Home Malware Programs Browser Hijackers ‘Americatechsupport.in’ Pop-Ups

‘Americatechsupport.in’ Pop-Ups

Posted: December 3, 2015

Threat Metric

Ranking: 14,869
Threat Level: 1/10
Infected PCs: 10,928
First Seen: March 20, 2015
Last Seen: September 27, 2023
OS(es) Affected: Windows

Americatechsupport.in is a webpage that may participate in a tactic that is extremely popular nowadays. If you visit this site, you may fall for a fraud called 'fake technical support.' Americatechsupport.in may display misleading information regarding the security state of the visitor's computer intentionally. The warnings that you may encounter are fabricated. No site can provide you with accurate data about unwanted or threatening software in your system. If you make the mistake to trust the bogus alerts, you may get in contact with con artists. They will certainly make everything possible to receive a rather large payment from you. These people will only try to look as if they were helping you when all they do is take your cash. Americatechsupport.in may rely on a highly questionable mechanism to attract visitors. The administrators of this page have created a compromised add-on that may hijack the computer user's browser. These tools may use various tactics to evade the attention of the person and enter unnoticed. They may be brought by third-party freeware, or their installation may be the result of a previous infection. Once it attaches to Google Chrome, Mozilla Firefox and Internet Explorer, this extension may set americatechsupport.in as the starting site. The page can confuse less experienced PC users easily that something is indeed wrong. It contains the Blue Screen of Death pattern, which typically indicates serious issues with the operating system. It will be a mistake to call 855-288-7162. If the con artists feel you are reluctant to pay, they may ask for remote access to check your PC, in the mean time infecting it with real threats. What you should do is an in-depth scan with a suitable anti-malware tool to delete the browser hijacker.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



C:\Program Files (x86)\Ninja Loader\NinjaMaintainer.exe File name: NinjaMaintainer.exe
Size: 52.73 KB (52736 bytes)
MD5: 825b464c14de4192e83ce39dd5e3c764
Detection count: 9,493
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\Ninja Loader\NinjaMaintainer.exe
Group: Malware file
Last Updated: December 4, 2021

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{RegistryKeys}Software\Microsoft\Tracing\Ninja Loader_RASAPI32Software\Microsoft\Tracing\Ninja Loader_RASMANCSSoftware\Mozilla\Firefox\Extensions\ninjaloader@mail.comSOFTWARE\Ninja LoaderSOFTWARE\Wow6432Node\Microsoft\Tracing\Ninja Loader_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\Ninja Loader_RASMANCSSOFTWARE\Wow6432Node\Ninja LoaderSYSTEM\ControlSet001\services\eventlog\Application\NinjaLoaderServiceSYSTEM\ControlSet001\services\NinjaLoaderServiceSYSTEM\ControlSet002\services\eventlog\Application\NinjaLoaderServiceSYSTEM\ControlSet002\services\NinjaLoaderServiceSYSTEM\CurrentControlSet\services\eventlog\Application\NinjaLoaderServiceSYSTEM\CurrentControlSet\services\NinjaLoaderServiceHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Ninja Loader

Additional Information

The following directories were created:
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Ninja Loader%LOCALAPPDATA%\Ninja Loader%PROGRAMFILES%\Ninja Loader%PROGRAMFILES(x86)%\Ninja Loader
Loading...