Severity scale  
  (75/100)

Windows Virtual Firewall. How to Remove? (Uninstall Guide)

removal by - -   Also known as WindowsVirtualFirewall | Type: Rogue Antispyware
12

Windows Virtual Firewall is trying everything to look legitimate. And it actually might look like a good anti-spyware for you, however, it's not. It is another rogue antispyware software from Fakevimes family. Upon infiltration it will instantly show up and scan your computer. After a really short scan it will show up with lot's of viruses that are supposedly infected your computer. However, keep in mind that Windows Virtual Firewall is capable to warn its victims only about fake viruses that don't even exist. The only thing that this program wants you to do is to purchase a licensed version of it. However, considering Windows Virtual Firewall's aggressive behavior, it is very important to remove it from system as soon as possible.

Methods of Windows Virtual Firewall distribution

Windows Virtual Firewall probably infected your computer through some unauthorised updates or new software you installed. The only way to defend yourself from such kinds of infections is to use a reputable anti-spyware software. Windows Virtual Firewall is able to block some antivirus programs from running, so it is advised to use more than one. Additionally, it makes itself start when windows starts. As a result, Windows Virtual Firewall shows false spyware detection alerts and fake scanner ads, which tells you that you are very dangerously infected. These messages might pop up every 5-10 minutes, to catch your attention and just to annoy.

Here's an example of Windows Virtual Firewall alert:

Warning!
Location: c:\windows\system32\taskmgr.exe
Viruses: Backdoor.Win32.Rbot
Windows Virtual Firewall Alert
Potential Threat Details
Windows Virtual Firewall detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click ‘show details’ to learn more.


By scaring you is the easiest way to make you purchase a licensed version of Windows Virtual Firewall. However, if you actually bought it, that means you gave away your money to scammers. Just make sure you cancel any pop ups of Windows Virtual Firewall that asks to purchase a licensed version. If you have already paid for Windows Virtual Firewall, contact your credit card company to dispute the charges and, of course, just remove Windows Virtual Firewall from your PC.

How to remove Windows Virtual Firewall?

We recommend using Reimage or PlumbytesWebroot SecureAnywhere AntiVirus as these are the best anti-malware tools according to our tests, and these tools will find and remove all infected files for you automatically.Windows Internet Guard, Windows Web Watchdog, Windows AntiBreach Patrol, Windows Antivirus Patrol, Windows Pro Defence Kit

The latest parasite names used by FakeVimes:
Windows Internet Guard, Windows Web Watchdog, Windows AntiBreach Patrol, Windows Antivirus Patrol, Windows Pro Defence Kit

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
Reimage - remover Happiness
Guarantee
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Windows Virtual Firewall. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Windows Virtual Firewall. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
Plumbytes
We are testing Plumbytes's efficiency (2012-08-02 03:27)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2012-08-02 03:27)
Hitman Pro
Webroot SecureAnywhere AntiVirus
Windows Virtual Firewall screenshot
Windows Virtual Firewall snapshot

Windows Virtual Firewall manual removal

Kill processes:
Protector-[rnd].exe
Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
There are more similar entries, you should let spyware Doctor to identify them.
Delete files:
%AppData%\Protector-[rnd].exe

Geolocation of Windows Virtual Firewall

Map reveals the prevalence of Windows Virtual Firewall. Countries and regions that have been affected the most are: United States.

Removal guides in other languages


Information updated:

Comments on Windows Virtual Firewall

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)