Newbie with WebRoot

  • 13 December 2013
  • 6 replies
  • 523 views

I rarely get invaded and in case I ever did, I have a second Windows XP sp3 on my second harddrive and I have always been able to load the backup Windows and hunt down the offending files. I must have bragged to someone because I have one now that I couldn't find and niether could WebRoot. It is a Trojan Horse that is trying to put Internet Explorer on line instead of Foxfire so that it can dump whatever it wants on my system. I have run several scans and Webroot has found nothing. I imagine that it has replaced a Windows file with one of its own. Checked all of the dates in the usual directories and got rid of some suspicious files. The horse used to be able to activate Internet Explorer by itself, but it no longer can so every five minutes, it puts up the dialog box asking if I want to stay offline or allow the website to connect. It doesn't matter what Firefox is doing, apparently, it needs Explorer. Sorry I'm so windy.

6 replies

Userlevel 7
Hello Bubba, Welcome to the Webroot Community Forum. 😃
Userlevel 7
Badge +56
Hello Bubba and Welcome to the Webroot Community Forums.



 

When you ever suspect an infection it's best to contact Support so can you please Submit a Support Ticket and they can look at your scan log and if necessary clean it for you free of charge.

 

Cheers,

 

Daniel 😉
I have Magic Jack telephone service. It is a VOIP system. I've had it for about five years without any problems. I closed it and the problem stopped. There are four suspicious subdirectories, but they seem to have valid files in them. I shall contact Magic Jack and see if they know anything. Whew. Thanks everyone.
Userlevel 2
Since WSA is a cloud antivirus you need to use Safe Mode with networking. Safe Mode by itself will not work. 
Good ideas. Thank you profusely. I will try.
Userlevel 3
have you tried safe mode and then running webroot? small chance it will work but it doesn't always, that and also try to reset firefox and ie, as it may just be a re-direct.

 

Also check the firewall in webroot to see if it is monitoring anything currently, if so and it isn't anything that you know of then tell it to block it. 

Reply