Home
Library
Phoenix Media
Weather It Up

Weather It Up

Known Malware

What is Weather It Up?

Weather It Up is software application developed by Phoenix Media. It is most commonly found on computers running Windows 7 with nearly 81.90% of installations running this operating system. Weather It Up's installer is typically 9.00 MB in size and installs around 36 files. The most common release is 1.34.3.6 with 54.29% of all installations currently using this version.

Weather It Up is most popular in the United States with 56.62% of installations residing in this country.

Weather It Up adds 1 scheduled task to the Windows Task Scheduler launching the program at randomly scheduled times.

About Weather It Up?

This software is designed to seamlessly integrate advertising into the user's web browsing experience by displaying ads on web pages where they would not typically appear. The software may be distributed through platforms such as OpenCandy.

Multiple virus scanners have detected malware in Weather It Up.

utils.exe (MD5: 7f44d95a3983d98f793820ebdf19c3f4) has been flagged by 37 scanners:

Scanner Software	Version	Result
AhnLab-V3	N	PUP/Win32.Adware
Baidu-International	4.0.3.14422	Trojan.Win32.VMDetector.E
Bkav FE	1.3.0.4959	HW32.CDB
Dr.Web	9.0.0.0112	Trojan.Crossrider.4794
ESET-NOD32	8.9662	Win32/Toolbar.CrossRider.AB
G Data	14.4.24	Win32.Trojan.Agent.WUBV2L
Malwarebytes	v2014.04.22.11	PUP.Optional.WeatherItUp.A
TrendMicro-HouseCall	7.2.112	TROJ_GEN.F47V0316
Lavasoft Ad-Aware	12.0.163.0	Trojan.Generic.11030524
Agnitum Outpost	5.5.1.3	PUA.Toolbar.CrossRider!
AVG	13.0.0.3169	Generic5.APHA
Bitdefender	7.2	Trojan.Generic.11030524
Emsisoft Anti-Malware	3.0.0.596	Trojan.Generic.11030524 (B)
Fortinet FortiGate	4	Riskware/Toolbar_CrossRider
F-Secure	11.0.19100.45	Trojan.Generic.11030524
IKARUS anti.virus	T3.1.6.1.0	Trojan.SuspectCRC
K7 AntiVirus	9.176.11833	Trojan ( 004965ab1 )
K7GW	9.176.11833	Trojan ( 004965ab1 )
MicroWorld-eScan	12.0.250.0	Trojan.Generic.11030524
NANO AntiVirus	0.28.0.59492	Trojan.Win32.Crossrider.cwhmph
Norman	7.03.02	Troj_Generic.TEZJT
nProtect	2014-04-21.01	Trojan.Generic.11030524
VIPRE Antivirus	28478	Crossrider (fs)
Antiy-AVL	0.1.0.1	Trojan/Win32.SGeneric
McAfee	6.0.4.564	Artemis!979FD2706F4D
McAfee-GW-Edition	2013	Artemis!979FD2706F4D
Symantec	20131.1.5.61	Adware.Crossid
Avira AntiVir	7.11.148.44	Adware/CrossRider.A.1708
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Generic.a.(kcloud)
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
Sophos	4.98.0	AppRider
AVware	1.5.0.21	Trojan.Win32.Generic!BT
Clam AntiVirus	0.98.5.0	Win.Trojan.Agent-839129
SUPERAntiSpyware	5.6.0.1032	Trojan.Agent/Gen-Downloader
Zillya	2.0.0.2174	Adware.CroRi.Win32.439
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
Panda Antivirus	10.0.3.5	Trj/Genetic.gen

Weather It Up-updater.exe (MD5: 403a07d6eb6e7120f07a765a0d7940f7) has been flagged by 14 scanners:

Scanner Software	Version	Result
AVG	13.0.0.3169	Generic5.ANJA
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.40
ESET-NOD32	9487	a variant of Win32/Toolbar.CrossRider.X
Malwarebytes	1.75.0001	PUP.Optional.WeatherItUp.A
McAfee	6.0.4.564	Crossrider-FAJ!403A07D6EB6E
McAfee-GW-Edition	2013	Artemis!403A07D6EB6E
Symantec	20131.1.5.61	Adware.Crossid
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.R0C1H05BP14
VIPRE Antivirus	26956	Crossrider (fs)
Avira AntiVir	7.11.163.240	ADWARE/CrossRider.Gen2
IKARUS anti.virus	T3.1.6.1.0	not-a-virus:WebToolbar.CrossRider
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Generic.a.(kcloud)
Bkav FE	1.3.0.4959	W32.CrossRider.Trojan

