What is Email Assistant?
Based on a legitimate, open-source project called Chromium, Email Assistant is a rogue browser. It can supposedly enhance the browsing experience with such features as improved privacy, security, speed and quick access to user-preferred email services, however, this untrusted piece of software operates as adware (i.e., delivers intrusive advertisements).
It also promotes a fake search engine (hemailaccessonline.com) and monitors users' browsing activity. Due to these dangerous capabilities and its dubious proliferation methods, Email Assistant browser is classed as a Potentially Unwanted Application (PUA).
The Email Assistant Chromium browser creates a "virtual layer", which enables placement of third party graphical content to be displayed on any website. The source of the intrusive advertisements (e.g. pop-ups, banners, coupons, etc.) is not the visited site - they are delivered by the rogue browser.
These ads significantly affect the browsing experience, as they diminish browsing speed and overlay visited web pages. As well as being a nuisance, they are also a threat to device/user safety. When intrusive ads are clicked, they can redirect to sale-oriented, untrusted/rogue, deceptive/scam and even compromised, malicious pages.
Clicking the ads can trigger them to execute scripts designed to stealthily download/install rogue software (e.g. PUAs). This can lead to a number of problems including, for example, high-risk malware infections. Email Assistant also promotes a bogus search engine.
Therefore, each new browser tab/window opened and each search query typed into the URL bar redirects to hemailaccessonline.com. Fake search tools are unable to generate unique results, and so they tend to redirect to (or cause redirection chains ending with) legitimate sites.
In the case of hemailaccessonline.com, it redirects to search.yahoo.com. The Email Assistant browser can monitor browsing activity (URLs visited, pages viewed, search queries, etc.) and collect personal information (IP addresses, geolocations and users' personal details).
Software that possesses data tracking capabilities is a serious privacy concern, and Email Assistant is no exception The gathered data is likely to contain vulnerable information that might be shared with third parties (potentially, cyber criminals) seeking to misuse it for profit.
Therefore, Email Assistant can lead to system infiltration and infections, serious privacy issues, financial loss and even identity theft. To ensure device integrity and user safety, remove all suspicious applications and browser extensions/plug-ins immediately upon detection.
|Threat Type||PUP (potentially unwanted program), PUA (potentially unwanted application).|
|Supposed Functionality||Improved browsing security, privacy, speed and quick access features for email.|
|Detection Names||Full List Of Detections (VirusTotal)|
|Serving IP adress (hemailaccessonline.com)||18.104.22.168|
|Symptoms||A program that you do not recall installing suddenly appeared on your computer. A new application is performing computer scans and displays warning messages about 'found issues'. Asks for payment to eliminate the supposedly found errors.|
|Distribution Methods||Deceptive pop-up ads, free software installers (bundling), fake Flash Player installers.|
|Damage||Monetary loss (unnecessary purchase of fake software), unwanted warning pop-ups, slow computer performance.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Outfire, TappyTop, Dash are a few examples of other rogue, Chromium-based browsers. While they may seem legitimate and offer various "useful" features, these browsers do not work as advertised and the functions promised are nonoperational.
In fact, this applies to all PUAs, since these unwanted applications have just one purpose: to generate revenue for the developers. Rather than operating as promised, PUAs force-open untrusted/malicious websites, hijack browsers to promote fake search engines, deliver intrusive ad campaigns and collect private data.
How did potentially unwanted applications install on my computer?
The Email Assistant browser has an "official" promotional web page from which it can be downloaded, however, PUAs are often downloaded/installed together with other programs. "Bundling" is the term used to define this deceptive marketing technique of packing regular software with unwanted or malicious additions.
Rushing download and installation processes (e.g. ignoring terms, using presets, skipping steps and sections, etc.) increases the risk of unintentionally allowing bundled content onto systems, thereby endangering them with potential infiltration and infections. Intrusive ads proliferate these apps as well.
Once clicked, they can execute scripts to download/install PUAs without users' permission.
