After scanning my PC, Webroot found some rootkit and can't get rid of it, even after restarting
Please help.
SystemCurrentControlSetServicesCDPUserSvc_6b634 Caution.Rootkit
SystemCurrentControlSetServicesMessagingService_6b634 Caution.Rootkit
SystemCurrentControlSetServicesOneSyncSvc_6b634 Caution.Rootkit
Page 1 / 1
Hello @ and welcome to our Community.
Any threat related inquiries need to be reviewed by our Advanced Malware Removal Team directly:
Support Number: 1-866-612-4227 M-F 7am?6pm MT
Send us a Support Ticket: https://detail.webrootanywhere.com/servicewelcome.asp
Any threat related inquiries need to be reviewed by our Advanced Malware Removal Team directly:
Support Number: 1-866-612-4227 M-F 7am?6pm MT
Send us a Support Ticket: https://detail.webrootanywhere.com/servicewelcome.asp
When you get these types of detections SystemCurrentControlSetServices it means your heuristics are set above default so in most cases you need to do a clean reinstall of WSA then you can set your heuristics above default again. I had these detections many times because I run my heuristics at Maximum. http://live.webrootanywhere.com/content/680/Adjusting-Heuristics
Please follow the steps closely!
Thanks,
Daniel 🙂
Please follow the steps closely!
- Make sure you have a copy of your 20 Character Alphanumeric Keycode! Example: SA69-AAAA-A783-DE78-XXXX
- KEEP the computer online for Uninstall and Reinstall to make sure it works correctly
- Download a Copy Here (Best Buy Geek Squad Subscription PC users click HERE) Let us know if it is the Mac version you need.
- Uninstall WSA and Reboot
- Install with the new installer, enter your Keycode and do NOT import any settings if offered by the installer as you can set it up as you like once it's done
- Let it finish it's install scan
- Reboot once again
Thanks,
Daniel 🙂
Also if you let WSA clean them up they will be detected again untill a reinstall can be done so you don't have to worry as WSA doesn't really remove them.
Thanks,
Daniel :)
Thanks,
Daniel :)
Problem: Internet connectivity is not permitted by the infection. How do I 'get to the Internet' around this, so I can do the clean install? Thanks in advance! - Heath
Hi heathdalberts
Welcome to the Community Forums.
What I would do if you cannot access the Internet due to a malware infection, is to first try booting your computer in Safe Mode with Networking. ANd the try doing what you were being blocked from doing.
For help in getting into Safe Mode with Networking please see THIS from the Microsoft Support site.
If doing this does not help then I would Open a Support Ticket and ask the Support Team (the Professionals) to advise what to do next.
Do let us know how you get on, and if you go to SUpport then what they advise.
Regards, Baldrick
Welcome to the Community Forums.
What I would do if you cannot access the Internet due to a malware infection, is to first try booting your computer in Safe Mode with Networking. ANd the try doing what you were being blocked from doing.
For help in getting into Safe Mode with Networking please see THIS from the Microsoft Support site.
If doing this does not help then I would Open a Support Ticket and ask the Support Team (the Professionals) to advise what to do next.
Do let us know how you get on, and if you go to SUpport then what they advise.
Regards, Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.