Evidently a trojan got through my webroot. Any suggestions? it's Trojan:win32/Powessere.A!reg
I've been trying to clean my system, but nothing's working. Says it's gone, then it pops up again. I'm considering the Geek Squad. A little disappointed in Webroot, evidently this is a pretty well known virus. Maybe I should have stayed with McAfee or gone to Kaspersky. 😞
Userlevel 7
Hello there!
Very likely the exact variant of the virus is a new one, and thus not detected. The chances are equally high that other AV solutions also would not detect such a new variant.
Please submit a Trouble Ticket ASAP. In the case of active infections, the less you do the better. Webroot Support will take a look and remove the virus FREE as long as you have a valid key code.
Often, the more a user tries to do in removing an infection themselves the more damage may end up being done, so it is best to just let the professionals do the work for you. Again, it is FREE, so you have nothing to lose.
Very likely the exact variant of the virus is a new one, and thus not detected. The chances are equally high that other AV solutions also would not detect such a new variant.
Please submit a Trouble Ticket ASAP. In the case of active infections, the less you do the better. Webroot Support will take a look and remove the virus FREE as long as you have a valid key code.
Often, the more a user tries to do in removing an infection themselves the more damage may end up being done, so it is best to just let the professionals do the work for you. Again, it is FREE, so you have nothing to lose.
Webroot sent me something to install to collect data. It's stuck. I called teck support and was told there was a 40 minute wait. This is bad. I searched on the virus and it seems to be fairly well known. Even my "protection" has identified it as dangerous. How could this get through? As far as I know, I've been on auto-pay for webroot but I don't know what my key is. The program sent to me has been stuck for 30 minutes at this point. I'm thinking maybe webroot isn't as good as it has been promoted. I need my laptop as to the other people I help with it. This is starting to look like a disaster..
Userlevel 7
Hello Muse,
Please be patient, Support will get to you even if there is a short wait of under an hour. (most other AV solutions support lines can involve wait times far long as is the usual overal wait time for services like Geek Squad usually at this time of day.)
As for how it slipped in... same as how it has slipped by many other AV solutions over the last week or so. There have been a number of posts about this trojan at this point. It is a new variant. When a virus is modified, the malware writers modify it specifically to change the 'signature' and avoid detection. While some malware is detected right away by the smart "heuristic' technology, some are not.
Every time Support gets a case with a new undetected variant, of course they do forward the data to the Dev's, who then do indeed work at getting detection in place. The good thing with WSA is that once a malware is known, and detected, WSA protects ALL users globally without the wait for definitions updates that all other AV solutions rely on.
I hope this helps expain things a little, and that Support gets to you soon. I would like to hear the outcome after you have talked to support again if possible!
Please be patient, Support will get to you even if there is a short wait of under an hour. (most other AV solutions support lines can involve wait times far long as is the usual overal wait time for services like Geek Squad usually at this time of day.)
As for how it slipped in... same as how it has slipped by many other AV solutions over the last week or so. There have been a number of posts about this trojan at this point. It is a new variant. When a virus is modified, the malware writers modify it specifically to change the 'signature' and avoid detection. While some malware is detected right away by the smart "heuristic' technology, some are not.
Every time Support gets a case with a new undetected variant, of course they do forward the data to the Dev's, who then do indeed work at getting detection in place. The good thing with WSA is that once a malware is known, and detected, WSA protects ALL users globally without the wait for definitions updates that all other AV solutions rely on.
I hope this helps expain things a little, and that Support gets to you soon. I would like to hear the outcome after you have talked to support again if possible!
Userlevel 7
David is right. Weboot has the best support there is, and it is FREE for Webroot users. Most other AV support takes days sometimes. I had an problem with a different AV vendor that may or may not begin with a "B" and submitted a ticket to them about an issue. After 2 weeks I gave up.
For these other companies, if your want faster support you have to pay for their "premium" virus removal. Webroot is not like that. If you are a Webroot user fast support is free, and darn good!
For these other companies, if your want faster support you have to pay for their "premium" virus removal. Webroot is not like that. If you are a Webroot user fast support is free, and darn good!
