Background: I had Webroot Antivirus with Spysweeper and no fatal problems with bad viruses for the last 4 years. It was time to renew my subscription and the salesperson convinced me to upgrade to Security Essentials. After installing it, things weren’t working quite right; pages weren’t loading correctly on the first try, PDFs wouldn’t open, and I kept getting notifications asking if I should allow or block things to access the internet but I had no idea what they were (a jumble of letters and numbers.exe) and there was no guidance for it so I called and asked to have my old Webroot Antivirus with SpySweeper back. I didn’t think it was a virus but just that my 4-year old computer wasn’t handling the firewall well or vice-versa. Webroot sent me a download for the Antivirus with SpySweeper but it was the new 2011 version and things completely went down hill over the next few hours. I was talking to my friend on skype shortly after installing it and all hell broke loose- my computer froze up and a small cat icon was sent to my friend through the chat even though I definitely didn’t put it there and it never appeared in my text box.
When I restarted my computer, I did it in safe mode without networking and ran an antivirus scan with Webroot but it keeps stopping at the same file about 140,000 files in- I think it’s an index.dat file related to cookies. The estimated time continues to move forward but the scan doesn’t progress to any other files, even after hours of waiting. At that point I can’t even stop the scan- when I click stop scan it just says “processing” and no matter how long I wait, it won’t stop or continue or anything. I tried restarting in safe mode again and it kept happening each time I tried. I restarted in safe mode with networking to try to use security.symantec.com because that scan has picked up on things other scans have missed in the past but my computer totally broke down (“fatal error” blue screen) before it finished (it had run fro about an hour or two and hadn’t picked up on anything yet.) I restarted in safe mode with networking again and it started up ok and I ran a quick scan (because I didn’t think my computer would last through the full scan) with Microsoft’s Malicious Software Removal Tool and it came up clean. I am now running a full scan with the Malicious Software Removal Tool and crossing my fingers that my computer makes it.
Other details: Now when I open up internet explorer for the first time after restarting it a pop up ad for a registry scanner thing shows up, which definitely makes me think this is some malicious adware type stuff. Also, I noticed a lot of suspicious processes going on but I’m not sure what to do about them. For example, There are five svchost.exe running. (I know one is normal but so many at once makes me suspicious.) I searched my computer for svchost.exe and did a scan of each file that was found but all came up clean using webroot.
Any suggestions? Something is definitely wrong but virus scans are either coming up clean or my computer is not lasting through them long enough for them to pick up a virus.
Ok, I’ve tried installing malwarebyes, avast, and avira antivir but none of them will install correctly (they won’t open and say that maybe reinstalling them will help but it doesn’t.)
I agree with William above – malwarebytes and superantispyware should be your first line of attack
if you can’t get them to install, try the portable version of superantispyware which does not require installation
in my opinion, webroot software can be resource hungry and slow your system down – cut your losses and uninstall it and use better free alternatives such Avira Antivir
you could also try AVG rescue cd – download the iso, burn it to cd, boot from the cd, connect to the internet via ethernet and update definitions and run a full scan
on: 6th September 10