Skip to main content
Seems my "Beast" was infected with malware and I had to have Geek Sq. work on it. My question is, if my webroot was working properly why did it not catch anything.
Hi ktdid

 

Welcome to the Community Forums.

 

Would you be able to advise as to exactly what this apparent 'malware' was called or some details on it?  The reason I ask is because The Geek Squad are prone to exaggerate or perhaps it would be fairer to say that from what I have heard they tend to class, as malware, PUAs or Potentially Unwanted Applications, which are strictly a non-malware type of applicaiton that are mainly related to adware and the like.

 

But unfortunately many do not really understand what they are and so lump them into the generic' malware caetgory when they should not really be.

 

Now, this is all supposition on my part hence my asking for additional details so we can assertain the facts for you.

 

Having said that, and continuing on the above themer...for information...WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behaviour that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.

 

To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:

 


  • Open Webroot SecureAnywhere
  • Click on ‘Advanced Settings’ from the top right
  • Select ‘Scan Settings’ from the left side
  • Unselect the option “Detect Potentially Unwanted Applications”
  • Click on the Save button (you may have to enter in a CAPTCHA)
  • Reselect the option to “Detect Potentially Unwanted Applications”
  • Click on the Save button
  • Run another scan with Webroot and remove any items that get detected.
Hope that this is of assistance?

 

Regards, Baldrick
Thank you for replying, as I said I know nothing about Webroot and the specifics. I have the log file Geek Sq. sent me after the session ended. Supposedly there were 6 malware files, and just listed as such so I'm not sure what info you might need. Sorry but as stated I don't know just how Webroot works, in addition can you explain on how the scanning works, I know it says a deep scan, but shows only a few thousand files, when I had McAfee ( a nightmare) it took about a hour and several hundred thousand files. I had used your support for a false positive file and was very pleased with the service I was impressed with the quick response. I just need to be more informed, and am reading as much as I can to learn about Webroot.
Hi ktdid

 

No worries. In relation to the supposed malware if you could just list the file names if you have them, plus if there are any designation related to them...something that starts usually with 'W32' and which normally idicates the malware detected, that would be great.

 

As far as scanning is concerned you are not alone by any means in questioning the speed with which WSA scans...that is one of the things that makes it unique when compared to the other security apps out there which are, let's face it, pretty much pedestrian in comparison.

 

In relation to that please take a look at this previous thread and more specifically the 2nd post, though the whole thread is enlightening, and that should answer the question. If you have any related or further questions then please post back and we will be happy to try to assist further.

 

Regards, Baldrick                  
I'm sure you didn't want all this! but didn't know any other way to tell you what Geek Sq. did I'm sorryto be so uninformed

I like you, you responded so quickly I'll try not to bother you anymore at least today!!


Hi ktdid

 

Thanks for that...excellent stuff other than as I expected there is nothing substantive to indicate that there was actually any malware present or that any was removed and without identification or determination as to exactly what the supposed malware was I would have to say that I very much suspect that my initial determination was correct.

 

That it was PUAs that they found & removed rather than say serious malware...further borne out by the 'Reset Google Chrome/Mozilla Firefox', 'Removed malicious extensions' & Removed Malicious search engine' which are all symptomatic of encountering a PUA as these are the key areas that PUAs mainly affected.

 

The positive side of this is that whilst you were most probably not in any great danger from them you would certainly have been annoyed at having them on your system what with the constants ads, popups, search engine redirects, etc...so better out than in...so to speak.

 

Hope that helps?

 

Regards, Baldrick
Thank you so very much, I wish more prople were as informative as you are! One thing I noticed about Geek Sq. is they never explain anything....I guess they just expect one to blindly accept what they do, I on the other hand want to know the why's and how-to's of things. You really did help me, I like your style of explaing things, thank you again, I hope the new year brings blessings to you & yours There's no need to respond, take care
Why, thank you, ktdid, for your kind words. They are much appreciated. Glad to have been able to help in some small way.

 

I would say that all the volunteers here (as that is what we are) try to be as helpful and as informative ias we can be. So if at any time you have an y further questions about WSA or you think that you may have any issue please do come back here and let us know. One of us will most probably be around to pick up and try to help out.

 

Thank you for your wishes and may I take this opportunity to wish you  and those dearest to you a very Peaceful & Prosperous New Year. :D

 

Regards, Baldrick

Reply