Best answer by Baldrick
View originalWebroot identified and removed four rootkits.
Userlevel 1
Webroot removed four rootkits and found nothing more after follow-up scan. Should I still be concerned? Should I perform clean install using backup software to eliminate any possibility the computer is still infected but undetected?
Userlevel 7
Hi wescoman
If WSA has found & removed four rootkits and thereafter found nothing more on follow-up scan, then I would be resting easy that all was well.
However, if yo are still concerned you could either Open a Support Ticket to notify the Support Team and see if they could reassure you as to the 'cleanliness' or, as you have stated, you could revert to a prior point using backup software to eliminate any possibility the computer is still infected but undetected, but as to what point you should revert back to would be a moot point as there is no way to be 100% sure as to when the rootkits 'appeared' on your system.
As I said initially, if WSA has caught them and dealt with them then I would be satisfied with that...but if I had any doubts I would open the support ticket.
Hope that helps?
Regards, Baldrick
If WSA has found & removed four rootkits and thereafter found nothing more on follow-up scan, then I would be resting easy that all was well.
However, if yo are still concerned you could either Open a Support Ticket to notify the Support Team and see if they could reassure you as to the 'cleanliness' or, as you have stated, you could revert to a prior point using backup software to eliminate any possibility the computer is still infected but undetected, but as to what point you should revert back to would be a moot point as there is no way to be 100% sure as to when the rootkits 'appeared' on your system.
As I said initially, if WSA has caught them and dealt with them then I would be satisfied with that...but if I had any doubts I would open the support ticket.
Hope that helps?
Regards, Baldrick
Userlevel 1
Thank you for the reply message. I agree with you - there is no guarantee that my prior backup will prevent the rootkit infection since it's not clear when the computer became infected. Interesting enough, this appeared post Windows 10 upgrade. I also found out that Windows 10, by default, uses a hibernate shut down function so that bootup is quick. However, what this means is that certain processes remain active even after shutdown, thus opening the possibilty for infection. I have since disabled quick start from the power options section in control panel. I will move forward and hope that WSA caught the problem and disinfected the computer successfully.
Userlevel 7
Hi wescoman
Thanks for the feedback.
I would suggest that you monitor things closely and that you run periodic scans every few hours for a couple of days...just to be on the safe side. WSA will ignore dormant/inactive threats per se but jump in and block/quarantine/remove threat as they become active, etc.
Also, if you see anything unusual, i.e., behaviour that is not typical of your system then I would immediately open the support ticket and get the Support Team on the case (link provide in my original post).
I am reasonably confident that WSA has taken care of business...but it always pays to be cautious/vigilent as you are being.
Regards, Baldrick
Thanks for the feedback.
I would suggest that you monitor things closely and that you run periodic scans every few hours for a couple of days...just to be on the safe side. WSA will ignore dormant/inactive threats per se but jump in and block/quarantine/remove threat as they become active, etc.
Also, if you see anything unusual, i.e., behaviour that is not typical of your system then I would immediately open the support ticket and get the Support Team on the case (link provide in my original post).
I am reasonably confident that WSA has taken care of business...but it always pays to be cautious/vigilent as you are being.
Regards, Baldrick
Userlevel 1
Good morning Baldrick. You were right. WSA did not fully remove the rootkits from my system. The computer started doing weird things last night like turning off Windows Defender and WSA. I couldn't restart Windows Defender because the source code was corrupted. I ended up performing a complete install from backup drive. Restored back to Windows 7 Pro. Never had any issues with that OS in the past. Hopefully, this will solve the problem but no guarantees. Rootkits are nasty buggers. WSA still needs to up their game in that area - scanning/removal is not quite ready for primetime yet.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.