Webroot SecureAnywhere Discussion & Update Thread

With windows update rolling everything into one update do i have to install the MSRT or is their a way to avoid it?

Running win 7 64bit home prem

 

On reflection it might be some of the third party utilites that patch windows.
One i remember was the evid? patch to open more connections up as service pack 2 on xp reduced the number.
Allegedly this was because people bought win xp pro instead of the server edition thus costing MS money.

 

they target specific prevalent pieces of malware with each of those, so it doesn't really hurt anything to let it go.

relevant msft documentation (select covered families to expand the list of targeted malware):
hxxps://support.microsoft.com/en-us/help/890830/remove-specific-prevalent-malware-with-windows-malicious-software-remo

 

"How the Malicious Software Removal Tool differs from an antivirus product

The Malicious Software Removal Tool does not replace an antivirus
product. It is strictly a post-infection removal tool. Therefore, we
strongly recommend that you install and use an up-to-date antivirus
product.

The Malicious Software Removal Tool differs from an antivirus product in
three key ways:

- The tool removes malicious software from an already-infected computer.
Antivirus products block malicious software from running on a computer.
It is significantly more desirable to block malicious software from
running on a computer than to remove it after infection.

- The tool removes only specific prevalent malicious software. Specific
prevalent malicious software is a small subset of all the malicious
software that exists today.

- The tool focuses on the detection and removal of active malicious
software. Active malicious software is malicious software that is
currently running on the computer. The tool cannot remove malicious
software that is not running. However, an antivirus product can perform
this task."

https://support.microsoft.com/en-us...-malware-with-windows-malicious-software-remo

 

The Webroot filtering extension for chrome is showing all sites are suspicious with a Orange Icon.

 

https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/Outlook-Mail-Suspicious-Site/td-p/327168

 

Yes they know about and working on it.

 

appears to be sorted
Thanks

 

Yes I'm seeing the same in most cases but not completely.

 

From Webroot:

I'm not seeing any issues at this time!

 

Webroot’s Web Shield Filtering Extension -- Chrome
Version: 1.7.0.23
Updated: August 22, 2018
https://chrome.google.com/webstore/detail/webroot-filtering-extensi/kjeghcllfecehndceplomkocgfbklffd

 

anyone notice search annotations (Chrome + google search) not rendering for all results.

 

No issues here with the latest Chrome or Firefox.

 

Okay, must be me.
Thanks

Edit:

Spoiler: annotations sorted

After trying to sort my annotations issue thru WebrootSA agent/extension.
I noticed that my search annotations were showing okay in my Chrome Person 2 profile.
So, I Reset (Restore settings to original defaults) my Chrome Person 1 and search annotations now render as expected.
I had to re-do my persistent login cookies + set a few Chrome switches ... no biggy.

 

I bought a 1year/3PC subscription to WSA yesterday, via Novum Ovum (my nickname for Newegg.com). WSA is up & running. I am running Panda Free, as well. Between the 2 of them (both are 99.9999% in the cloud), my aging laptop barely notices them. CPU, working set, & I/O total rate are amaaazingly low. The 2 of them together use MUCH fewer resources than the resident AV (EAM) on my other computer - a twin to my aging laptop.

My theory: Panda has slightly better sigs & a Behavior Blocker (BB gun) of indeterminate effectiveness. WSA has a SUPER BB gun. So I want to see if they play nicely together. So far... grreat!

 

@bellgamin
did you install PandaSafeWeb

 

No. Actually, when I was running only Panda, I used NortonSafeWeb instead of PandaSafeWeb. My browser is Firefox... I also use NoScript, IdontCareAboutCookies, Ublock Origin, & No Coin. Now that I am also running WSA, I have switched from NortonSafeWeb to WebrootFilteringExtension.

Uhh... why do you ask?

 

some VT engines (Webroot) detect PandaSafeWeb.exe (PUA/Adware)

 

Yes, when I installed WSA, it made a bit of a fuss about a couple of Panda files. Understandable. No problem.

 

I have Panda Global Protection installed together with WSA. However, in the last two weeks whenever Panda Global has automatically started to update WSA interferes and causes the Panda update to fail. I have to rerun the Panda Global Protection installer exe to get Panda reinstalled on my system. [I haven't figured out how to stop these PUA detections by WSA from interfering in this update process.]

From the last WSA scan log, I found what I consider to be False detections by WSA:

Tue 28-08-2018 22:11:13.0156 Infection detected: c:\windows\temp\7zs87d8cda9\program files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe [SHA256: 7BD01B3E93950E23AE705917E16817586784649E394C99F2B064F837D82F4FEA] [MD5: EBE12D1003B2B3A23351C42436AD2330] [3/00081020] [PUA.Gen]
Tue 28-08-2018 22:11:13.0156 File blocked in realtime: c:\windows\temp\7zs87d8cda9\program files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe [UniqueID: 3E1BD07B, MD5: EBE12D1003B2B3A23351C42436AD2330, Size: 4575680 bytes] [528416/00000003] [PUA.Gen]
Tue 28-08-2018 22:11:13.0168 Determination flags modified: c:\windows\temp\7zs87d8cda9\program files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe - UniqueID: 3E1BD07B, MD5: EBE12D1003B2B3A23351C42436AD2330, Size: 4575680 bytes, Flags: 00000020


Tue 28-08-2018 22:48:03.0396 Infection detected: c:\users\owner\appdata\local\temp\7zsc7ce4db4\program files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe [SHA256: 9FED84AC26B337E477937BE2BE438349D016B3F56B0A30EEF3DEDD0D27A10AB6] [MD5: B72F5D2B3EE95FE59694CB115000E152] [3/00081020] [PUA.Gen]
Tue 28-08-2018 22:48:03.0396 File blocked in realtime: c:\users\owner\appdata\local\temp\7zsc7ce4db4\program files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe [UniqueID: AC84ED9F, MD5: B72F5D2B3EE95FE59694CB115000E152, Size: 4575704 bytes] [528416/00000003] [PUA.Gen]

P.S. I have shown in bold for emphasis.

 

Well there not FP's so the best thing you can do is contact Webroot support and ask them what to do! Webroot Customer Service

 

does the toolbar ever update, or does it generally remain the same (same hash, etc) at each update? if it's the same, couldn't you just tell WSA to "allow" it, like you would with any other FP? *EDIT* nevermind, didn't realize it was a completely different file between the pair of hashes you mentioned.

i don't blame them for flagging it as a pua since it's a visicom pua detection (bunch of other vendors also detect it as such), but still, that's gotta be annoying since WSA generally plays nice with other AVs

 

AV's are fine but not the PUA's that come with some of them. https://www.google.com/search?q=pandasecuritytb.exe&ie=utf-8&oe=utf-8&client=firefox-b

 

@Triple Helix, @m0unds

Whatever! But, I am sure that Webroot and Panda, between them, know the score. I am just "piggy in the middle". All I know, it is not up to me tell Webroot, because they should already know about this problem with their flagging of Panda.

 

Sorry but your the one complaining so you should ask Webroot Support as I or we can't do anything on here. Also look at the PC count in the above pictures I posted.