To Customer Support To Customer Support
Solved

Webroot unsecurity. Lack of support (legal customer)

  • 1 February 2014
  • 33 replies
  • 219 views
V
Rank
  • vx
  • New Voice
  • 14 replies
"For technical support inquiries that require immediate assistance, please use the official Webroot support system."
 
 
It took hours to get the first answer and after around 30 posts conversation I did not get the answer for a simple question:
 
   Where is safe download link (https) and the control sum of the file available?
 
 
Instead after thet extreme waste of time that's what I get:
 
"I have posted your suggestions to the developers, another thing that you can do to get more people looking at your suggestions is if you join the Webroot Community you can go to the ideas exchange and then post your idea, if you get enough votes then the developers will add that to the top of their list of things that they can change with the software. Below is a link to our community.
http://community.webroot.com/"
 
"Again I am sorry for any confusion, I can send your suggestions up to the developers but we have our downloads on a secure server so it is not an issue for the consumer who wants to install our software."
 
"Our secure download for consumers is below.
http://anywhere.webrootcloudav.com/zerol/wsainstall.exe "
 
 
 
   That is a request (facing a threat), not suggestions.
 
 
I don't like that impression to talk with idiots.
(If I could be an idiot, all what I needed was the controll sum - I don't trust the file,
connection, certificates on my system or any, neither your governmnent.)
 
threats detected:
 
https://www.virustotal.com/uk/file/7cca5216736ed43ea20ce1bca1d95da32d34c1a1f9535a7ab859cf5da18320f5/analysis/
 
http://virusscan.jotti.org/en/scanresult/13cc2f2eab3352527556685d4b44c568c840e7b2/9a08ee0336035cfc3ad6d7973760f874d51d7532
 
http://www.herdprotect.com/wrsa.exe-a50fa9a3e928713b3f2c6bb74c79e02907634f28.aspx
 
 
but:
 
http://www.herdprotect.com/wrsa.exe-954eea818edd5226a7615b431f6ae51d860958b9.aspx
 
statest the same version which is clean.
 
 
If webroot support won't help in this case, it can only mean that they were
aware of it (and they are after my notice) and don't give the answer or
a signature by intention for some reason.
 
I'm requesting again, as there is no safe way of delivery provided to let
me use it, to give my money back and to no more argue, as is obviously
not posible for webroot to fulfill the contract without any suspection.
 
 
 
-----
http://theinvisiblethings.blogspot.co.uk/2006/06/introducing-blue-pill.html
icon

Best answer by JoeJ 2 February 2014, 03:17

View original

33 replies

nic
Userlevel 7
Badge +56
@ wrote:
@ wrote:
Let's please keep the discussion friendly.
I assume he meant it to all of us not just you so please don't take that way! Be Happy! :D
 
Daniel
Yes I did mean everyone 🙂  It's easy for tempers to flare in online discussions, so sometimes a little reminder can help cool things down.
nic
Userlevel 7
Badge +56
@ wrote:
nic:
 
I tought it's over. What are you talking about or what's your problem ?
 
(there is nothing more to say)
 
 
 
Edit: There were unconstructive opinions on both forums, and really long way to get some answer.
 
Ok will in that case I guess we can consider the matter resolved.  Sorry that it was a roundabout method.  
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
@ wrote:
Let's please keep the discussion friendly.
I assume he meant it to all of us not just you so please don't take that way! Be Happy! :D
 
Daniel
V
Rank
nic:
 
I tought it's over. What are you talking about or what's your problem ?
 
(there is nothing more to say)
 
 
 
Edit: There were unconstructive opinions on both forums, and really long way to get some answer.
 
nic
Userlevel 7
Badge +56
Let's please keep the discussion friendly.  I understand that there is frustration with the issue, and there are also come communication challenges, but it only makes things worse if we start throwing accusations around.  Has your issue already been escalated to our support team vx?
V
Rank
I would appreciate your help Dermot7, and the answer of JoeJ. There was few moments when I felt offended like by the monkeys, and it was very long way to confirm the hashes (I just don't like to run anything before checking them, etc.) - and that's quite normal for guilty person to have the answer ready, but for the innocent to look for it. And some of explanations confused me even more.. That unsuspicious version looks like the others - only not packed, and has the same entry point, so far I understand it, it means that everything is fine. There are many points where the files may be tampered, but confirming the exact identity of the file closes all earlier questions, and I understand that someone, opposite to me, may just don't like control sums. No, I can't "accepted a solution" on the other thread, as I'm locked out of there.
Dermot7
Rank
Userlevel 7
Badge +3
So, if you've "accepted a solution", then your 'query/issue' should be satisfied (in both threads)?
 
"I keep loging circumstances" doesn't really make sense beyond sounding that you wish to still keep complaining about 'something', for example that JoeJ, who is PrevxHelp (which you don't seem to recognise) edited his post at Wilders (just to shorten it, without altering context), and also then replied to you (yet again) over here, and explained this for you.
 
