Home Guides Watch-this.live virus removal from Android (Chrome/Firefox/IE/Safari)

Watch-this.live virus removal from Android (Chrome/Firefox/IE/Safari)

4 min read
If the watch-this.live popup virus infects a PC or Android device, annoying browser redirects and ads will significantly deteriorate the user’s experience.
  1. What is the watch-this.live popup virus?
  2. Automated removal of watch-this.live popup virus
  3. Watch-this.live popup removal for Android
  4. Restore web browser settings to their original defaults

What is the watch-this.live popup virus?

Malvertising, or malicious advertising, is the new big thing in the present-day cybercrooks’ tactics. This form of fishy activity doesn’t call forth as much media coverage as, say, ransomware attacks; plus it’s easier to implement and doesn’t presuppose resource-intensive coding work. The idea is to set up a dodgy website like watch-this.live that tries to convince the user into granting some kind of privileges on the compromised computer or mobile gadget. If it works out, a large-scale network of junk sites will come into play as the victim will be constantly redirected to them. The landing pages typically present sponsored content, constitute pay-per-click or pay-per-lead systems, or contain payloads of harmful software. Regarding the hoax that does the rounds via watch-this.live web page, it cashes in on fooling the visitors into allowing notifications. But what is it that’s actually hidden behind this generally benign feature?

The ‘Show notifications’ hoax on watch-this.live
The ‘Show notifications’ hoax on watch-this.live

Here’s the thing, watch-this.live page needs the above-mentioned permission to kick off a campaign that involves browser redirects and ad injection. The catch to persuade the victim boils down to a confirmation that he or she is human rather than a robot. Whilst this appears to be a common verification technique on numerous Internet resources, similarly to entering a Captcha code, it is being literally weaponized in this particular case. Furthermore, although the “Allow” function and anti-bot measures are different things, the felons behind this scheme have, effectively, put an “equals” sign between them. The users who aren’t very tech-savvy and don’t know all the nuts and bolts of website security practices may fall for this technique and click that button, being driven by curiosity to view what the streaming content is about. As it has been stated, the sketchy ad serving framework will benefit from this consent by displaying different sorts of sponsored information and triggering a recurrent browser redirect routine.

There are several ways people visit the watch-this.live site, but it’s definitely not due to an informed decision of theirs. One of the tricks employed by the perpetrators is to inject enticing advertisements into popular web resources so that users get interested and click on them, only to be rerouted to the scam page. Another possible workflow, which is a lot more menacing, circles around a corrupt browser helper object that automatically invokes commands to forward the traffic without the victim’s approval. This mechanism relies on a software bundling maneuver preceding the attack. In plain words, when downloading and installing a free application off of uncertified repositories, the user may overlook that the program of choice has got company – no wonder, this fact is cunningly obscured from one’s sight. As soon as the potentially harmful plugin is inside, it forces hits to watch-this.live.

Given that the frustrating redirects to watch-this.live can ensue from pranks of malware already residing on a PC or Android device, the infected user is good to go only as long as they eliminate the core threat. On the other hand, in case the victim has clicked that predatory “Allow” button on the notifications permission dialog, there is also some cleanup on their to-do list otherwise the ads will continue to pop up on random sites and the traffic will be forwarded to unwanted places on the Internet over and over. The security facet of the watch-this.live virus issue is explicated in the next section of this post. Follow the steps to get rid of the problem and be more careful with suspicious downloads and dubious confirmation popups further on.

Automated removal of watch-this.live popup virus

Owing to an up-to-date database of malware signatures and intelligent behavioral detection, the recommended software can quickly locate the infection, eradicate it and remediate all harmful changes. So go ahead and do the following:

1. Download and install the antimalware tool. Open the solution and have it check your PC for PUPs and other types of malicious software by clicking the Start Computer Scan button

Download watch-this.live virus remover

2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.

Use Control Panel to get rid of the watch-this.live malware

• Open up the Control Panel from your Start menu in Windows XP/Vista/7/8/8.1/10 and select Uninstall a program
Access program uninstall screen on Windows
• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal doneUninstall unwanted program

Watch-this.live popup removal for Android

Here’s a walkthrough to sort out the watch-this.live malware issue on an Android device, which might also be a target in this malvertising campaign. Keep in mind, though, that uninstall attempts in regular mode may be futile due to the mechanics of this persistent infection. Therefore, you need to perform the procedure in safe mode. Go ahead and do the following:

• Press and hold the Power button. Then, tap and hold the Power off option on the screen. Doing so will boot your device into safe mode
Android power off
• Android will ask you to confirm that you’d like to enter safe mode. Tap OK on the dialog
Safe mode reboot confirmation
• You will now see the Safe mode inscription at the bottom left of your screen. Go to Settings and choose Apps
Go to Settings - Apps
• Scroll down the list of applications, focusing on the ones that were installed recently. Find Find Watch-This or a sketchy entry with a different name that could as well be the culprit
Spot the unwanted app
• Select the misbehaving app and tap Uninstall
Uninstall the PUA
• Confirm removal on the relevant dialog box and reboot your device. By default, Android will get you back into regular mode. You should now be good to go – the watch-this.live virus won’t be triggering any redirects or irritating popups anymore.

Restore web browser settings to their original defaults

In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the watch-this.live redirect virus.

Reset Google Chrome

• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings
Go to Settings in Chrome
• Scroll down the settings screen and click Advanced down at the bottom
Advanced settings in Chrome
• Move on to the Reset and clean up sub-section and select the option that says Restore settings to their original defaults
Restore Chrome settings to their original default
• Finally, confirm the restoration by clicking Reset settings on the warning message
Reset Chrome settings
• Restart Chrome.

Reset Mozilla Firefox

• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information
Access Troubleshooting Information page in Firefox
• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it
Refresh Firefox button
• Follow subsequent directions to reset Firefox to its original settings
Complete refreshing Firefox
• Restart the browser.

Reset Internet Explorer

• Select Internet options under IE’s Tools (Alt+X)
Open up Internet options in Internet Explorer
• Proceed by clicking on Advanced tab, then select Reset
Locate and click the Reset button in IE
• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled
IE reset confirmation
• Reboot the machine to fully implement the fix.

Reset Safari

• Go to the Safari menu and select Preferences
Go to Safari Preferences
• When on the Preferences screen, select the Privacy tab and hit the Remove All Website Data button if you are up to erasing all website data stored on your Mac. Otherwise, you can use a site-specific removal option described below
Remove All Website Data button
• A dialog will appear, asking you to validate your choice. Click the Remove Now button if you are sure. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc.
Confirm website data removal
• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, click the Details button under Privacy tab
Details button under Privacy tab
• Select the websites for which you would like to erase data and click the Remove button
Removing data for selected sites in Safari
• Click the Done button to confirm and exit. You can also select the Remove All option to remove all data stored by the listed websites.

Revise your security status

Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.

Download watch-this.live popup virus removal tool

Rate article

5/5 (1)

Leave a Reply

Your email address will not be published. Required fields are marked *