1 of 3
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Can't be uninstalled via Control Panel
  • Blocks system files from running
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Normal system programs crash immediatelly
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer

Windows Web Watchdog

Windows Web WatchDog is another rogue application that belongs to FakeVimes family. This program is not going to do anything beneficial for you because it just seeks to extort money from computer users. It uses one main tactics, which is to convince computer users that their systems are badly infected by malicious software. Thus, do not be surprised if you notice a strange program that performs a scan and then provides a long list of infections that are supposedly residing on your PC. You should not believe it because it is just a simulated program. Besides, you should erase it as soon as possible because you will not be able to access any of your programs and documents unless you do that. Unfortunately, it is not very easy to get rid of it, which is why we are here to help you.

This rogue application is going to display various fake warnings in order to scare you (find an example below). If you wonder why it does that, you should know that its main purpose is just to lure you into buying a full version of the program. It is not very cheap and you will definitely lose your money; however, it is not the most important factor. Our specialists have found out that you will be required to enter all the main details of your credit card during the purchase. It means that all this data will be also available for cyber criminals as well. They might do different unfair activities with these details and even steal the rest of your money. Have you already paid for this fake program? Try calling your credit card issuer and canceling the payment.

Internet Explorer

C:\Windows\system32\iexplore.exe

is suspected to have infected your PC.

This type of virus intercepts entered data and transmits them to a remote server.

You should definitely avoid different kinds of advertisements which claim that your system is infected and offers a free scanner. What is more, it is important to avoid adult websites and spam e-mail. Besides, you should always keep your reliable antimalware tool enabled all the time. If you do so, you will be able to avoid Windows Web WatchDog and similar programs.

The removal of Windows Web WatchDog is rather complicated and manual removal is basically suitable for those that have much experience in malware removal. Thus, we have provided the instructions that will allow you to download a reliable malware remover. It will detect and remove this rogue application in a blink of an eye. You can also enter the activation key by clicking on the question mark and then selecting Register.

Activation keys:

0W000-000B0-00T00-E0022

0W000-000B0-00T00-E0021

How to remove Windows Web WatchDog

  1. Restart your computer.
  2. Start tapping F8 when BIOS splash screen loads.
  3. Select Safe Mode with Command Prompt using arrow keys.
  4. Tap Enter.
  5. Type cd.. alongside C:\Windows\system32 and press Enter.
  6. Type explorer.exe next to another line and tap Enter.
  7. Click the Start button to open the menu select Search/launch RUN.
  8. Type in %appdata% and press Enter.
  9. Locate svc-[random file name].exe and delete it.
  10. Restart your computer and repeat the 7th step again.
  11. Type in regedit and tap Enter.
  12. Go to HKEY_CURRECT_USER\Software\Microsoft\Windows NT\Current Version\Winlogon .
  13. Right-click on the Shell and then select Modify.
  14. Type %WinDir%\Explorer.exe and click OK.
  15. Visit http://www.pcthreat.com/download-sph .
  16. Download the recommended tool and erase Windows Web Watchdog.
Download Spyware Removal Tool to Remove* Windows Web Watchdog
  • Quick & tested solution for Windows Web Watchdog removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Windows Web Watchdog

Files associated with infection (Windows Web Watchdog):

%AllUsersProfile%\Start Menu\Programs\Windows Web Watchdog.lnk
%UserProfile%\Desktop\Windows Web Watchdog.lnk
%AppData%\reg.dat
%AppData%\data.sec
%AppData%\svc-[random].exe

Processes to kill (Windows Web Watchdog):

%AppData%\svc-[random].exe

Remove registry entries (Windows Web Watchdog):

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%AppData%\svc-[random].exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "ctfmon" = %AppData%\svc-[random].exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "MS-SEC" = %AppData%\svc-[random].exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SD-986-001" = %AppData%\svc-[random].exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "S_SC" = %AppData%\svc-[random].exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "ZSFT" = %AppData%\svc-[random].exe
HKEY_LOCAL_MACHINE\Software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\k9filter.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpUXSrv.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableVirtualization" = 0
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\bckd "ImagePath" = 22.sys
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.