Solved

"Mindspark" malware

  • 5 January 2017
  • 6 replies
  • 124 views

Anyone know why Webroot does not detect malware written by "mindspark"? It manifested itself by asking me every time I invoked firefox to select a new homepage and would not allow me to do any thing else on my laptop until I answered the question in the mindspark dialog box. Geeksquad had to do it 4 me remotely in a chat session. Thanks in advance for any help!
icon

Best answer by Ssherjj 5 January 2017, 16:11

View original

6 replies

Userlevel 7
Badge +62
Hello AugustBraun
 
Welcome to the Webroot Community,
 
What you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application) These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
 
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
 
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Trouble Ticket, especially if you cannot remove it easily from the directions in the KB Article.
 
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket.  Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
 
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
 
  • Open Webroot SecureAnywhere
  • Click on ‘Advanced Settings’ from the top right
  • Select ‘Scan Settings’ from the left side
  • Unselect the option “Detect Potentially Unwanted Applications”
  • Click on the Save button (you may have to enter in a CAPTCHA)
  • Reselect the option to “Detect Potentially Unwanted Applications”
  • Click on the Save button
  • Run another scan with Webroot and remove any items that get detected.
To help avoid PUA's in the future, remember to read all of the information when installing or updating software (Adobe downloads often have those "extra special offers"attached... PUA'S!: often the PUA included will be mentioned, and you can opt out of installing it.  Those check boxes you see? Usually only one of them is for the User Agreement of the software you want, the others are for the junk you don't.
 
Hope this helps?

 
Thanks for the help, Sherry!
Userlevel 7
Badge +62
Your most welcome AugustBraun!:D
I DO hope Mindspark is on your list.  You say it's not harmful but my experience ( Tech Support ) is that it installs in hundreds of locations and the result is a computer that runs very slow.  I get calls for this frequently. I was surprised when I had to use Malwarebytes to discover that Mindspark was installed on a computer that I had recently cleaned and had installed Webroot on. Also Webroot had just completed a scan with the last 3 hours.
After praising Webroot as the best, I was nothing short of embarassed that it had not detected Mindspark.
Please upgrade it's importance so that Webroot will detect and remove Mindspark during it's routine scan.  There is no reason to have this program on anyones PC.
If they really want it they can add it to their exclusions list.
@ wrote:
 
After praising Webroot as the best, I was nothing short of embarassed that it had not detected Mindspark.

Webroot didn't detect it because Mindspark is a PUA that was allowed to be installed on the PC.
 
In the future please read the TOS/EULA and be sure to uncheck any unwanted addons/additional software when installing any software.;)
 
BD
Badge +1
Hello! As a Microsoft certified professional and I.T. consultant with many years of experience in working on computers and networks, I have to say that Webroot missed the boat on MindSpark. I recently encountered a business PC where everything was locked down by Webroot's malware and antivirus software, yet the computer was crashing all over the place.
Eventually I was able to clone the computer's hard drive, uninstall Webroot and run Malwarebytes, only to find that there were 37 instances of Mindspark running on the computer, and Webroot was just allowing this to happen with "no problem."
How in the heck did you folks allow this? Mindspark is a very well known hack which ruins PCs. Once I removed it, I did not add your software back. Now you all need to get your act together and stop making excuses for why you would allow a "probably unwanted program" which is actually a spy and an adware menace to run or continue running on a computer. This is the business you are in, and excuses for why you don't track down common malware/adware are just plain unacceptable.

When people show up at my door here in west Atlanta and they have severe computer issues, and have been hacked by jerks in foreign countries, I don't want to hear from them that they paid for your software and "don't take that off, I paid for it." Well, if they pay you for protection, and your condoms have holes in it, I have to warn them never to use your software again. Many of the free antivirus programs out there can detect Mindspark and remove it. In your case, your software was actually hiding the problem and not allowing us to get to it until we removed your software. So STOP IT. FIX THIS.

Reply