Severity scale  
  (72/100)

Windows Firewall Constructor. How to Remove? (Uninstall Guide)

removal by - -   Also known as WindowsFirewallConstructor | Type: Rogue Antispyware
12

Windows Firewall Constructor is a rogue anti-spyware program that uses fake security alerts and non-existent infection as a tactic to scare you into thinking that your computer in infected with malware. It is installed through fake online malware scanners, trojans and hacked sites. It may come bundled with other malware as well or use software vulnerabilities to enter the targeted system. However, most of the time Windows Firewall Constructor has to be manually installed. When the program performs a fake scan it will detect non-existent infections and won't allow you to remove them until you purchase the rogue program. Found infections either do not exist or can't actually damage your computer since they are not harmless. Do not purchase it. Otherwise, you will lose your money and you may be exposed to identity theft. Windows Firewall Constructor is a scam program, it won't remove any infections and it won't protect your computer from viruses whatsoever. If you are infected with this rogue program, use the removal guide below to remove Windows Firewall Constructor and related malware as soon as possible.

While Windows Firewall Constructor is running you will also see many fake security alerts and notifications on your computer. These warnings will state that your computer is infected.

Error
Keylogger activity detected. System information security is at risk.
It is recommended to activate protection and run a full system scan.

Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

It blocks other programs on your computer and hijacks web browsers as well. It goes without saying that you should ignore anything this program reports to you and uninstall it immediately. Please note that Windows Firewall Constructor may come bundled with other malware or even rootkits so we strongly recommend you to use legit anti-spyware program to remove the rogue program and related malware from the system. Also, if you have already purchased it, then you please contact your credit card company and dispute the charges. If you can't run anti-spyware program in normal mode, then you can reboot your computer in safe mode with networking and try again.

The latest parasite names used by FakeVimes:
Windows Internet Guard, Windows Web Watchdog, Windows AntiBreach Patrol, Windows Antivirus Patrol, Windows Pro Defence Kit

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
Reimage - remover Happiness
Guarantee
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Windows Firewall Constructor. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Windows Firewall Constructor. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
Plumbytes
We are testing Plumbytes's efficiency (2012-02-29 08:42)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2012-02-29 08:42)
Hitman Pro
Webroot SecureAnywhere AntiVirus
Windows Firewall Constructor screenshot
Windows Firewall Constructor snapshot

Windows Firewall Constructor manual removal

Kill processes:
Inspector-[rnd].exe
Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
Unregister DLLs:
npswf32.dll

Delete files:
%appdata%\npswf32.dll
%appdata%\Inspector-[3 random characters].exe
%desktopdir%\Windows Firewall Constructor.lnk
%appdata%\result.db
%StartMenu%\Programs\Windows Firewall Constructor.lnk

Information updated:

Comments on Windows Firewall Constructor

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)