security cleaner pro


this is certainly a rogue. how do i get rid of it. also, i send webroot a command to clean the computer but nothing happens. does anyone know about this?

23 replies

Userlevel 7
Badge +51
Hello Kreplach and Welcome to the Webroot Community Forums!
 
Watch this:
https:///t5/Webroot-SecureAnywhere-Antivirus/Virus-Removal-Options/ta-p/54074
 
Thank you
Best regard, Petr.
Userlevel 7
Hi Kreplach
 
Welcome to the Community Forums...:D
 
You are quite correct that Security Cleaner Pro is indeed  a computer infection from the Rogue.WinWebSec family of rogue anti-spyware programs, if memorry serves (as a friebnd of mine had the mis fortune to get it).
 
You have some options here; you could either Open a Support Ticket so that Webroot Support can take a look, of you can try to deal with it yourself using one of the 3rd party Software Removal Tools listed here, or you could also take a look at this XXXXX from another well known "community devoted to providing free original content consisting of computer help and tutorials" which I have had the pleasure to use previously.
 
EDIT: Link removed as contrary to Community policy on 3rd party anti malware references.  Apologies, Baldrick :$ 
 
Hope that helps?  Post back to let us know how you get on, or if yo require further assistance.
 
Regards, Baldrick
thank you for the quick reply. i opened a ticket (i think thats what i did. it was in the form of sending a message). so we'll see what happens. it would be a shame to have to buy another anti v software.  last question, when i send a scan or cleanup command to webroot, is it supposed to start right away?
Userlevel 7
Hi Kreplach
 
No problem...you came to the right place and as you can see there are usually other users available to assist/respond...and often yo can be deluged with responses very quickly. ;)
 
With regard to you question about the Web Console command, it is my understanding that it can take time to get through to the designated client.  I once, for testing purposes, request a scan and it took just over 1/2 hour before it actioned.  Not sure why or excatly what the expected timescales should be.
 
Perhaps one of the more learned bretheren @ @ can help out with a more specific answer.
 
Hope that helps? :D
 
Keep us posted on what the Support Ticket yields...the feedback is always useful to help us should other userrs rasie the same issue in the future.
 
Regards, Baldrick
:Dthank you all. ill wait for webroot to get back to me. being that this involves a surface pro and not a regular computer. i didnt think this sort of thing happens to tablets! 
and thank you petrovic
Userlevel 7
Badge +51
Hi Kreplach
 
Read: web console sending commands
https://community.webroot.com/t5/Webroot-SecureAnywhere-Complete/web-console-sending-commands/m-p/61397#M4366
 
Thank you
Best regard, Petr.
Userlevel 7
Well, if yo are running the Pro version then I assume that you are running WIn8.1 Full rather than RT?  If so then whilst the hardware is different the threats are the same...Desktop, Laptop or Tablet...unfortunately. :(
Userlevel 7
Hi Baldrick! As you assumed, I am lurking close to email.

Console Commands essentially are done by "Pull" instead of "Push" most of the time. What this means is that the Command is not instantly pushed out to the client computer. Instead Commands are sent the next time the client computer contacts Webroot servers for any reason: boot up, scanning, URL checkups while web surfing, anything.
yep, windows 8.1 (im a windows 7 person myself).  im wondering if a factory reset would do the job. backup the files to webroot and format. the only software i have here is ms office student (which is in the factory pckg)
so i should reboot?
Userlevel 7
Yes, I think that you could but it depends on what the factory reset does...if it effectively installs an image of the factory setup...then that should do the trick...and that certainly cannot hurt.
 
Regards, Baldrick
looks like a scan ran a little while ago.  says clean, but in the "recent malicious files detected" it found earlier today a file called nsrda09.tmp. and labeled it as w32.rogue.gen  maybe its been isolated until wr figures out what to do with it?  sorry to be a pita about this
Userlevel 7
Hi David
 
Thanks, much appreciated...that clarifies the position for me...and I presume, Kreplach.
 
Information bookmarked for future reference...and I have learned something new today...Yay! :D
 
Regards
 
 
Baldrick
Userlevel 7
Hi Kreplach
 
You are in no way a PITA...never in a million years...you just have troubles...;)
 
Well, if you have decided to reset to Factory Settings then whatever you do next re. this infection is academic...as you should effectively have a clean system once that is done.
 
