Webroot SecureAnywhere Discussion & Update Thread

It's on the win 7 setup

 

Maybe have the option to vary compression of the files. Ie none med high

 

here
"C:\ProgramData"

 

You can delete the db.numbers.db files if you know for sure that your not infected. Now for awhile Webroot has locked these files so you have to turn off WSA and then you will be able to delete these db.numbers.db files, also you can delete the dump file as well and if it continues then contact support as they might want it and ask you to download and run wsalogs log gathering utility. Again to stop it from growing again contact support and ask them to white-listed your unknown files.

As you can see my WRData Folder doesn't have any db.numbers.db files and is nice and clean and I don't have any unknown files in my scan log.

 

No you do not delete all files in the WRData Folder just the db.numbers.db files and only if you know your not infected, all you have to do is turn off WSA to be able to then after restart WSA.

 

very well. back when i used wsa, i used to do it that way and had no issues tho.

 

I thought they got rid of those db.numbers.db files when they put in the self cleanup. I used to see those files every day. Now i have not seen any in years it seems like.

 

deleted the db and dump files.

I will see if they reappear.

 

Right did a scan of the win7 os and it got me 87meg of new numbered db files so that has cut out a bit

 

My WRDATA folder is 1.25 GB in size! There are 19 dbXXXX.db files (545 MB) and 3 WRSA....WSAInstall.exe.dmp files (461 MB). What do I need to decrease the size of this folder?! I only have a 128 GB SSD.

 

If you know for sure your not infected then just turn off WSA and delete the db.numbers.db files and the DMP files as well then start up WSA again!

 

Again to everyone if you have many [U ] files in the scan log and or to many db.numbers.db files in the WRData Folder it would be best for you to Submit a Support Ticket and ask them to white-list your unknown files, to me it's not a big deal as I do it all the time because I don't like my WRData folder getting large.

 

Here is my last interaction from Webroot Support!

Code:

Webroot Support (Jul 3, 2018 2:10)
RE:Can I get these files White-listed Please
Hello Daniel,

We have whitelisted the requested files. Have a good week!

Regards,

The Webroot Advanced Malware Removal Team
____________________________________________________________________________
Your Message (Jul 3, 2018 1:58)
Can I get these files White-listed Please
Hello,

Can I get these files white-listed please? These are not well known programs!

Thanks again,

Daniel :-)

