I used KIS before and I moved(I removed KIS from the system and installed WSA complete) to WSA because of the Resource lightness of it but after few days, now my two computers got infected.
It creating shortcuts when an USB drive inserted and creating a folder for itself on the drive.
Also I noticed that there is an autoit3.exe process on the task manager. When I see it's(autoit3.exe) location, I found that it is c:Google
I am attaching few screen shots here.
Please guide me.
**. I scanned those folder and files with webroot but no infection found.
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
The best thing to do is to Open a Support Ticket, and ask Webroot Support to take a look and remove this for you. There is no charge for this if you are a WSA license holder, with a current subscription.
Virus Removal Options
it says to enter my email , So i insert and it say
We have already had contact with: firstname.lastname@example.org
Please enter your password below if you wish to continue with your previous conversation. Your password will have been previously emailed to you.
when I insert the password and press continue it does nothing.
So still no help.
May I intervene here and just ask if you saved that email from support with the password and did you disable cookies in your browser. Just making sure we don't overlook the obvious. ;)
Also I don't believe support by phone are available on the weekends?
Now I can post a support ticket!
I am just curious , may I stay untill contact by support or may I run a on demand scanner like MBAM
Support will take a little longer because of the weekend. But they should be able to contact you through email by Monday or so..don't quote me but they usually are pretty fast.
It's up to you if you want to use MBAM. What do you think
EDIT: It's usually best not to mess around until Webroot checks your logs and what not.
You can also try to scan in safe mode
Can you run a deep scan in Safe Mode with Networking the instructions on how to do so are shown below.
1. Start your computer in Safe Mode with Networking. For instructions on starting in Safe Mode with Networking
2. Open Webroot SecureAnywhere from the tray, start menu or desktop icon.
3. Click on the cog icon next to 'PC Security'. http://www.webroot.com/En_US/SecureAnywhere/PC/WSA?_PC_Help.htm#C2_Scanning/CH2e_Defining_Custom_Sca...
4. Open the 'Scan & Shields' tab.
5. Click the 'Custom Scan' button.
6. The default scan option is 'Deep'. Click Scan.
Using Control Active Processes, advanced users can adjust the threat-detection settings for all programs and processes running on your computer. It also includes a function for terminating any untrusted processes, which might be necessary if a regular scan did not remove all traces of a malware program.
It is FUD for MBAM and Avast too.