webroot did not remove esurf.biz malware
I was told by the online rep that webroot would remove the esurf.biz malware. It didn't. I scanned mulitple times and rebooted my computer and it is still there when I run firefox. I did the standard things to remove it from addons and the target file location.
Userlevel 7
Hi dgmck
Welcome to the Community Forums.
eSurf.biz is actually not malware in the true sense of the definition, but rather a non malware browser hijacker, which is promoted via other free downloads. Once it is installed on your system it changes your browser homepage and default search engine.
It is what we call in the Community, a PUA or Potentially Unwanted Application. These are very annoying at best in that they cause pop-ups, redirect your browser home page, and other behaviour that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools. But they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
The key to avoiding them is to make sure that when downloading apps one does so from the author's own website or one that they have recommended, and not 3rd party downloading site.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behaviour that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
If that does not helps and you feel or consider yourself technically proficient then you can try these steps to remove it from your system.
And if that does not work or you do not feel technically capable then the best thing to do is to Open a Support Ticket & ask Webroot Support to take a look and remove these for you. There is NO CHARGE for this for valid WSA license holder.
I hope that the information above helps?
Regards, Baldrick
Welcome to the Community Forums.
eSurf.biz is actually not malware in the true sense of the definition, but rather a non malware browser hijacker, which is promoted via other free downloads. Once it is installed on your system it changes your browser homepage and default search engine.
It is what we call in the Community, a PUA or Potentially Unwanted Application. These are very annoying at best in that they cause pop-ups, redirect your browser home page, and other behaviour that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools. But they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
The key to avoiding them is to make sure that when downloading apps one does so from the author's own website or one that they have recommended, and not 3rd party downloading site.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behaviour that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
- Open Webroot SecureAnywhere
- Click on ‘Advanced Settings’ from the top right
- Select ‘Scan Settings’ from the left side
- Unselect the option “Detect Potentially Unwanted Applications”
- Click on the Save button (you may have to enter in a CAPTCHA)
- Reselect the option to “Detect Potentially Unwanted Applications”
- Click on the Save button
- Run another scan with Webroot and remove any items that get detected.
If that does not helps and you feel or consider yourself technically proficient then you can try these steps to remove it from your system.
And if that does not work or you do not feel technically capable then the best thing to do is to Open a Support Ticket & ask Webroot Support to take a look and remove these for you. There is NO CHARGE for this for valid WSA license holder.
I hope that the information above helps?
Regards, Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.