Some legitimate files are not included in this log
[U] c:\program files\ivpn client\ivpn service.exe [SHA256: ECE3B872889340B3B895E95854979FFC8E8C044DDD6E76F0A90A1B5C7DB5600C] [MD5: F7E0A07A2A94F1F06889549402022AB7] [Flags: 10000000.6919]
[U] c:\program files\ivpn client\ivpn client.exe [SHA256: CFBCD6211E38178DD317673A1BF59354A29D470C2D376AA8FB6BD64C5E95D762] [MD5: 86930F6C581B2076EA54FA27FA3A373F] [Flags: 18000000.6920]
[U] c:\program files\ivpn client\ivpn common.dll [SHA256: 65BBBCE0F48BA43999867BD679940AD343973FF6BE6B448FBA24FBF85C9C9AC9] [MD5: 90ADEA2F313193E9308A9A04EF788EB7] [Flags: 00080000.6915]
[U] c:\users\daniel\onedrive\files\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5665.exe [SHA256: 3AE9AA98A373E483398C8337F8AE8D03A398AE0EA6FD5AB479A6E70094125A17] [MD5: D709DD6D0C23AF054D64598E600053F0] [Flags: 00081001.6724]
[U] e:\security programs folder\malwarebytes anti-malware folder\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5665.exe [SHA256: 3AE9AA98A373E483398C8337F8AE8D03A398AE0EA6FD5AB479A6E70094125A17] [MD5: D709DD6D0C23AF054D64598E600053F0] [Flags: 00081001.6724]
[U] c:\programdata\videodownloaderultimatewinapp\uninstall.exe [SHA256: E6F838488F5853C0731E8814BA4D808875811C83628D26383545D9CEA1988D7C] [MD5: EDAD7A317B90F26EA17CF05F46E45FC9] [Flags: 10001000.6325]
[U] c:\programdata\videodownloaderultimatewinapp\update_0.exe [SHA256: E6F838488F5853C0731E8814BA4D808875811C83628D26383545D9CEA1988D7C] [MD5: EDAD7A317B90F26EA17CF05F46E45FC9] [Flags: 10001000.6325]
[U] c:\programdata\videodownloaderultimatewinapp\tools\installhelper.exe [SHA256: E6F838488F5853C0731E8814BA4D808875811C83628D26383545D9CEA1988D7C] [MD5: EDAD7A317B90F26EA17CF05F46E45FC9] [Flags: 10001000.6325]
[U] c:\program files\ivpn client\networkhelpers.dll [SHA256: 3845C6ED6FA58D27AD2B19F74EE5617FB18BC255D03121B3E3B4EED9F29C8BF4] [MD5: D696C9AFD623DC963A216CBB8D7DD06B] [Flags: 00080000.6916]
[U] c:\program files\ivpn client\ivpn.core.dll [SHA256: C0553F6B9338A478A84AA8A7462C5C695C54106F48EBC93E7DA74DC549EB856C] [MD5: 9814C33D2A61E6448722AC6783C9B874] [Flags: 00080000.6917]
[U] c:\program files\ivpn client\openvpn\x86_64\openssl.exe [SHA256: 3350A94D27FE79EF27B1A0ED1E1405D1E6AA2906E20E7D3BD68BEBF55F9EB8C2] [MD5: ED838E05BA87F78BAF672B50EDFE6CB6] [Flags: 00010000.6932]
[U] c:\program files\ivpn client\mahapps.metro.dll [SHA256: 9B3D0738E67201421DACD838458EE811E3E725B2696C661C9742BDF6EEE57FB5] [MD5: BCC8816BF97439E9F9BAD3ADF6FC3617] [Flags: 00080000.6918]
[U] c:\users\daniel\onedrive\files\intel-thunderbolt-controller-driver_0xcpp_win_17.3.73.350_a06.exe [SHA256: BF856C56394C6F3E0D614638ACC735BCCC20B11D5D8F66FBB7F16EA62FE310DB] [MD5: 3DD4D44AAD4DA626F41F257402E8466A] [Flags: 00001000.6864]
[U] c:\users\daniel\appdata\local\techsmith\snagit\outputs\18\{808b71ee-f742-4561-9eea-b75d85dff706}\fr-fr\onedriveforbusiness.resources.dll [SHA256: 80290A30E950E10349436BE06EB8045D775C447D22375ABF6ED6996F31A70B00] [MD5: 8A826FC5308C709CD8610A89A1ADE883] [Flags: 00001000.6695]
[U] c:\users\daniel\onedrive\files\burnaware_premium_11.4.exe [SHA256: 43461CE8CD48A6AC7F7693CDA7DED3AD4B33A3D32D9E9294989976EFE503AE39] [MD5: 5F2E3137B10E9B5C333D6C7D5EBA152E] [Flags: 00081001.6233]
[U] e:\downloaded programs & drivers folder\burnaware premium folder\burnaware_premium_11.4.exe [SHA256: 43461CE8CD48A6AC7F7693CDA7DED3AD4B33A3D32D9E9294989976EFE503AE39] [MD5: 5F2E3137B10E9B5C333D6C7D5EBA152E] [Flags: 00081001.6233]
[U] c:\windows\system32\drivers\vsscanner.sys [SHA256: 6C2B166E289138E6CCD0E61CA6FAC2C8F3362AF1AB71EF56B7B58C23E3C81EC2] [MD5: 46C6E91F541A7B8EBDC053FDF26F99B1] [Flags: 40191001.4834]