If yo have decided not to Factory Reset then I would await the pick up of the Support Ticket, and advise them of this too.  Sounds like WSA has quarantined the little nasty and therefore it should cause you no further issues...but a good idea to mention it to Support too.
 
Regards, Baldrick
 
 
 
Userlevel 7
@ wrote:
looks like a scan ran a little while ago.  says clean, but in the "recent malicious files detected" it found earlier today a file called nsrda09.tmp. and labeled it as w32.rogue.gen  maybe its been isolated until wr figures out what to do with it?  sorry to be a pita about this
Hi...Just to be clear. If scan is now showing clean, and GUI is green, then check quarantine, as shown here: Webroot Secure Anywhere Context Help
 
And there may be no need for a reset etc, if Support give you the all clear also.
 
Sorry if I'm butting-in, just couldn't work out if you'd looked in quarantine properly.
 
Userlevel 7
Badge +55
Hello Kreplach and Welcome to the Webroot Community Forums! 


 
I would stick the Support Inbox as they will help you make sure it's cleaned up properly but you have to Open a Support Ticket on the infected Tablet  so they can get the Scan Log from it and they will have the right information to make sure it's clean of any Rogues or infections free of charge.
 
Thanks,
 
TH
Epilogue
 
Interstingly, Webroot did detect a rogue virus, cleaned it out, only to detect another with a similar name.  I did set up a ticket and got an email that began: "We have reviewed Webroot logs that are automatically sent . . .and it does not appear your computer is infected with a virus . . ."  Unfortunately, it was too late for me to actually speak with a technician. So, I went ahead with a hard reset.  That seemed to have worked as I'm no longer alerted to the 1,899 living in my Surface Pro; and I'm not being redirected to some weird website everytime I try to log into webroot. 
 
Before doing the hard reset, I copied the files onto a portable hard drive.  I'm hesitating on restoring them as I wonder if they are carriers.
 
Finally, can someone send me instructions on how to backup or upload files using the webroot application? 
 
I thank you all for your support. 
I meant to say 1899 viruses living in my Surface Pro.  Sorry
Userlevel 4
Ok i think you should submit a ticket Kreplach.
Userlevel 7
Badge +51
Kreplach wrote:
Finally, can someone send me instructions on how to backup or upload files using the webroot application? 
 

Hello Kreplach!

Watch this video:
https:///t5/Webroot-SecureAnywhere-Complete/How-to-use-Backup-amp-Sync/ta-p/71377
&
Learn more about BackUp & Sync

Thank you
Best regard, Petr.
Userlevel 7
Hi Kreplach
 
Good to hear that the Factory Reset worked for you.
 
Are you looking for help with Backup & Sync when you say "backup or upload files using the webroot application"?  If so then there are some KB Articles and the like that may be of use..but do not want to dump the information at you if it is not relevant to you.
 
Regards
 
 
Baldrick
Userlevel 7
Badge +55
@ wrote:
Epilogue
 
Interstingly, Webroot did detect a rogue virus, cleaned it out, only to detect another with a similar name.  I did set up a ticket and got an email that began: "We have reviewed Webroot logs that are automatically sent . . .and it does not appear your computer is infected with a virus . . ."  Unfortunately, it was too late for me to actually speak with a technician. So, I went ahead with a hard reset.  That seemed to have worked as I'm no longer alerted to the 1,899 living in my Surface Pro; and I'm not being redirected to some weird website everytime I try to log into webroot. 
 
Before doing the hard reset, I copied the files onto a portable hard drive.  I'm hesitating on restoring them as I wonder if they are carriers.
 
Finally, can someone send me instructions on how to backup or upload files using the webroot application? 
 
I thank you all for your support. 
If I had that many infections I would stay off the Internet IMHO. 😠 I'm not sure what your asking do you have the AV only version or Complete with Back Up & Sync because this thread is in the AV only section? Also upload what to Webroot a possible bad file? http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C14_Support/CH13d_SubmittingFile.htm
 
TH

Reply