Finally got through to Aaron in tech support. He analyzed my system and said it showed no remnants of the trojan virus. He answered all my questions regarding why this same virus keeps popping up - said that Webroot was catching it and allowing me to eliminate it. Considering that this has been going on for a while, it's good to hear that it's not infecting my system. I am still leary of this whole thing as I understand that this trojan is a bad one. I'm hoping it's really eliminated and not insidiously lurking somewhere in my system. If I have any ongoing issues, I'll be checking back. Aaron was very good at his job - he was professional, kind and courteous. Hopefully this is resolved 😃
Userlevel 7
Thank you for the reply! I am, as you are, just a user/customer. The only difference is that I volunteer here to help answer questions. Hearing about your exprience with Aaron helps me be able to tell others who have questions that Webroot Support really is top rate!
I have something here that may interest you. Take a look at THIS LINK. It is meant to explain the Threats Removed stat, but if you also look it shows the Active Threats stat as well. This will help tell you when WSA has detected something if it has removed it or not. Zero Active Threats of course means WSA has blocked and removed it.
I have something here that may interest you. Take a look at THIS LINK. It is meant to explain the Threats Removed stat, but if you also look it shows the Active Threats stat as well. This will help tell you when WSA has detected something if it has removed it or not. Zero Active Threats of course means WSA has blocked and removed it.
Thank you for the link, it does give me more info. I actually view everything and go through most of the webroot processes. This is something I take very seriously - I ran the internet for an online catalog years ago and back then I ran three malware and two antivirus protection programs. I sill would like to run an anti-malware but have been advised against it. I will continue to keep a close eye on all of this. It's bizarre that I saw nothing for several years and all of a sudden, I'm being innundated with these virus attacks. The trojan one in the subject line is the most persistant. Webroot has apparently had to remove a program called hijack and several other trojans over the past couple weeks. What the heck is going on???!!
Userlevel 7
You are not alone, others are noticing high activity at the moment. It just goes in cycles.
I am not sure who advised you to not use a secondary AV solution along side with WSA, but usually WSA does get along with other solutions just fine, and that is by design. The trick is usually make sure to install the other AV first, WSA second.
I am not sure who advised you to not use a secondary AV solution along side with WSA, but usually WSA does get along with other solutions just fine, and that is by design. The trick is usually make sure to install the other AV first, WSA second.
Thanks, good to know. So if I wanted to install, say Comodo, what would be the best way for me to do that? Should I uninstall WebRoot first? I really hate to do that... 😕
Userlevel 7
Try installing Comodo with WSA as is. The Comodo installer may or may not complain. If it does, and if it refuses to install, just uninstall WSA, install Comodo, then re-install WSA. The WSA install is tiny, so it really does not take long to reinstall it.
Great - thanks for all your help. I just now got ANOTHER warning of six trojans that webroot caught. This is getting ridiculous. Seems I'm getting hit every few hours.
Userlevel 7
That is annoying at best..... but at least Webroot is catching them 🙂
Userlevel 7
You might want to contact Webroot support again. it sounds like you may have something else going . Be sure to note what you were doing and what was running when those additional Trojans were detected.
Thanks, I will open another ticket. Sadly this all seems so random. The way my system is running, it makes me think there is more going on... 😞
Userlevel 7
Yep. Those trojans that Webroot is detecting are coming from somewhere. Hopefully support will be able to dig down and find out what is up. Like I mention though, be sure to let them know what you were doing on the comuter such as applications that were opena dn any website you were on. Every additional piece of information can help.@ wrote:
Thanks, I will open another ticket. Sadly this all seems so random. The way my system is running, it makes me think there is more going on... :-(
Just a sad update. While running the full scan, I had to get online to do something for a client. Checked out a news story on yahoo, then got alerted that 8 or 9 viruses needed to be removed. Shut down the browser, and did screen shots of all the viruses listed, and a few microsoft warnings that popped up, then ran the removal process. I have a new warning about threats now. And another microsoft warning. Is there any way for me to send the screen shots of all that's going on? I entered the info on another ticket, but couldn't upload any files. This is bad for me, as there are folks who need me to have a functioning computer. Grrr....
Userlevel 7
Save the screenshots on your computer, and when you contact support they can most likely perform a live session with you and see the screenshots. Or, they may be able to send you a link or email to send them.@ wrote:
Just a sad update. While running the full scan, I had to get online to do something for a client. Checked out a news story on yahoo, then got alerted that 8 or 9 viruses needed to be removed. Shut down the browser, and did screen shots of all the viruses listed, and a few microsoft warnings that popped up, then ran the removal process. I have a new warning about threats now. And another microsoft warning. Is there any way for me to send the screen shots of all that's going on? I entered the info on another ticket, but couldn't upload any files. This is bad for me, as there are folks who need me to have a functioning computer. Grrr....
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.