SpyWatchE
SpyWatchE is a rogue anti-virus application that can easily penetrate a target computer using modern techniques. Users should be warned that they might be exposed to SpyWatchE when paying a visit to malicious web sites. The hard thing about this virus is you will never know that it is entering the system and executing its payload silently. SpyWatchE may carry out actions without alarming your installed anti-virus application. When successfully loaded on one’s computer, this rogue application will produce a number of dishonest security risks findings and reports virus presence.
This copy of SpyWatchE is running as evaluation version. Expectedly, the program will prompt user to pay for the registered version in order to remove identified threats. In reality, none of the threats lives inside the computer. It is a misleading technique used by malware authors to deceive victims and encourage them that paid version of SpyWatchE can resolve the issues.
Screen Shot Image:
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Characteristics (Analysis)
SpyWatchE is a rogue security application that can be installed unknowingly on target computer using Trojan Downloader. It can also get inside the system by manual installation. This unwanted program comes embedded on various shareware applications that can be downloaded from different web servers. Once installed, SpyWatchE do not infect other files on the system. It does not have the capability to spread over a network of computers. It main goal is to market itself by deceptive means. Thus, it excessively displays fake security alerts and task bar warning on the affected computer.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"SpyWatchE" = "C:\Program Files\SpyWatchE\SpyWatchE.exe"Associated Files and Folders:
%UserProfile%\Desktop\SpyWatchE.lnk %UserProfile%\Start Menu\Programs\SpyWatchE\SpyWatchE.lnk %UserProfile%\Start Menu\Programs\SpyWatchE\Uninstall.lnk %ProgramFiles%\SpyWatchE\SpyWatchE.dll %ProgramFiles%\SpyWatchE\SpyWatchE.exe %ProgramFiles%\SpyWatchE\SpyWatchE.lic %ProgramFiles%\SpyWatchE\SpyWatchE0.dll %ProgramFiles%\SpyWatchE\SpyWatchE0.se %ProgramFiles%\SpyWatchE\SpyWatchE1.dll %ProgramFiles%\SpyWatchE\Spywatche1.se %ProgramFiles%\SpyWatchE\Uninstall.exe
How to Remove SpyWatchE
1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. Open your antivirus application and update the virus definition file. This method ensures that your antivirus program can detect even newer variants of SpyWatchE
3. Start Windows in Safe Mode with Networking.
- From a power-off state, turn on the computer and press F8 on your keyboard repeatedly.
- Your computer will display Windows Advanced Boot Options menu. Please select Safe Mode with Networking.
- The system will now boot Windows and loads only necessary drivers and files.
4. Open your antivirus program and run a full system scan. After the scan, delete all infected items. If unable, better place them in quarantine. Once the scan is complete, please proceed with the next step.
Online Virus Scanner:
Another way to remove SpyWatchE without the need to install additional antivirus application is to perform a thorough scan with free online virus scanner that can be found on websites of legitimate anti-virus and security provider.
5. Go to Online Virus Scanner list and run a virus scan. This may require plug-ins, add-on or Activex object, please install if you want to proceed with scan.
6. After completing the necessary download, your system is now ready for online virus scanning.
7. Select an option in which you can thoroughly scan the computer to make sure that it will find and delete entirely all infections not detected on previous scan.
8. Remove or delete all detected items.
9. When scanning is finished you may now restart the computer in normal mode.