Webroot SecureAnywhere Discussion & Update Thread

Discussion in 'other anti-virus software' started by Triple Helix, Jun 6, 2014.

  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    I just booted the laptop a short time ago, and got two popups... I allowed the VS one, and for the WSA one, I decided to remove from quarantine.
    VS_unkown file alert_01.JPG WSA_threat detected alert_01.JPG
     
  2. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    This file which was initially blocked, has now been allowed...
    WSA_quarantined file allowed_01.JPG
     
  3. Cache

    Cache Registered Member

    Joined:
    May 20, 2016
    Posts:
    445
    Location:
    Mercia
    Hi Tarnak
    May I ask why you are running Panda Security along with Webroot? You surely don't need both.
     
  4. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    I like trying out different software...so, just another layer. And, besides I see no adverse effects on my computer.
     
  5. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Looks like it comes with some unwanted Adware PUA/PUP so can you post the MD5 hash from the scan log that shows that detection?

    TIA,

    Daniel
     
  6. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Running the setup file exe, following directions, I then got another WSA alert, which I also removed from quarantine.

    WSA_quarantined file allowed_02.JPG

    These might be the lines that you are after:

    [E] c:\users\owner\appdata\local\temp\7zs0c346f10\program files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe [MD5: C2B27CA055A95CD8580D43454DB3144F] [Flags: 10081100.10609]

    [E] c:\windows\temp\7zs8729f191\program files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe [MD5: C2B27CA055A95CD8580D43454DB3144F] [Flags: 10081100.10609]

    [E] c:\program files (x86)\panda security\panda security protection\tools\pandasecuritytb.exe [MD5: C2B27CA055A95CD8580D43454DB3144F] [Flags: 10081100.10609]
     
  7. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
  8. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    I don't see any toolbar. So, I don't know in which browser it would appear.
     
  9. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
  10. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Dan, I have just updated to Opera - 42.0.2393.517 - Restart Opera to update to version 43.0.2442.806. I think this browser is not used by Panda for gathering information. So, I am not to worried.
     
  11. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Then you will have set to allow if it's detected again.
     
  12. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Why would I want to allow? I though the objective was not to allow... Light bulb moment!
     
  13. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    You mean if WSA alerts, again! :thumb:
     
  14. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Right or let WSA remove it for you.
     
  15. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Q: what does [E] #3067 stand for?
    Thanks
     
  16. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Overridden the detection Locally. [E] Exclusion
     
  17. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Thanks!
     
  18. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Just out of interest, confirmed by another... Windows_SAP_threat detection_01.JPG
     
  19. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Because this is in the Webroot Thread I'm posting the VT detection of this same MD5: https://www.wilderssecurity.com/thr...-posting-of-jotti-virus-total-results.180057/

    These might be the lines that you are after:

    [E] c:\users\owner\appdata\local\temp\7zs0c346f10\program files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe [MD5: C2B27CA055A95CD8580D43454DB3144F] [Flags: 10081100.10609]

    [E] c:\windows\temp\7zs8729f191\program files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe [MD5: C2B27CA055A95CD8580D43454DB3144F] [Flags: 10081100.10609]

    [E] c:\program files (x86)\panda security\panda security protection\tools\pandasecuritytb.exe [MD5: C2B27CA055A95CD8580D43454DB3144F] [Flags: 10081100.10609]


    ~ Removed VirusTotal Results as per Policy ~

    So it's detected by many!
     
    Last edited: Feb 7, 2017
  20. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    I don't know about the many, but I have an additional line:

    [E] c:\program files (x86)\pandasecuritytb\pandasecuritydx.dll [MD5: 8956A3BDB242BF721160EFA3DA72D789] [Flags: 00081100.10909]

    P.S. I am just ticked off, that by allowing the update in Panda, the trial version of Panda Global Protection 2016 that I have on my Surface Book, and which still had another 30 days or so to run, has now been has downgraded to just the Panda AV free version.
     
  21. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Well it has Unwanted Adware and as I said you could Allow if you wanted to keep it. You can check other files or MD5's here: http://snup.webrootcloudav.com/SkyStoreFileUploader/upload.aspx

    [MD5: 8956A3BDB242BF721160EFA3DA72D789]

    2017-02-08_10-59-18.png
     
  22. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Last edited by a moderator: Feb 8, 2017
  23. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Thanks, Dan ...for the additional information on that extra line. :) I'll try to remember about that link for future detections, and information.
     
  24. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    778
    Daniel, I assume that the "new" technology is only being incorporated into the business/corporate side of Webroot at present :doubt:
    Are there any plans to push some of it to the consumer versions that we use?
     
  25. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    778
    New test of WSA by MRG. Note: this is a Webroot sponsored test.

    https://www.mrg-effitas.com/wp-content/uploads/2017/02/Webroot_AMTSO_report.pdf

    While perhaps interesting it's a pity that they didn't give a breakdown of detections / infections for each category of malware so that we could see if there was a weakness in a particular category (ie: ransomware) or if the missed samples were spread across all categories. As it is it doesn't really tell us a lot.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.