I used KIS before and I moved(I removed KIS from the system and installed WSA complete) to WSA because of the Resource lightness of it but after few days, now my two computers got infected.
known Symptoms:
It creating shortcuts when an USB drive inserted and creating a folder for itself on the drive.
Also I noticed that there is an autoit3.exe process on the task manager. When I see it's(autoit3.exe) location, I found that it is c:Google
I am attaching few screen shots here.
Please guide me.
Images
https://dl.dropboxusercontent.com/u/30615903/Images/cap1.jpg
https://dl.dropboxusercontent.com/u/30615903/Images/cap2.jpg
**. I scanned those folder and files with webroot but no infection found.
Page 1 / 1
Hello and Welcome to the Webroot Community Forums!
The best thing to do is to Open a Support Ticket, and ask Webroot Support to take a look and remove this for you. There is no charge for this if you are a WSA license holder, with a current subscription.
+
Virus Removal Options
https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/Virus-Removal-Options/ta-p/54074
The best thing to do is to Open a Support Ticket, and ask Webroot Support to take a look and remove this for you. There is no charge for this if you are a WSA license holder, with a current subscription.
+
Virus Removal Options
https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/Virus-Removal-Options/ta-p/54074
So lets say I removed this somehow (easily I can format the whole pc), but there is a chance of a attack again right? I want to solved that . ok I will try to contact support. Is there a chatline ?
Tried to contact support by given url,
it says to enter my email , So i insert and it say
We have already had contact with: xxxxxxxx@gmail.com
Please enter your password below if you wish to continue with your previous conversation. Your password will have been previously emailed to you.
when I insert the password and press continue it does nothing.
So still no help.
it says to enter my email , So i insert and it say
We have already had contact with: xxxxxxxx@gmail.com
Please enter your password below if you wish to continue with your previous conversation. Your password will have been previously emailed to you.
when I insert the password and press continue it does nothing.
So still no help.
http://www.webroot.com/us/en/support/contact@ wrote:
ok I will try to contact support. Is there a chatline ?
Still unable to contact support! 😞
Hello and Welcome to the Webroot Community,
May I intervene here and just ask if you saved that email from support with the password and did you disable cookies in your browser. Just making sure we don't overlook the obvious. ;)
Also I don't believe support by phone are available on the weekends?
Regards,
May I intervene here and just ask if you saved that email from support with the password and did you disable cookies in your browser. Just making sure we don't overlook the obvious. ;)
Also I don't believe support by phone are available on the weekends?
Regards,
I am using firefox with cookies enabled. What do you mean by save? I contacted the webroot support very long time ago I think in 2012 , If you asking about save that support email, Please note that this is a new PC 🙂.
OK got it , Thank you! last time I contacted support Nov 7, 2013 not 2012 :D
Now I can post a support ticket!
I am just curious , may I stay untill contact by support or may I run a on demand scanner like MBAM
Now I can post a support ticket!
I am just curious , may I stay untill contact by support or may I run a on demand scanner like MBAM
Hi,
Support will take a little longer because of the weekend. But they should be able to contact you through email by Monday or so..don't quote me but they usually are pretty fast.
It's up to you if you want to use MBAM. What do you think@ ?
EDIT: It's usually best not to mess around until Webroot checks your logs and what not.
Regards,
Support will take a little longer because of the weekend. But they should be able to contact you through email by Monday or so..don't quote me but they usually are pretty fast.
It's up to you if you want to use MBAM. What do you think
EDIT: It's usually best not to mess around until Webroot checks your logs and what not.
Regards,
I think you can use MBAM Free@ wrote:
It's up to you if you want to use MBAM. What do you think@ ?
EDIT: It's usually best not to mess around until Webroot checks your logs and what not.
Regards,
&
You can also try to scan in safe mode
Can you run a deep scan in Safe Mode with Networking the instructions on how to do so are shown below.
1. Start your computer in Safe Mode with Networking. For instructions on starting in Safe Mode with Networking
http://www5.nohold.net/Webroot/Loginr.aspx?pid=12&login=1&app=vw&solutionid=68
2. Open Webroot SecureAnywhere from the tray, start menu or desktop icon.
3. Click on the cog icon next to 'PC Security'. http://www.webroot.com/En_US/SecureAnywhere/PC/WSA?_PC_Help.htm#C2_Scanning/CH2e_Defining_Custom_Sca...
4. Open the 'Scan & Shields' tab.
5. Click the 'Custom Scan' button.
6. The default scan option is 'Deep'. Click Scan.
I am running MBAM now.. lets see..
+
Using Control Active Processes, advanced users can adjust the threat-detection settings for all programs and processes running on your computer. It also includes a function for terminating any untrusted processes, which might be necessary if a regular scan did not remove all traces of a malware program.
http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C10_SystemControl/CH10b_ControllingProcesses.htm
Using Control Active Processes, advanced users can adjust the threat-detection settings for all programs and processes running on your computer. It also includes a function for terminating any untrusted processes, which might be necessary if a regular scan did not remove all traces of a malware program.
http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C10_SystemControl/CH10b_ControllingProcesses.htm
It is FUD for MBAM and Avast too.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.