Home » Security » Windows Virtual Firewall virus – what is and how to remove

Windows Virtual Firewall virus – what is and how to remove

Tuesday, July 17th 2012 under Security by

Fake anti-virus programs have flooded the Internet space, and it becomes harder and harder to keep your computer system intact. Windows Virtual Firewall is yet another deceptive application, which lures victims into sending their money to hackers.


Although its name speaks about computer security, Windows Virtual Firewall is not going to help you keep your computer protected from viruses. Just the opposite, it’s going to subject your PC system to its own scheme and would open it up for other malware pieces. Most users think that Windows Virtual Firewall is genuine, because it has a seemingly legitimate interface. With this program, however, you should not believe in what you see. It will try to provoke your fear by showing a number of fake alerts and bogus scans.

Windows Virtual Firewall screenshot

This malicious virus can fully control its own actions, and you cannot stop it from launching. This is a result of malicious configurations that it makes upon its installation that enable it to start automatically whenever you turn on your computer. What is more, it is capable of blocking most of your applications in order to convince you that you have many viruses inside your PC.

Why does Windows Virtual Firewall try to scare you?

Since this program is designed to look like a real AV tool, it first makes sure to make you believe that you need its services. This is why it shows fake virus reports in every possible moment. In reality, though, the scans it performs are counterfeit, and they do not actually show real infections.

Why should you stay away from the full version of Windows Virtual Firewall?

As a matter of fact, the full version, which you are prompted to buy after each scan, does not exist. Even if you spend your money on it, you will not get the anti-virus program you would expect to get. Windows Virtual Firewall is a parasite, which is not only inefficient when it comes to removing viruses, but is also dangerous for your computer system. As we mentioned earlier, it makes malicious configurations, blocks most of your program and its alerts slow down your PC’s overall performance. Furthermore, this malware opens up security loopholes in your computer in order to make it easier for other parasites to sneak inside.

The faster you eliminate this villain, the less troubles it would manage to cause. Run a full scan of your machine with a genuine anti-virus program and get rid of this dangerous virus immediately!

 

How to manually remove Windows Virtual Firewall:

Kill Windows Virtual Firewall processes:
Protector-[rnd].exe

 

Delete Windows Virtual Firewall files:
%AppData%\Protector-[rnd].exe

 

Remove Windows Virtual Firewall registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “ID” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “2012-2-17_2″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “rudbxijemb”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe

*SpyHunter’s free scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter’s malware suite to remove the malware threats.

*SpyHunter's free scanner is only for malware detection. If it detects malicious software on your computer, you will need to purchase SpyHunter's malware tool to remove the detected threats.

Choose Language