As my subscription wound down, a virus protection popup began appearing in the lower right corner of my screen. Trying o close it with the left X only causes it to reappear moments later. Clicking on the right red X, asks if you want to run this app (Webroot). I click yes and it takes me to the community page where I see someone else has asked the same question with no response. I have renewed my subscription which is reflected on the welcome window. I have even run a new scan and done a utilities optimization but this popup remains just like RANSOMWARE! It is blocking a vital area of my screen and I cannot perform certain functions on my business program now because of it! How do I get rid of this crap?
Page 1 / 1
Hi CQ
Welcome to the Community Forums.
Would you please provide us with the contents of the popup; that would help to determine what it relates to and then hopefully we can provide some advice on how to proceed.
Regards, Baldrick
Welcome to the Community Forums.
Would you please provide us with the contents of the popup; that would help to determine what it relates to and then hopefully we can provide some advice on how to proceed.
Regards, Baldrick
As my subscription wound down. a Virus protection popup began appearing on the lower right of the screen. Clicking on the left X to close shut it down only to have it immediately reappear. Clicking on the left red X, asks if I want to run the app. I click yes and it opens the Webroot community. Subscription has been renewed and the expiration is updated on the welcome screen. I have even run a new scan and utility optimization but cannot get rid of this popup. It blocks a vital area of my screen and I cannot work with it there. This popup is acting like RANSOMWARE even though I have already paid the ransom!
It's a black background popup that says Virus protection. It has a red X in a circle on the left and a white x to close on the right.
Hi CQ
Thanks for the response. That is not much to go on but what you are reporting would suggest to me that what you are seeing and describing sounds like it may be what we on the Community refer to as a PUA (Potentially Unwanted Application).
These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Support Ticket, especially if you cannot remove it easily from the directions in the KB Article.
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Support Ticket. Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
I hope this helps you both understand, and resolve the problem and if not please let us know!
Regards, Baldrick
Thanks for the response. That is not much to go on but what you are reporting would suggest to me that what you are seeing and describing sounds like it may be what we on the Community refer to as a PUA (Potentially Unwanted Application).
These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Support Ticket, especially if you cannot remove it easily from the directions in the KB Article.
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Support Ticket. Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
- Open Webroot SecureAnywhere
- Click on ‘Advanced Settings’ from the top right
- Select ‘Scan Settings’ from the left side
- Unselect the option “Detect Potentially Unwanted Applications”
- Click on the Save button (you may have to enter in a CAPTCHA)
- Reselect the option to “Detect Potentially Unwanted Applications”
- Click on the Save button
- Run another scan with Webroot and remove any items that get detected.
I hope this helps you both understand, and resolve the problem and if not please let us know!
Regards, Baldrick
None of my screen captures will apparently be allowed to load here but I do have a PDF of what I'm seeing that could be more help if I could figure out how to add it.
Hi Baldrick,
Thanks for the quick replies and the assist. I tried your scan suggestion but it did not resolve the issue.
This appeared simultaneously on both of my Windows 10 upgraded computers as the Webroot subscription was expiring. Neither of those computers has had an installation recently with the only significant event being the Webroot countdown. I was hoping this was just some uber-aggressive reminder but it certainly acts like ransomware in that you can't get rid of it.
I can't imagine it being unrelated to Webroot as besides the timing, the redirects go to the Webroot community page if I say I trust the app publisher. If I want to verify the publisher, it lists a Verisign certificate issued to Webroot. I'll read the KB link and attempt any actions there. If that works, I'll update the thread here. If not, I'll submit a support ticket.
Thanks for the attempt!
Thanks for the quick replies and the assist. I tried your scan suggestion but it did not resolve the issue.
This appeared simultaneously on both of my Windows 10 upgraded computers as the Webroot subscription was expiring. Neither of those computers has had an installation recently with the only significant event being the Webroot countdown. I was hoping this was just some uber-aggressive reminder but it certainly acts like ransomware in that you can't get rid of it.
I can't imagine it being unrelated to Webroot as besides the timing, the redirects go to the Webroot community page if I say I trust the app publisher. If I want to verify the publisher, it lists a Verisign certificate issued to Webroot. I'll read the KB link and attempt any actions there. If that works, I'll update the thread here. If not, I'll submit a support ticket.
Thanks for the attempt!
Support suggested I enter my activation keycode and activate from the My Account setting. I did. It was accepted, verified and an automatic scan began but the popup remains. Reported same to support and awaiting new reply and option.
Windows 10 had new updates this morning. One of them removed the popup box.
Hi CQ
Apologies for not getting back to you sooner...I am in the UK and at work during the day (here).
So, do I take it from your last post that the issue is resolved or just resolved on one system, or not resolved at all? I think that itis the middle one but please confrim.
Regards, Baldrick
Apologies for not getting back to you sooner...I am in the UK and at work during the day (here).
So, do I take it from your last post that the issue is resolved or just resolved on one system, or not resolved at all? I think that itis the middle one but please confrim.
Regards, Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.