Go.Deepteep.com

  • 16 May 2018
  • 4 replies
  • 113 views

Userlevel 1
My 86-year old mother's PC's homepage (Internet Explorer 11, Windows 10, everything up to date) was recently hijacked by Go.Deepteep.com.  It got past Windows Defender, which had, until now, been good at detecting and blocking adware and malware.
 
Google and Bing searches on Go.Deepteep.com returned limited information, no information appears to be on the Webroot site.  There are several sites with manual instructions on how to remove Go.Deepteep.com, but are often linked to some obscure, suspicious sounding malware removal software (not taking that click-bait) and often appear to be written by someone for whom English is not their first languaga.
 
Does Webroot Secure Anywhere remove Go.Deepteep.com?
 
Does anyone know where Go.Deepteep.com originates and what it does?  The on-line descriptions seem to indicate that it simply hijaks a home page, installs a sub-par search engine and serves ads to the victim, presumably, to monetize ad revenue.

4 replies

Userlevel 7
Badge +36
@ wrote:
My 86-year old mother's PC's homepage (Internet Explorer 11, Windows 10, everything up to date) was recently hijacked by Go.Deepteep.com.  It got past Windows Defender, which had, until now, been good at detecting and blocking adware and malware.
 
Google and Bing searches on Go.Deepteep.com returned limited information, no information appears to be on the Webroot site.  There are several sites with manual instructions on how to remove Go.Deepteep.com, but are often linked to some obscure, suspicious sounding malware removal software (not taking that click-bait) and often appear to be written by someone for whom English is not their first languaga.
 
Does Webroot Secure Anywhere remove Go.Deepteep.com?
 
Does anyone know where Go.Deepteep.com originates and what it does?  The on-line descriptions seem to indicate that it simply hijaks a home page, installs a sub-par search engine and serves ads to the victim, presumably, to monetize ad revenue.
This sounds like a PUA (Potentially Unwanted Application), check out this article first and try those steps. If that fails, report back here or reach out to our support team at 1-866-612-4227.
Userlevel 1
It took a call to Webroot technical support to remove this PUA.  It could not be removed via Windows Uninstall utility.  Removal required deletion of an XML file and elimination of start up programs/scripts.
 
Technical support from Webroot (Andrew T) was outstanding.  Webroot has a customer for life.
 
I suspect that go.deepteep.com is a two-step technical support or ransomware scam.  The first step is that deepteep.com is installed via a malicous ad or e-mail attachment.  It gets past anti-virus, anti-malware software (go.deepteep.com got past Malwarebytes, Webroot and Windows Security Essentials) because it's classified as a PUA or PUP rather than a virus or malware.  In the second step, when victims discover that their homepage has been hijacked, they do as I did, perform a Google search and discover a handful of sites (obviously written by non-English speakers) that describe how to remove deepteep.com  Those sites also include a link to anti-malware software that they claim can remove deepteep.com in a single step or when traditional removal methods do not work (which they do not).  I'd never heard of the anti-malware software mentioned in these sites, and suspect that they are malware in and of themselves that could be more damaging if downloaded and installed, like ransomware, a keylogger or the traditional tech support scam claiming your computer is infected and they would only need remote control of your computer and, say, "only" $300 (payable in iTunes.gift cards, of course) to fix it, etc.
Userlevel 7
Badge +36
@ wrote:
It took a call to Webroot technical support to remove this PUA.  It could not be removed via Windows Uninstall utility.  Removal required deletion of an XML file and elimination of start up programs/scripts.
 
Technical support from Webroot (Andrew T) was outstanding.  Webroot has a customer for life.
 
I suspect that go.deepteep.com is a two-step technical support or ransomware scam.  The first step is that deepteep.com is installed via a malicous ad or e-mail attachment.  It gets past anti-virus, anti-malware software (go.deepteep.com got past Malwarebytes, Webroot and Windows Security Essentials) because it's classified as a PUA or PUP rather than a virus or malware.  In the second step, when victims discover that their homepage has been hijacked, they do as I did, perform a Google search and discover a handful of sites (obviously written by non-English speakers) that describe how to remove deepteep.com  Those sites also include a link to anti-malware software that they claim can remove deepteep.com in a single step or when traditional removal methods do not work (which they do not).  I'd never heard of the anti-malware software mentioned in these sites, and suspect that they are malware in and of themselves that could be more damaging if downloaded and installed, like ransomware, a keylogger or the traditional tech support scam claiming your computer is infected and they would only need remote control of your computer and, say, "only" $300 (payable in iTunes.gift cards, of course) to fix it, etc.
Happy to hear it's been resolved! PUA's are a nuisance.
PUAs are a PITA. 😛

Reply