Malware may reinstall itself multiple times if you don't delete its core files. This may require tracking down dozens of files in different locations.
We recommend downloading Restoro to eradicate Malware for you (it should cut down the time to about 15 minutes).
What is WeatherTab? And how does it work?
WeatherTab is yet another misleading Google Chrome browser extension developed and maintained by Tightrope Interactive. On first glance, its colorful design might catch your attention and even convince you to install. However, despite its seemingly nice design and promises of getting your local weather forecasts, sunset and sunrise time all at one place, this browser extension has suspicious qualities you should consider first.
The research team from NoVirus.uk has expressed their concerns regarding WeatherTab as it makes modifications in the Chrome browser without any permission from users. Such modifications involve alteration of the default home page, new tab page and search provider. As you probably know, this kind of behavior is something you’d find in a browser hijacker and potentially unwanted program. This is why security experts categorize WeatherTab extension as both a browser hijacker and a PUP.
Once installed, WeatherTab will change the start page and search provider to hxxp://www.weathertab.org and set a new tab page URL as well as install additional suspicious browser toolbars. Based on reports, this browser hijacker’s main aim is to advertise a new search engine that isn’t even popular among computer users yet and no doubt as equally questionable as WeatherTab.
If you try using the search engine set by WeatherTab, you’ll find that after you enter a search query, there is a change in the URL located at the address bar of your Chrome browser – first, you will be redirected to Trovi.com and then you’ll finally be redirected to the search results. If you don’t know, Trovi is actually one of the infamous browser hijackers. This is another thing that adds up to the reasons why you should erase WeatherTab from your computer.
How does WeatherTab spread online?
WeatherTab spreads online via its official website at weathertab[.]org as well as from the Chrome Web Store. Though it can be found in a legitimate source, it does not really mean that this browser extension can be trusted. You should know that not all browser extensions and add-ons found in Chrome are proven to be safe and trusted so you should know better than to install any extension you can find even though it came from a legitimate source like the Chrome Web Store. In addition, researchers also found that WeatherTab also spreads using software bundles.
To erase WeatherTab from your computer, refer to the removal guide below.
Step 1: Tap the Win + R keys to open Run and then type in appwiz.cpl to open Control Panel to uninstall any suspicious program related to the browser hijacker.
Step 2: Look for WeatherTab under the list of installed programs. Once you’ve found it, uninstall it.
Step 3: Close the Control Panel and tap the Win + E keys to open File Explorer. Navigate to the following directories and look for the hijacker’s installer like the software bundle it came with as well as other suspicious files and delete them.
Step 4: Close the File Explorer and empty your Recycle Bin.
Step 5: Launch the Google Chrome browser and click the wrench icon. Afterward, click on Tools from the drop-down menu and select Extensions.
Step 6: Under the Extensions tab, select WeatherTab extension and other suspicious browser extensions related to it and then click on the Trash icon.
Step 7: Click on Remove button from the confirmation dialog box.
Step 8: Reset Google Chrome. To do that, click the three stripes icon located at the upper-right corner of your screen. And then select Settings.
Step 9: under Settings, look for Show advanced settings at the bottom of the page and click on it.
Step 10: Then click on the Reset browser settings button.
Step 12: After you reset Chrome, enable the Phishing and Malware Protection in Chrome to prevent browser hijackers like WeatherTab extension from infecting your computer again in the future. To do that, click Settings once again.
Step 13: Select the Show advanced settings again.
Step 14: Go to the Privacy section and check the Enable phishing and malware protection option.
Step 15: Restart Chrome and then enable the two-factor authentication on your Facebook account.
Follow the advanced steps below to completely get rid of WeatherTab and any files it may have created in your computer upon its installation.
Perform a full system scan using SpyRemover Pro. To do so, follow these steps:
- Turn on your computer. If it’s already on, you have to reboot
- After that, the BIOS screen will be displayed, but if Windows pops up instead, reboot your computer and try again. Once you’re on the BIOS screen, repeat pressing F8, by doing so the Advanced Option shows up.
- To navigate the Advanced Option use the arrow keys and select Safe Mode with Networking then hit
- Windows will now load the SafeMode with Networking.
- Press and hold both R key and Windows key.
- If done correctly, the Windows Run Box will show up.
- Type in explorer http://www.fixmypcfree.com/install/spyremoverpro
A single space must be in between explorer and http. Click OK.
- A dialog box will be displayed by Internet Explorer. Click Run to begin downloading the program. The installation will start automatically once a download is done.
- Click OK to launch it.
- Run SpyRemover Pro and perform a full system scan.
- After all the infections are identified, click the REMOVE ALL
- Register the program to protect your computer from future threats.