Today I ran a deep scan and then system optimizer. Next I ran system analyzer which indicated that I had one active infection on my computer as follows:
System Anti-Malware Scan
----------------------------------------------------------------
5551 files analyzed 5551 files Deep Scanned
1 infection has been identified
Pua.Mindspark c:program files (x86)couponxplorer_5zar1.binappintegrator.exe - B83DB01D9E4BD53C9B65214806B54EB7
How do I get rid of this infection? Any help would be greatly appreciated.
Thanks
Arnie
Userlevel 7
Hi arnalves
Welcome to the Community Forums.
What you are seeing is a non-malware program we commonly refer to as a PUA or Potentially Unwanted Application
These are very annoying at best in that they cause pop-ups, redirect your browser home page, and other behaviour that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools. But they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
The key to avoiding them is to make sure that when downloading apps one does so from the author's own website or one that they have recommended, and not 3rd party downloading site.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behaviour that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
In your case, because WSA has detected the PUA I would expect that it has been quarantined. To check that out click on the gear/cog to the righ of the PC Security tab in the main app panel and then click on the 'Quarantine' tab in the next panel displayed.
Therein you should find an entry which reflect the one that you are seeing in the log...if yo want to remove it then all you need to do is to check the tick box next to the entry and click remove.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
If you run into any issues re. this or feel that you need technical assistance/reassurance re. the removeal then the best thing to do is to Open a Support Ticket & ask Webroot Support to take a look and remove these for you. There is NO CHARGE for this for valid WSA license holder.
Hope that helps?
Regards, Baldrick
Welcome to the Community Forums.
What you are seeing is a non-malware program we commonly refer to as a PUA or Potentially Unwanted Application
These are very annoying at best in that they cause pop-ups, redirect your browser home page, and other behaviour that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools. But they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
The key to avoiding them is to make sure that when downloading apps one does so from the author's own website or one that they have recommended, and not 3rd party downloading site.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behaviour that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
In your case, because WSA has detected the PUA I would expect that it has been quarantined. To check that out click on the gear/cog to the righ of the PC Security tab in the main app panel and then click on the 'Quarantine' tab in the next panel displayed.
Therein you should find an entry which reflect the one that you are seeing in the log...if yo want to remove it then all you need to do is to check the tick box next to the entry and click remove.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
- Open Webroot SecureAnywhere
- Click on ‘Advanced Settings’ from the top right
- Select ‘Scan Settings’ from the left side
- Unselect the option “Detect Potentially Unwanted Applications”
- Click on the Save button (you may have to enter in a CAPTCHA)
- Reselect the option to “Detect Potentially Unwanted Applications”
- Click on the Save button
- Run another scan with Webroot and remove any items that get detected.
If you run into any issues re. this or feel that you need technical assistance/reassurance re. the removeal then the best thing to do is to Open a Support Ticket & ask Webroot Support to take a look and remove these for you. There is NO CHARGE for this for valid WSA license holder.
Hope that helps?
Regards, Baldrick
Thank you for your prompt response. I really appreciate that it's not anything serious! I followed your instructions but the PUA is still there. My main concern was that it might damage my laptop. Since this is just an annoyance, I ma y just leave it for know. At a later date I may contact Customer Service for more technical assistance. In the meantime, you have given me peace-of-mind, so once again, many thanks!
Arnie
Arnie
Userlevel 4
+16
arnalves,
Not to ignore the fine information by ? but the reason that this shows up on your system is that it is a new variation of the Mindspark Browser Hijack / PUA. You should contact support asap and get this removed so that the infection "fingerprint" can be used by all Webroot customers to stay safe.
Not to ignore the fine information by ? but the reason that this shows up on your system is that it is a new variation of the Mindspark Browser Hijack / PUA. You should contact support asap and get this removed so that the infection "fingerprint" can be used by all Webroot customers to stay safe.
Thanks for this info. dbrisendine
Userlevel 7
Hi Arnie
I would definitively go for the Open a Support Ticket option....best to let the professional deal with this, especially as the service is part of what one pays for re. the subscription fee.
Regards, Baldrick
I would definitively go for the Open a Support Ticket option....best to let the professional deal with this, especially as the service is part of what one pays for re. the subscription fee.
Regards, Baldrick
Yesterday I ran a full scan for two hours on Windows Defender. Upon completion, I checked for any infections and none showed up. Next I ran system analyzer which still indicated the issue! Finally I ran the Webroot deep scan and this time it captured Pua.Mindspark. At that point I was able to remove it.
Many thanks to all who responded.
Many thanks to all who responded.
Userlevel 7
Hi arnalves
Good to hear that the issue is finally sorted for you. Thanks for letting us know.
Regards, Baldrick
Good to hear that the issue is finally sorted for you. Thanks for letting us know.
Regards, Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.