How to avoid installation of potentially unwanted applications
Research all products to verify their legitimacy prior to download/installation. You are advised to use only official and verified download channels. Untrustworthy download sources including free file-hosting sites, P2P sharing networks (BitTorrent, Gnutella, eMule, etc.) and other third party downloaders can offer deceptive and/or bundled content, and should not be used.
When downloading/installing, read the terms, study all possible options, use the "Custom/Advanced" settings and opt-out of supplementary apps, tools, features, etc. Intrusive advertisements usually seem normal and innocuous, however, they cause redirects to dubious web pages (e.g. gambling, pornography, adult-dating and many others).
If you encounter these ads/redirects, inspect the device and remove all suspect applications and browser extensions/plug-ins without delay. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.
Appearance of Email Assistant browser (GIF):
Email Assistant browser installation setup:
Website promoting Email Assistant browser;
IMPORTANT NOTE! This deceptive site asks to enable web browser notifications:
Therefore, before commencing, perform these steps:
Google Chrome (PC):
- Click the Menu button (three dots) on the right upper corner of the screen
- Select "Settings", scroll down to the bottom and click "Advanced"
- Scroll down to the "Privacy and security" section, select "Content settings" and then "Notifications"
- Click three dots on the right hand side of each suspicious URL and click "Block" or "Remove" (if you click "Remove" and visit the malicious site once more, it will ask to enable notifications again)
Google Chrome (Android):
- Click on the Menu button (three dots) on the right upper corner of the screen and click "Settings"
- Scroll down, click on "Site settings" and then "Notifications"
- In the opened window, locate all suspicious URLs and click on them one-by-one
- Select "Notifications" in the "Permissions" section and set the toggle button to "OFF"
- Click the Menu button (three bars) on the right upper corner of the screen
- Select "Options" and click on "Privacy & Security" in the toolbar on the left hand side of the screen
- Scroll down to the "Permissions" section and click the "Settings" button next to "Notifications"
- In the opened window, locate all suspicious URLs, click the drop-down menu and select "Block"
- Click the Gear button on the right upper corner of the IE window
- Select "Internet options"
- Select the "Privacy" tab and click "Settings" under "Pop-up Blocker" section
- Select suspicious URLs under and remove them one by one by clicking the "Remove" button
- Click the menu button (three dots) on the right upper corner of the Edge window and select "Settings"
- Click on "Site permissions" in the toolbar on the left hand side of the screen and select "Notifications"
- Click three dots on the right hand side of each suspicious URL under "Allow" section and click "Block" or "Remove" (if you click "Remove" and visit the malicious site once more, it will ask to enable notifications again)
- Click "Safari" button on the left upper corner of the screen and select "Preferences..."
- Select the "Websites" tab and then select "Notifications" section on the left pane
- Check for suspicious URLs and apply the "Deny" option for each
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is Email Assistant?
- STEP 1. Uninstall deceptive applications using Control Panel.
- STEP 2. Remove malicious plug-ins from Internet Explorer.
- STEP 3. Remove rogue extensions from Google Chrome.
- STEP 4. Remove potentially unwanted plug-ins from Mozilla Firefox.
- STEP 5. Remove rogue extensions from Safari.
- STEP 6. Remove rogue plug-ins from Microsoft Edge.
Removal of potentially unwanted applications:
Windows 11 users:
Right-click on the Start icon, select Apps and Features. In the opened window search for the application you want to uninstall, after locating it, click on the three vertical dots and select Uninstall.
Windows 10 users:
Right-click in the lower left corner of the screen, in the Quick Access Menu select Control Panel. In the opened window choose Programs and Features.
Windows 7 users:
Click Start (Windows Logo at the bottom left corner of your desktop), choose Control Panel. Locate Programs and click Uninstall a program.
macOS (OSX) users:
Click Finder, in the opened screen select Applications. Drag the app from the Applications folder to the Trash (located in your Dock), then right click the Trash icon and select Empty Trash.
In the uninstall programs window, look for "Email Assistant" and other suspicious/recently-installed applications, select these entries and click "Uninstall" or "Remove".
