Watcher
Watcher is a worm that uses large quantities of email-based spam to spread itself to new computers. Although Watcher is an older threat, the dangers inherent in a Watcher infection are considered to be severe and shouldn't be underestimated. In addition to using email, Watcher may also proliferate by taking advantage of network-shared resources or removable storage devices. Since Watcher can duplicate itself indefinitely to propagate or avoid deletion, you should remove Watcher by using a high-quality scanner designed to delete malware instead of trying to find and delete Watcher's files by yourself.
How Watcher Abuses Email to Wriggle into Your PC
As of 2011, Watcher is several years old and not widely distributed throughout the Internet compared to more recent types of malware threats. However, the risks to privacy and security that accompany any Watcher infection are quite serious even for a modern computer.
Watcher is known to specialize in mass email spam. Worms like Watcher tend to use built-in SMTP engines to send out email messages from computers that have already been infected, simultaneously using up system resources while giving no external signs of their mass-mailing activities.
Watcher may harvest contacts from your online messaging and email software to find suitable targets to flood with spam and may even imitate a contact's name in the 'From' field. Don't download attachments or click on links in email messages that you haven't been verified for safety, even if looks like they are coming from someone you trust.
When attached to an email as a file, Watcher must be in an executable format to install itself. However, Watcher may appear to be a different kind of file by using the icon or extension for a .pdf, .txt, .doc, .jpg or other common file. Before downloading an attachment, make sure that your settings allow you to see all file extensions and then check to see if the final extension matches the rest of the file's appearance.
Keeping a Watch Out for Watcher in Your Network
As a worm, different versions of Watcher may have other ways of spreading, such as:
- Watcher may copy itself to any folder that's shared on a network, to infect networked computers quickly when they access shared resources.
- Watcher may also create copies of itself in removable drives, which infects any computer that uses the removable drive device after the infected one has used it.
Both of these methods are particularly insidious and prone to rapid mass-infection because they both use Autorun exploits that cause Watcher to launch itself automatically. This lets Watcher install itself on a computer even if you don't directly access Watcher's files, but only access the folder or drive that Watcher is infecting.
Any one copy of the worm Watcher is likely to be backed up by countless others you can't detect, which makes deleting Watcher without security program assistance an impractical choice. If possible, disable Watcher by switching to Safe Mode and use a good anti-malware product to find and remove all copies of Watcher.
File System Modifications
- The following files were created in the system:
# File Name 1 watcher.exe
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.