Weather It Up-firefoxinstaller.exe (MD5: daaa0c143b5074534f2d3c37311f1901) has been flagged by 30 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Trojan.Generic.11165073
Agnitum Outpost	5.5.1.3	Trojan.Crossrider!
AVG	13.0.0.3169	MultiBundle.V
Baidu-International	3.5.1.41473	Adware.Win32.Lyrics.71
Bitdefender	7.2	Trojan.Generic.11165073
Dr.Web	7.00.9.04080	Trojan.Crossrider.8337
Emsisoft Anti-Malware	3.0.0.596	Trojan.Generic.11165073 (B)
F-Secure	11.0.19100.45	Trojan.Generic.11165073
G Data	24	Trojan.Generic.11165073
Malwarebytes	1.75.0001	PUP.Optional.WeatherItUp.A
MicroWorld-eScan	12.0.250.0	Trojan.Generic.11165073
Norman	7.03.02	Suspicious_Gen2.VVXJK
nProtect	2014-04-21.01	Trojan.Generic.11165073
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0314
VIPRE Antivirus	28478	Crossrider (fs)
Avira AntiVir	7.11.154.44	Adware/CrossRider.A.488
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
ESET-NOD32	9921	a variant of Win32/Toolbar.CrossRider.AH
Qihoo-360	1.0.0.1015	Win32/Virus.Adware.ae5
Fortinet FortiGate	4	Riskware/Toolbar_CrossRider
McAfee	6.0.4.564	Artemis!64865CC00315
McAfee-GW-Edition	2013	Artemis!64865CC00315
Symantec	20131.1.5.61	WS.Reputation.1
K7 AntiVirus	9.179.12348	Trojan ( 004984e91 )
K7GW	9.179.12348	Trojan ( 004984e91 )
Sophos	4.98.0	AppRider
IKARUS anti.virus	T3.1.6.1.0	not-a-virus:WebToolbar.CrossRider
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Generic.a.(kcloud)
Bkav FE	1.3.0.4959	W32.CrossRider.Trojan

Weather It Up-enabler.exe (MD5: 979fd2706f4d50c57fe1908872663863) has been flagged by 36 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Adware.Generic.910337
Antiy-AVL	0.1.0.1	Trojan/Win32.SGeneric
AVG	13.0.0.3169	Generic5.ANCJ
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.40
Bitdefender	7.2	Adware.Generic.910337
Dr.Web	7.00.9.04080	Trojan.Crossrider.7519
Emsisoft Anti-Malware	3.0.0.596	Adware.Generic.910337 (B)
ESET-NOD32	9702	a variant of Win32/Toolbar.CrossRider.X
Fortinet FortiGate	4	Riskware/Toolbar_CrossRider
F-Secure	11.0.19100.45	Adware.Generic.910337
G Data	24	Adware.Generic.910337
IKARUS anti.virus	T3.1.6.1.0	AdWare.SuspectCRC
K7 AntiVirus	9.176.11806	Trojan ( 00495b741 )
K7GW	9.176.11806	Trojan ( 00495b741 )
Malwarebytes	1.75.0001	PUP.Optional.WeatherItUp.A
McAfee	6.0.4.564	Artemis!979FD2706F4D
McAfee-GW-Edition	2013	Artemis!979FD2706F4D
MicroWorld-eScan	12.0.250.0	Adware.Generic.910337
NANO AntiVirus	0.28.0.59288	Trojan.Win32.Crossrider.cwggpx
Symantec	20131.1.5.61	Adware.Crossid
VIPRE Antivirus	28442	Crossrider (fs)
Avira AntiVir	7.11.148.44	Adware/CrossRider.A.1708
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Generic.a.(kcloud)
nProtect	2014-05-07.01	Trojan.Generic.11250844
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0427
Sophos	4.98.0	AppRider
Agnitum Outpost	5.5.1.3	PUA.Toolbar.CrossRider!
AVware	1.5.0.21	Trojan.Win32.Generic!BT
Clam AntiVirus	0.98.5.0	Win.Trojan.Agent-839129
SUPERAntiSpyware	5.6.0.1032	Trojan.Agent/Gen-Downloader
Zillya	2.0.0.2174	Adware.CroRi.Win32.439
Norman	7.03.02	Suspicious_Gen2.VVXJK
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Bkav FE	1.3.0.4959	W32.CrossRider.Trojan

Weather It Up-codedownloader.exe (MD5: 03129871f0bfb98cc31fbeb013a6d711) has been flagged by 36 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Trojan.Generic.11030524
Agnitum Outpost	5.5.1.3	PUA.Toolbar.CrossRider!
AVG	13.0.0.3169	Generic5.APHA
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.40
Bitdefender	7.2	Trojan.Generic.11030524
Dr.Web	7.00.9.04080	Trojan.Crossrider.7193
Emsisoft Anti-Malware	3.0.0.596	Trojan.Generic.11030524 (B)
ESET-NOD32	9704	a variant of Win32/Toolbar.CrossRider.AA
Fortinet FortiGate	4	Riskware/Toolbar_CrossRider
F-Secure	11.0.19100.45	Trojan.Generic.11030524
G Data	24	Trojan.Generic.11030524
IKARUS anti.virus	T3.1.6.1.0	Trojan.SuspectCRC
K7 AntiVirus	9.176.11833	Trojan ( 004965ab1 )
K7GW	9.176.11833	Trojan ( 004965ab1 )
Malwarebytes	1.75.0001	PUP.Optional.WeatherItUp.A
MicroWorld-eScan	12.0.250.0	Trojan.Generic.11030524
NANO AntiVirus	0.28.0.59492	Trojan.Win32.Crossrider.cwhmph
Norman	7.03.02	Troj_Generic.TEZJT
nProtect	2014-04-21.01	Trojan.Generic.11030524
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0315
VIPRE Antivirus	28478	Crossrider (fs)
Antiy-AVL	0.1.0.1	Trojan/Win32.SGeneric
McAfee	6.0.4.564	Artemis!979FD2706F4D
McAfee-GW-Edition	2013	Artemis!979FD2706F4D
Symantec	20131.1.5.61	Adware.Crossid
Avira AntiVir	7.11.148.44	Adware/CrossRider.A.1708
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Generic.a.(kcloud)
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
Sophos	4.98.0	AppRider
AVware	1.5.0.21	Trojan.Win32.Generic!BT
Clam AntiVirus	0.98.5.0	Win.Trojan.Agent-839129
SUPERAntiSpyware	5.6.0.1032	Trojan.Agent/Gen-Downloader
Zillya	2.0.0.2174	Adware.CroRi.Win32.439
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Bkav FE	1.3.0.4959	W32.CrossRider.Trojan

