problem. These warnings may state that your computer is downloading copyrighted material, has viruses, or is sending out spam email.

Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Error
Attempt to run a potentially dangerous script detected.
Full system is highly recommended.

Warning! Virus Detected
Threat detected: FTP Server
Infected file: C:\Windows\System32\dllcache\wmploc.dll

Just like the scan results, all of these security alerts are fake and should be ignored.

As you can see, Windows Shield Tool is a scam that was created to trick you into thinking your computer was severely infected so that you will then purchase it. For no reason should you purchase this program, and if you have, you should contact your credit card company and dispute the charge stating that the program is a scam and a computer virus.