Windows Virtual Firewall is trying everything to look legitimate. And it actually might look like a good anti-spyware for you, however, it's not. It is another rogue antispyware software from Fakevimes family. Upon infiltration it will instantly show up and scan your computer. After a really short scan it will show up with lot's of viruses that are supposedly infected your computer. However, keep in mind that Windows Virtual Firewall is capable to warn its victims only about fake viruses that don't even exist. The only thing that this program wants you to do is to purchase a licensed version of it. However, considering Windows Virtual Firewall's aggressive behavior, it is very important to remove it from system as soon as possible.
Methods of Windows Virtual Firewall distribution
Windows Virtual Firewall probably infected your computer through some unauthorised updates or new software you installed. The only way to defend yourself from such kinds of infections is to use a reputable anti-spyware software. Windows Virtual Firewall is able to block some antivirus programs from running, so it is advised to use more than one. Additionally, it makes itself start when windows starts. As a result, Windows Virtual Firewall shows false spyware detection alerts and fake scanner ads, which tells you that you are very dangerously infected. These messages might pop up every 5-10 minutes, to catch your attention and just to annoy.
Here's an example of Windows Virtual Firewall alert:
Windows Virtual Firewall Alert
Potential Threat Details
Windows Virtual Firewall detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click ‘show details’ to learn more.
By scaring you is the easiest way to make you purchase a licensed version of Windows Virtual Firewall. However, if you actually bought it, that means you gave away your money to scammers. Just make sure you cancel any pop ups of Windows Virtual Firewall that asks to purchase a licensed version. If you have already paid for Windows Virtual Firewall, contact your credit card company to dispute the charges and, of course, just remove Windows Virtual Firewall from your PC.
How to remove Windows Virtual Firewall?
We recommend using Reimage or Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus as these are the best anti-malware tools according to our tests, and these tools will find and remove all infected files for you automatically.[newest]
The latest parasite names used by FakeVimes:
Windows Virtual Firewall manual removal:
Delete registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegedit" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegistryTools" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableTaskMgr" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "ID" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "net" = "2012-2-17_2"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avp32.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avpcc.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashDisp.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsdivx.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmostat.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsplatin.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstapinstall.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionszapsetup3001.exe
There are more similar entries, you should let spyware Doctor to identify them.