Windows 10 users warned of new virus that slows down PCs


Windows 10 users are being warned about a new form of adware that make PCs slow down to the point they are virtually unusable.

The adware, dubbed FileTour, was discovered by Bleeping Computer, who say that it is almost undetectable.

FileTour, which is believed to have originated from Russia, works by stealing processing power from infected PCs in order to mine for cryptocurrency.

It does this by secretly launching Google Chrome in a way that is invisible to the user in order to run the CoinCube mining script.

It is spread via torrents in the form of software cracks and password and key generators.

The adware then steals 80 percent of the processing power from the infected computer as it mines for the Monero cryptocurrency.

Depending on the RAM and age of the computer, affected PCs could all but grind to a halt. And because of the way the adware secretly uses Google Chrome, it could be a long time before victims realise their PC has been infected.

If your PC is suddenly experiencing performance issues or has suddenly slowed down, there is a way to see what is hogging your resources.

If you open Task Manager, you will be able to see that Chrome.exe is running and how much of your system’s resources it is using.

Revealing more about FileTour, Lawrence Abrahams from Bleeping Computer wrote: “FileTour is an adware bundle that is commonly spread as cracks or cheats for games and other software.

“This bundle is notorious for crossing the line between what is traditionally known as adware and PUPs and more dangerous computer infections such as password-stealing Trojans and miners.

“This adware bundle has started to create a Windows autorun that automatically launches Chrome and connects to a in-browser mining page when a user logs into Windows.

“To make matters worse, it does it in a way that makes it so Chrome is invisible to the user.

The advice to users, as always, is to make sure you have up to date anti virus installed on your device.

“Miners are becoming an epidemic and in-browsing mining is only going to continue to get worse,” Abrams added.

“Therefore, it is important that all users protect themselves by installing antivirus software that detects when a browser connects to known mining services such as CoinCube.

“Unfortunately, new in-browsing mining services keep popping up and it has become a game of whack-a-mole for the security industry. Therefore, your installed software may not detect the URL or scripts associated with a new in-browser miner.

“To add further protection, you can use an adblocker with Chrome, which will block in-browser mining scripts. For those looking for a more granular approach, you can use the CoinBlockerLists site to download lists of IP addresses and domains affiliated with in-br

Via: ZDNet


Comments are closed.