Privacy Protection

Privacy Protection Description

Type: Rogue AntiSpyware Programs

ScreenshotPrivacy Protection is a fairly typical rogue anti-virus application. 'Rogue anti-virus application' is a term that computer security analysts use to refer to a kind of malicious software that pretends to be a legitimate security program. Privacy Protection and similar applications are part of a convoluted scam designed to take advantage of the relative inexperience of most computer users. Instead of merely infecting a computer system with a virus, worm or Trojan, rogue anti-virus programs like Privacy Protection will do this but also pretend to be legitimate security programs. To make the scam more convincing, Privacy Protection emulates the layout, design and logos of legitimate security programs like Microsoft Security Essentials and Windows Defender.

How the Privacy Protection Scam Works

Once the computer is infected with a variety of problem-causing malware threats, Privacy Protection 'helpfully' offers to get rid of the problems that Privacy Protection itself caused. Of course, this help is not free; rogue anti-virus programs like Privacy Protection charge for a useless 'full version' or for a 'license', in order to remove the infection from your computer system. In a sense, these kinds of programs take your computer system hostage, making it practically unusable, until you pay to have the problems removed. However, ESG PC security advisers strongly recommend that you do not purchase Privacy Protection or any other rogue security program. In every case, the Trojans and malicious scripts on your computer system are not removed by paying the amount that is demanded. While sometimes the most annoying symptoms may subside, a Trojan infection will still reside on your computer system, affecting your computer's performance and placing your data at risk. Another reason why you should never pay for a program such as Privacy Protection is that doing so makes your credit card information available to the criminals behind this online scam, making you the probable target of identity theft or credit card fraud. Instead of paying for this useless program, remove Privacy Protection with a legitimate anti-malware application.

Probable Sources of a Privacy Protection Infection

Privacy Protection and similar rogue security programs usually infect a computer system through a Trojan infection. Trojans associated with Privacy Protection are typically found on unsafe websites, such as pornographic websites, file sharing websites or websites with numerous unsafe advertisements. Trojans associated with Privacy Protection may also be found in spam email attachments or bundled along with popular files on peer-to-peer file sharing networks.ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

Technical Information

Screenshots & Other Imagery

SpyHunter Detects & Remove Privacy Protection

File System Details

Privacy Protection creates the following file(s):
# File Name MD5 Detection Count
1 privacy.exe e82b82f34da61d9d3abf980709e525a6 8
2 defender.exe N/A
3 [RANDOM CHARACTERS].exe N/A
More files

Registry Details

Privacy Protection creates the following registry entry or registry entries:
Registry key
HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
HKEY_CLASSES_ROOT\BrcWizApp.BrcWiz.1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe;"
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\defender.exe” /sn"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "rundll32" = ""
HKEY_CLASSES_ROOT\Interface\{4B66E1DF-4DE3-4CDA-83B5-11673EADAB0B}
HKEY_CLASSES_ROOT\BrcWizApp.BrcWiz
HKEY_CURRENT_USER\Software\Microsoft "adver_id" = "29"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "rundll32" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = "0"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Privacy Protection
HKEY_CLASSES_ROOT\TypeLib\{58B4E0F5-F122-4C02-B038-C482D998486A}
HKEY_CLASSES_ROOT\CLSID\{80c10400-59cb-4c79-97ce-cc693103afca}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Malware Protection"
HKEY_CURRENT_USER\Software\Malware Protection
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{80c10400-59cb-4c79-97ce-cc693103afca}

More Details on Privacy Protection

The following messages associated with Privacy Protection were found:
Security Warning
Malicious program has been detected. Click here to protect your computer.
taskmgr.exe can not start
File taskmgr.exe is infected by W32/Blaster.worm. Please activate Spyware Protection to protect your computer.

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

2 Comments

  • Manuel Orozco:

    Just wanted to say Thanks for your hard work.

  • Tecsan Alin:

    I am tired of this crap.Every click on internet lead to blaster worm hosting server.
    A key to tame him and clean the pc is : Y76REW-T65FD5-U7VBF5A