Windows Warding Module is a dangerous rogue anti-spyware, which belongs to a huge family of viruses known as Fakevimes (you can find the latest threats that belong to this family at the end of this post). Please, be very careful with this and any other Fakevimes virus because they all seek to steal people's money. For reaching this aim, Windows Warding Module displays fake alerts and system scanners that all report about tens of different viruses. Malware indicates exact locations where these 'viruses' are and then offers to remove these viruses. Of course, this service is not for free. It you fall for purchasing the licensed Windows Warding Module's version, you will lose your money. So, the most important thing when dealing with this rogue anti-spyware is to ignore its warnings and remove Windows Warding Module from the system.
HOW CAN Windows Warding Module INFILTRATE MY MACHINE?
As allways, Windows Warding Module is spread with a help of trojans. Scammers rely on these threats because they can easily infiltrate poorly protected systems and make there unnoticeable system changes. Typically, it adds its own registry values so that Windows Warding Module could start its work every time victim reboots computer. Once it's done, malware starts showing misleading scanners and then reports about tens of different viruses. Windows Warding Module's alerts always look like that:
Firewall has blocked a program from accessing the Internet
c:\windows\system32\iexplore.exe is suspected to have infected your PC.
This type of virus intercepts entered data and transmits themto a remote server.
Attempt to run a potentially dangerous script detected.Full system scan is highly recommended.
System data security is at risk!To prevent potential PC errors, run a full system scan.
Keep in mind that Windows Warding Module seeks to scare you into believing that your machine is dangerously infected. In reality, it detects only legitimate system files or nonexistent viruses. That's why you can easily ignore Windows Warding Module's alerts and never take them serious. If you were tricked to purchase Windows Warding Module license, you should waste no time and contant your credit card company. Besides, you must remove Windows Warding Module from the system.
HOW TO REMOVE Windows Warding Module?
If you see continuous alerts from Windows Warding Module, you should scan your computer with one of these programs:Malwarebytes Malwarebytes, Reimage, Plumbytes Anti-MalwareNorton Internet Security. Note that virus may block these programs and try to postpone its removal. In this case you should reboot your PC into Safe Mode with Networking and lauch your anti-spyware again.
The latest parasite names used by FakeVimes:
Windows Warding Module manual removal:
Delete registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "GuardSoftware" = "%AppData%guard-toiy.exe"
HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWinlogon "Shell"="C:\Users\User\AppData\Roaming\guard-fvtb.exe"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsseces.exe "Debugger"="svchost.exe"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsmpeng.exe "Debugger"="svchost.exe"