53 items was found and cleaned. But, my browser homepage is still hijacked. need help

  • 27 December 2014
  • 7 replies
  • 1374 views

In short.  Installed Secure Complete.  Found know virus' and 53 other items. Still my homepage on Internet Explorer is still hijacked  Running Vista, and IE 9  The webpage that keeps coming up is  http://www-searching.com/?s=ECCzgutdk0339,309d0712-0555-48e9-8931-d3a1c7cba8f1,&pi=2
 
Even if I set my homepage to yahoo the above page keeps coming up.  I've disabled most ad-on as per webroot instructions still no success.  I think i still have a virus of some sort that webroot hasn't found.
 
I also did a safe mode scan with networking on and off and still nothing else comes up.
 
Thanks for your help.
Eddy

7 replies

Userlevel 7
Badge +62
Hello Eddy,
 
Welcome to the Community Forum,
 
Sounds like you had some serious issues.
 
Does any of our Forum members have any suggestions?
 
You might want to look at this thread
 
You can issue a Support Ticket and they will gladly sort this out for you free of charge.
 
 
Sorry I couldn't be more help!
Thanks for the quick reply.   I really appreciate the help
 
Eddy
Userlevel 7
Badge +62
Sure thing Eddy,:D
 
Please let us know how things turn out for you!
 
 
 
Best Regards,
Two weeks ago I submitted a question regarding my issues with my pc.  I've gotten a couple response's and a greeting but still no solutions to my ongoing problem.  Did a search and it seems this is possibly a known issue with the hijacking of the browser (look at link above) and webroot has yet to come up with a solution???  Submitted a trouble ticket and I still have not recieved a response from webroot.
 
I thought this was one of the best probucts on the market??  Which goes back well over a decade wtih me when I signed on with SpySweeper.??  That's why I bought a new subscription.  The reliabliity and quality of the product.  I really expected better service and a response from webroot.
 
Could someone direct me to a solution?  Very disappointed with this and with Webroot.
 
Sincerely,
Eddy
Userlevel 7
Hi Eddy
 
Am sorry to hear about your travails...the whole topic of PUAs is a difficult one due to their very nature.  WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behaviour that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. If you have not already please see this link for more information regarding Webroot's stance on these annoying programs.
 
I suspect that you may have also tried these steps to remove it from your system but if not then please do if you feel technically proficient.
 
As to not getting a reply from SUpport; that is very unusal but does happen occassionally...tings slip between the cracks...and for the reason I will ping our most excellent Community Manager @ in the hope that he can chase it up internally and see that it is given some focus for you.
 
I hope that helps?
 
Regards, Baldrick
Well, I had sometime this weekend to try to correct this ongoing issue.  I've done everything in the previous post and still my browser is hijacked.  After removing all the lastest programs that I didn't recognize (did the manage ad on correction) there is one program that will not uninstall.  It shuts down my uninstall program and freeze's.  It's called (IWEBAR).  Seems to be some kind of ad instrusive program that can do a lot to our PC's
 
After searching online there's a ton of info on it and even some removal tools out there.  But, who made the remvoval tool??  I'm kind of surprised that this is something that Webroot can't catch, fix or eradicate from out systems  Maybe, webroot doesn't know about it???  I don't know.  That's why I'm listing the unwelcomed virus, malware intruder here.  Maybe webroot can come up with a solution to this annoying instrusive bug that's not only effecting my PC, but, probably others.
 
Still disappointed and seeking a solution to this issue.
 
Eddy
Userlevel 7
Hi Eddy
 
Many thanks for your feedback on your experiences ans questions.  I will try to explain as best I can.
 
PUAs or Potential Unwanted Applications, as we call them here, are generally non-malware programs...but even so they are, as you have found,very annoying at best in that they cause pop-us, redirect your browser home page, and other behaviour that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information.
 
Often they are installed intentionally by the user as browser add-ons for various tasks such as quick search tools. But they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.  The key to avoiding them, and I can vouch for that as I download loads on new apps and have had about one or two at most PUAs on my system, is to make sure that when downloading apps one does so from the author's own website or one that they have recommended, and not 3rd party downloading site.
 
But the rub comes in terms of what I mentioned before, i.e., "Often they are installed intentionally by the user", so if that is the case then why should WSA remove something that my have been intentionally installed?
 
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behaviour that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see this link for more information regarding Webroot's stance on these annoying programs.  Hopefully that will explain further why the response to this area of 'threat' is not as black and white as some security app authors might wish to make the public believe.
 
Now, if as you have found, one has a stubborn PUA or a component that refuses to be removed by a user's own ministrations then the user can Open a Support Ticket & ask Webroot Support to take a look and remove these for them.  There is NO CHARGE for this for valid WSA license holder.  This is Webroot's response to this essentially quagmire area.
 
Apologies for the rambling but hopefully you understand why you have seen what you have seen and why WSA has reacted in the way it has (or has not depending on your expectation, etc.).
 
We are constantly debating this point so please feel free to add to that debate if so minded.
 
Regards, Baldrick

Reply