Windows Virtual Firewall is trying everything to look legitimate. And it actually might look like a good anti-spyware for you, however, it's not. It is another rogue antispyware software from Fakevimes family. Upon infiltration it will instantly show up and scan your computer. After a really short scan it will show up with lot's of viruses that are supposedly infected your computer. However, keep in mind that Windows Virtual Firewall is capable to warn its victims only about fake viruses that don't even exist. The only thing that this program wants you to do is to purchase a licensed version of it. However, considering Windows Virtual Firewall's aggressive behavior, it is very important to remove it from system as soon as possible.
Methods of Windows Virtual Firewall distribution
Windows Virtual Firewall probably infected your computer through some unauthorised updates or new software you installed. The only way to defend yourself from such kinds of infections is to use a reputable anti-spyware software. Windows Virtual Firewall is able to block some antivirus programs from running, so it is advised to use more than one. Additionally, it makes itself start when windows starts. As a result, Windows Virtual Firewall shows false spyware detection alerts and fake scanner ads, which tells you that you are very dangerously infected. These messages might pop up every 5-10 minutes, to catch your attention and just to annoy.
Here's an example of Windows Virtual Firewall alert:
Windows Virtual Firewall Alert
Potential Threat Details
Windows Virtual Firewall detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click ‘show details’ to learn more.
By scaring you is the easiest way to make you purchase a licensed version of Windows Virtual Firewall. However, if you actually bought it, that means you gave away your money to scammers. Just make sure you cancel any pop ups of Windows Virtual Firewall that asks to purchase a licensed version. If you have already paid for Windows Virtual Firewall, contact your credit card company to dispute the charges and, of course, just remove Windows Virtual Firewall from your PC.
How to remove Windows Virtual Firewall?
We recommend using Reimage or PlumbytesWebroot SecureAnywhere AntiVirus as these are the best anti-malware tools according to our tests, and these tools will find and remove all infected files for you automatically.Windows Internet Guard, Windows Web Watchdog, Windows AntiBreach Patrol, Windows Antivirus Patrol, Windows Pro Defence Kit
Windows Virtual Firewall manual removal
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
There are more similar entries, you should let spyware Doctor to identify them.
Geolocation of Windows Virtual Firewall
Removal guides in other languages
Comments on Windows Virtual Firewall
Post a comment
Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.