In 2013, it was discovered that it's servers are currently down, and any registration key entered in its download window is useless.
It had its own website, Navashield.com. NavaShield's site looked very user friendly like any antivirus website, so normal Windows users may have thought it was a good antivirus. When installed, the user interface looks friendly, like many real antiviruses.
The rogue does not do anything until one week has passed, when it begins nagging the user to buy the "full" version. It does this by making an annoying ticking sound and displaying an ad encouraging you to buy NavaShield. After the rogue has been on the system for several more weeks, it attempts to simulate an actual malware infection to get the user to purchase the fake program. To do this, it spams obnoxious laughter through the speakers, pops up porn sites and random windows, the TTS voice says things like "f*ck you", and attempting to email fake addresses.
Another variant of Navashield will fake a malware infection by displaying an inescapable message box that says "Disk drive C:\ is being deleted" and slowly grows while making a beeping sound. Eventually it consumes the entire screen, and afterwards it flashes to your desktop wallpaper, but with no icons, taskbar, etc. Some minutes after rebooting, the screen goes back to normal.