After uninstalling the potentially unwanted application, scan your computer for any remaining unwanted components or possible malware infections. To scan your computer, use recommended malware removal software.
Remove rogue extensions from Internet browsers:
At time of research, Email Assistant did not install any unwanted browser extensions, however, some unwanted applications can be installed together with adware and browser hijackers. If you experience unwanted ads or redirects when browsing the internet, continue with the removal guide below.
Video showing how to remove potentially unwanted browser add-ons:
Remove malicious add-ons from Internet Explorer:
Click the "gear" icon (at the top right corner of Internet Explorer), select "Manage Add-ons". Look for any recently-installed suspicious browser extensions, select these entries and click "Remove".
If you continue to have problems with removal of the hemailaccessonline.com redirect, reset your Internet Explorer settings to default.
Windows XP users: Click Start, click Run, in the opened window type inetcpl.cpl In the opened window click the Advanced tab, then click Reset.
Windows Vista and Windows 7 users: Click the Windows logo, in the start search box type inetcpl.cpl and click enter. In the opened window click the Advanced tab, then click Reset.
Windows 8 users: Open Internet Explorer and click the gear icon. Select Internet Options.
In the opened window, select the Advanced tab.
Click the Reset button.
Confirm that you wish to reset Internet Explorer settings to default by clicking the Reset button.
Remove malicious extensions from Google Chrome:
Click the Chrome menu icon (at the top right corner of Google Chrome), select "More tools" and click "Extensions". Locate all recently-installed suspicious browser add-ons and remove them.
If you continue to have problems with removal of the hemailaccessonline.com redirect, reset your Google Chrome browser settings. Click the Chrome menu icon (at the top right corner of Google Chrome) and select Settings. Scroll down to the bottom of the screen. Click the Advanced… link.
After scrolling to the bottom of the screen, click the Reset (Restore settings to their original defaults) button.
In the opened window, confirm that you wish to reset Google Chrome settings to default by clicking the Reset button.
Remove malicious plug-ins from Mozilla Firefox:
Click the Firefox menu (at the top right corner of the main window), select "Add-ons". Click on "Extensions", in the opened window remove all recently-installed suspicious browser plug-ins.
Computer users who have problems with hemailaccessonline.com redirect removal can reset their Mozilla Firefox settings.
Open Mozilla Firefox, at the top right corner of the main window, click the Firefox menu, in the opened menu, click Help.
Select Troubleshooting Information.
In the opened window, click the Refresh Firefox button.
In the opened window, confirm that you wish to reset Mozilla Firefox settings to default by clicking the Refresh Firefox button.
Remove malicious extensions from Safari:
Make sure your Safari browser is active, click Safari menu, and select Preferences....
In the opened window click Extensions, locate any recently installed suspicious extension, select it and click Uninstall.
Make sure your Safari browser is active and click on Safari menu. From the drop down menu select Clear History and Website Data...
In the opened window select all history and click the Clear History button.
Remove malicious extensions from Microsoft Edge:
Click the Edge menu icon (at the upper-right corner of Microsoft Edge), select "Extensions". Locate all recently-installed suspicious browser add-ons and click "Remove" below their names.
If you continue to have problems with removal of the hemailaccessonline.com redirect, reset your Microsoft Edge browser settings. Click the Edge menu icon (at the top right corner of Microsoft Edge) and select Settings.
In the opened settings menu select Reset settings.
Select Restore settings to their default values. In the opened window, confirm that you wish to reset Microsoft Edge settings to default by clicking the Reset button.
- If this did not help, follow these alternative instructions explaining how to reset the Microsoft Edge browser.
Commonly, adware or potentially unwanted applications infiltrate Internet browsers through free software downloads. Note that the safest source for downloading free software is via developers' websites only. To avoid installation of adware, be very attentive when downloading and installing free software. When installing previously-downloaded free programs, choose the custom or advanced installation options – this step will reveal any potentially unwanted applications listed for installation together with your chosen free program.
Post a comment:
If you have additional information on hemailaccessonline.com redirect or it's removal please share your knowledge in the comments section below.