Discussion in 'other firewalls' started by Rainwalker, Jun 19, 2018.
I am seeing this in Webroot. Can not find ANY info on the file. Need some explanation please.
asking webroot support?
looks like ransom or similar stuff. have fun and dont forget to recover your operating system as it seems vulnerable to this stuff - start over with a different and improved security concept
OK...Thanks Brummelchen, fixed it.
you might want to do some scans with some better engines/AVs, webroot is not known to find stuff
Thanks mwkelek...I had thought they were pretty good. Live and learn. I have other anti-malware apps installed e.g. Malwarebytes and before I removed the malware I did a few different scans, nothing showed. Has anyone seen that particular malware before?
Malwarebytes is useless as well, well maybe not against PUPs
which scans did you run?
I have removed the offender. Which anti-malware apps do you recommend. Aside from Bitdefender. BTW, when I was infected I was also using WD.
i mean that's no surprise, the WD part.
Kaspersky, BD, Norton, Sophos, Trend Micro, GData, ESET
Interesting....not interested in Kaspersky(no surprise), BD has been problematic in the past for me, Sophos I have not tried, stopped using Tend Micro years ago, GData is one I have recently given thought to and earlier today I installed ESET for the first time in a number of years. Thank you for your suggestions.
Comodo Cloud Antivirus with auto sandboxing works really good.
well from someone who just got infected recently, i wouldn't be this picky, but hey
@IvoShoan Thanks, but not interested in Comodo.
@mekelek Have not been infected in years. I know how it happened. Have usually been picky about my protection. I got a bit complacent because of no problems and WHAMO. Such is life.
Voodoshield is another good app.
An interesting app for sure.
you're just another victim of the WD fud bs people are spreading, not your fault.
Your just another victim. Not your fault.
that was serious, not a notice. any antivirus should only support a concept but it should never be the main part of it.
you had no luck because you did not try virtually, you did not scan before (second opinion) etc etc.
MBAM and Adwcleaner could point out how much improvement you need. any logs present we can read?
@Brummelchen I do not understanding where all the presumption is coming from. I have layers of protection and have had for years. As I wrote earlier, I just got sloppy for a bit and that was all it took. The piece of malware I mentioned got in because I received a popup asking if I wanted to make a change to Webroot. It looked as though it came from Webroot and I thought update. The notice had all the window dressing. I OKed it and got nailed. Have made a few changes since then. Thanks for responding.
we have a new infection found like this - and i am pretty sure you were hit by a trojan
WINWEBSE - Threat Encyclopedia - Trend Micro APAC
TROJ_FAKEAV.KTW - Threat Encyclopedia - Trend Micro TH
\Application Data\ is today \appdata\roaming\
i suggest you to make a backup and start a clean installation again. as i told you - infections like this are no fun and your system is still unsecure, it can happen to you anytime again. ZEUS were acting similar
could be a new variant of zeus.
by chat (eg steam), by mail, by TOR, other illegal stuff.
Interesting. Thanx Brummelchen.
another voice mentioned "slimdrivers" tool as a source, but i cant confirm until now. the free dont find any new driver and the demo need registration to continue - so i cant test reboot and its possible impacts. anyhow adaware should have found slimutilities and if you had it installed that may be a possible cause. cant tell you other right now. tbc
Separate names with a comma.