[U] c:\program files\ivpn client\uninstall.exe [SHA256: 4570101991E7C4937FA02C3DABCFB33DC4E5B323D48522EC29A2DA286DE34ECF] [MD5: 22627AFEEC24ADCB5E8F207A7B22FD02] [Flags: 00080000.6933]
[U] d:\program files (x86)\metageek\inssider 4\inssider4.exe [SHA256: 6B66191F4AAB3ABAF8BF59EE549EC2EFD2DBE916996E0F02E424EAE7A482223C] [MD5: DB5D8DB513D2D250BDBDBB54F72BCDA9] [Flags: 18000000.6321]
[U] c:\users\daniel\appdata\local\techsmith\snagit\outputs\18\{094ae5cb-62e5-4845-8ed6-617d9fe893dd}\fr-fr\relay.resources.dll [SHA256: 2C7B87BE69CF4FFD9AE605FC20CCFD0574D6CA7985979DB2F373CF027C46D071] [MD5: 72F258BA6A26EED4642EC35DD42CA180] [Flags: 00001000.6696]
[U] c:\users\daniel\appdata\local\techsmith\snagit\outputs\18\{25d005bf-fe63-4cce-aa25-ce952b1d9381}\fr-fr\powerpoint.resources.dll [SHA256: 6941A6B323C10BB622722B7DD3C6F23FB133B99EA9E5709418662E6B4BE65F0B] [MD5: F3FBE7E9038ACD0B396FB796BAF5D0C5] [Flags: 00001000.6697]
[U] c:\program files\ivpn client\openvpn\x86_64\libcrypto-1_1-x64.dll [SHA256: EF4C6705D1240A3914D13299777DA0BE720F1BF023D3931080B2EABDBEFA823B] [MD5: C29A75A34C8AB2F8C77B752627E9A062] [Flags: 00010000.6934]
[U] c:\users\daniel\appdata\local\techsmith\snagit\outputs\18\{841bfdca-6a9a-4ebc-bc7e-194aa5dce428}\fr-fr\youtube.resources.dll [SHA256: BA2FD82114E4FE3ECEFA356D0CBD1D20F54A8DF6FCDDF7B359206B57AF02493E] [MD5: 53302C27E7F01BA865A68EB6989CA8E4] [Flags: 00001000.6698]
[U] c:\users\daniel\appdata\local\mozilla\firefox\profiles\49ipnir3.default\cache2\entries\9461d5dc2998196e9168b86441f6e25b1223210a [SHA256: 26D75CAB38DFE6C8889BDBE2CB30265DDF7AFC9FC72A074DB5AA1D6D1D9D5E04] [MD5: A97D6F5F72552931597DA2E925A36737] [Flags: 00081001.6938]
[U] c:\program files\ivpn client\ivpn helpers.dll [SHA256: 7093A37F94C12E36175502C8C0AC5BDAE7D12FF5E11A087885E0C89B3BC0954C] [MD5: F6260A37468DC5B7D957DAC20F3F99F4] [Flags: 00080000.6921]
[U] d:\program files (x86)\burnaware premium\unins000.exe [SHA256: 0544FCE16EB32785F9AE87596975DA3AA3D2A80D9B3A6CB37263949AAB700A9E] [MD5: E649DE5B525F3AA68ED889630422F0E4] [Flags: 00080001.6262]
[U] c:\users\daniel\appdata\local\mozilla\firefox\profiles\49ipnir3.default\cache2\entries\0b4b232321dc16170c0e55aca7e0ea78bec43b99 [SHA256: 61684ED14CBD9770F8F0B142E4653FFAA652EC3E43E173697EC352F9E6CA3C74] [MD5: 5D6BA68337FF7FB0A98648F0A665AA2C] [Flags: 00081001.6939]
[U] c:\programdata\videodownloaderultimatewinapp\libcurl.dll [SHA256: E0C1E9323F9B4D8B8FAB1161DCAB7A57AB2960776CE637719BF67C9CFD561810] [MD5: 53E7FB308A40F950962D67E70A0A3525] [Flags: 00001000.6337]
[U] c:\users\daniel\appdata\local\techsmith\snagit\outputs\18\{7e230376-4c82-4539-a828-ce1bb88a8f9f}\fr-fr\onenote.resources.dll [SHA256: 8F14E2A28BFAF6DAD600E5925271886102DD0DC28C5EF49C03DFA4D466FE4118] [MD5: 4AF3038152AA793440B74E3FCC8AB144] [Flags: 00001000.6699]
[U] e:\security programs folder\ivpn folder\ivpn-client-v2.7.9.exe [SHA256: 3DC8FE583B314C3862C30A0A6787E80A5EDAF918120F5C6E6EF08E681AE75177] [MD5: 4435618579FD295429969654D502CE89] [Flags: 00001000.6881]
[U] c:\users\daniel\onedrive\files\ivpn folder\ivpn-client-v2.7.9.exe [SHA256: 3DC8FE583B314C3862C30A0A6787E80A5EDAF918120F5C6E6EF08E681AE75177] [MD5: 4435618579FD295429969654D502CE89] [Flags: 00001000.6881]
[U] c:\users\daniel\appdata\local\techsmith\snagit\outputs\18\{808b71ee-f742-4561-9eea-b75d85dff706}\fr-fr\techsmith.wpf.resources.dll [SHA256: 3F0E011A49ED11F179CEE9FAFE75927CA8B78850A7117257BBAE1AD756BF7849] [MD5: BBEF367517C344ECD69EF1C890E022C7] [Flags: 00001000.6700]