Software Behaviors

Scheduled tasks:: Uninstall.exe is scheduled as a task with the class '{D73EFAF1-A52C-425B-8333-F71F1A3EC26B}' (runs on registration).

Startup Entries

Startup tasks:: Weather It Up-codedownloader.exe is automatically launched at startup through a scheduled task named cb607470-d07a-4f06-a139-46cad63fe159-1.

cb607470-d07a-4f06-a139-46cad63fe159-5.exe is automatically launched at startup through a scheduled task named cb607470-d07a-4f06-a139-46cad63fe159-5_user.

cb607470-d07a-4f06-a139-46cad63fe159-4.exe is automatically launched at startup through a scheduled task named cb607470-d07a-4f06-a139-46cad63fe159-4.

cb607470-d07a-4f06-a139-46cad63fe159-2.exe is automatically launched at startup through a scheduled task named cb607470-d07a-4f06-a139-46cad63fe159-2.

def30c52-fe80-4b26-8d43-62b3a67cc537-5.exe is automatically launched at startup through a scheduled task named def30c52-fe80-4b26-8d43-62b3a67cc537-5.

def30c52-fe80-4b26-8d43-62b3a67cc537-4.exe is automatically launched at startup through a scheduled task named def30c52-fe80-4b26-8d43-62b3a67cc537-4.

Software Details

URL:: –
Support:: –
Installation path:: C:\Program Files\weather it up
Uninstaller:: C:\Program Files\Weather It Up\Uninstall.exe /fromcontrolpanel=1
Size:: 9.00 MB
Language:: English

Weather It Up Executable Details

Primary executable:: utils.exe
Name:: Weather It Up
Path:: C:\Program Files\weather it up\utils.exe
MD5:: 7f44d95a3983d98f793820ebdf19c3f4
SHA-1:: –
SHA-256:: –

Files installed by Weather It Up

File Type	Filename	MD5
EXE	cb607470-d07a-4f06-a139-46cad63fe159-4.exe Malware	339aa29983ca634fb361ff95494bb67e
EXE	cb607470-d07a-4f06-a139-46cad63fe159-2.exe	dfdda14bf42094ebf515e2e4e6a1e68d
EXE	cb607470-d07a-4f06-a139-46cad63fe159-11.exe	1da53a7d9d3f23a225a2b8b9c8ff084e
EXE	a637664b-e92b-453d-bae4-70682cd68c21-5.exe Malware	40beb59b6a1af4035cba812e3e56652f
EXE	a637664b-e92b-453d-bae4-70682cd68c21-4.exe Malware	28f300d3c7ed654010761da6995c7031
EXE	a637664b-e92b-453d-bae4-70682cd68c21-3.exe	8c058b53b896c0e6b509185ff49b6627
EXE	a637664b-e92b-453d-bae4-70682cd68c21-2.exe Malware	853b9b7dcece448fbe69b25d88e741c7
EXE	8e34e056-95e0-40a0-8d85-7806fbb3872b-64.exe	07ef7ae31562cf8c736771a012acb33a
EXE	37c55077-63d0-4892-ac8c-90bd8624ed1e-5.exe Malware	00af96b574774a20f7493feb30a37844
EXE	37c55077-63d0-4892-ac8c-90bd8624ed1e-4.exe Malware	1cca1df14b96965bfd16f89e092ea9bf

Repair Weather It Up

Having issues with Weather It Up?

We recommend Fortect System Repair to automatically fix these issues

Download Now

Popularity

18% of users keep Weather It Up installed

Overall Rating

Bad

Known Versions (10)

1.36.01.22: 1.90%
1.35.12.18: 0.95%
1.35.3.9: 0.95%
1.34.7.1: 1.90%
1.34.6.10: 3.81%
1.34.5.22: 0.95%
1.34.4.10: 14.29%
1.34.3.6: 54.29%
1.34.2.13: 20.00%
1.34.1.29: 0.95%

Geography Distribution