 

Where/how to find this scan log you speak of?

Never mind, found it! Sent a request to support.

 

Great!

 

You're welcome.

 

New EULA has a binding arbitration clause in it. I can't say I'm a fan of this kind of stuff.

PLEASE UNDERSTAND THAT THIS AGREEMENT CONTAINS A BINDING ARBITRATION CLAUSE AND CLASS ACTION WAIVER. IF YOU ARE A RESIDENT OF THE UNITED STATES, THESE PROVISIONS WILL AFFECT HOW YOU ARE ABLE TO RESOLVE A DISPUTE WITH WEBROOT. THEREFORE, YOU SHOULD READ THEM VERY CAREFULLY. FOR EXAMPLE, UNLESS YOU OPT OUT OR HAVE A CERTAIN TYPE OF DISPUTE WITH WEBROOT AS FURTHER DESCRIBED IN SECTION 24 BELOW, YOU AGREE THAT ALL DISPUTES BETWEEN YOU AND WEBROOT MUST BE RESOLVED BY BINDING, INDIVIDUAL ARBITRATION AND YOU HEREBY WAIVE YOUR RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS ACTION.]

You can opt-out apparently, by entering your key, but what does that do exactly? I just renewed three days ago, does that make my key invalid? Is this the kind of thing where in order to use the product I have to agree to sign my life away?

 

Someone could have WSA white list these unknown files
Some legitimate files are not included in this log

 

You can do it yourself! Webroot Customer Service

 

You would have to contact support and talk to the sales department: Webroot Customer Service

https://www.webroot.com/us/en/about/contact-us#heading-offices

 

When posting these scan log files it's best if you use the Code Tags.

 

PC Beta Testers there is a new Beta out v9.0.21.18

 

They were going to work on a Anti-Exploit years ago, and decided to abandon the ideal. I'm glad they have decided it's worth the effort now!

 

True as they were more concerned with any payload that tried to download from an exploit so it is a nice surprise to be proactive.

 

Yesterday, I needed to uninstall an older version of Panda Global Protection[2016] because it was required before installing the newer version. I then installed the 2018 version of Panda Global, but I then got this popup warning. However, I couldn't override it, as I knew it was wrong. I wish they gave me the option to ignore the detection, but they don't.