I re-iterate what I said to you last night...it's obvious.
 
edit: 12:02hrs GMT : Inserted missing "l" in "solution". (for clarity :D)
 and 12:08 "l" into "complaining"....gotta clean this keyboard! :D
 
.
V
Rank
Basicly, I've 'accepted' a sollution, but I keep loging circumstances, like
the fact that the other thread is over as I'm lockout after PrevxHelp
- Prevx Moderator heavily edited his post so mine seems out of
context.
 
Anything else ?
Dermot7
Rank
Userlevel 7
Badge +3
@vx  Let's be straight and clear....basically you're just trolling I'd say. You're wasting people's time...it's become childish now.
 
 
V
Rank
Hunderds of specialised targets are over my imagination 😉
J
Rank
Userlevel 5
@ wrote:
Now on http://www.wilderssecurity.com/showthread.php?t=359484 I'cant post
anymore in the reply to:
 
[virtuo]        >> I did not posted any MD5.
[PrevxHelp] > Yes you did, in your post #7 above.

That are SHA-1

[PrevxHelp] > Both are 100% legitimate, virus free copies of WSA.

That would be the answer, earlier.

Are the signatures of Webroot files available only on 3rd party sites ?

And you are saying there are useless ?
 
Could we keep the conversation in just one thread (here) rather than across multiple forums? We don't publish the hashes of WSA binaries (there are many different download locations which would be confusing to users as we would have to publish hundreds of hashes for each new build), but you can validate that a binary is properly signed and originating from Webroot by right clicking on it and checking the digital signature as I have outlined several posts ago.
V
Rank
Now on http://www.wilderssecurity.com/showthread.php?t=359484 I'cant post
anymore in the reply to:
 
[virtuo]        >> I did not posted any MD5.
[PrevxHelp] > Yes you did, in your post #7 above.

That are SHA-1

[PrevxHelp] > Both are 100% legitimate, virus free copies of WSA.

That would be the answer, earlier.

Are the signatures of Webroot files available only on 3rd party sites ?

And you are saying there are useless ?
V
Rank
Citing self:
 
The anomaly is that there was a file signed by you which was _'not suspicious'_ and is no more available,instead _later_ tested and the only available file is 'suspicious' - the same as all other _earlier_ versions.And no checksums provided upon request.
 If you are able to provide 'unsuspicious' version - which was available for few days probably,then why you prefer to provide 'suspicious' version - what is against logic?
J
Rank
Userlevel 5
As has been stated before, different download locations have different checksums, and every update will change the checksum. The link you've been provided is one of the more common download locations ( http://anywhere.webrootcloudav.com/zerol/wsainstall.exe ). You can right click the file, click Properties, Digital Signatures, click on the Webroot Inc. signature, Details and see that "This digital signature is OK."
 
The file is not infected despite what a few AVs are saying: that is a false positive (a detection of a file as malicious when it is not) and there is nothing that Webroot can do. If you use one of the AVs, you can locally allow the file or submit it to their threat research team to have it re-assessed, but there is nothing malicious about the download you have received.
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
Hopefully Joe will come by this weekend he is a busy man but I did ping him to visit this thread so come back later and see if he has replied because he's the one!
 
Cheers,
 
TH
V
Rank
"Also I see you started a thread.."
 
Yes, waiting to long. All files signed. No checksums provided.
I would wish to no have never to wonder about this kind of things.
Another day wasted.
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
We can see if @ the VP Endpoint Solutions Engineering will come by and answer your question! Also I see you started a thread at Wilders about this Topic. http://www.wilderssecurity.com/showthread.php?t=359484
 
TH
Baldrick
Rank
Userlevel 7
You and me both...and I believe that Roy (Rakanisheu) has explained why this could happen, etc.
 
If you are not happy with that reply, and given that you are not happy with the responses from Support, that you move on.
 
Regards
 
 
Baldrick
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
V
Rank
I'm just tired of it.
 
To remind you:
 
According to http://www.herdprotect.com:wrsa.exe, v8.0.4.46, 954eea818edd5226a7615b431f6ae51d860958b9, tested 1/14/2014, no infections
wrsa.exe, v8.0.4.46, a50fa9a3e928713b3f2c6bb74c79e02907634f28, tested 1/19/2014 - and every other    have PE:Stealer.Zbot!1.6524 suspection detected by Rising Antivirus. The anomaly is that there was a file signed by you which was _'not suspicious'_ and is no more available,instead _later_ tested and the only available file is 'suspicious' - the same as all other _earlier_ versions.And no checksums provided upon request. If you are able to provide 'unsuspicious' version - which was available for few days probably,then why you prefer to provide 'suspicious' version - what is against logic?  
Baldrick
Rank
Userlevel 7
vx
 
The lack of clarity and information in your posts IS part of the issue with us not being able to resolve your issues...hence the reason I brought it up.  It was an attempt to try to allow focus on the issue you are trying to raise...by getting a better understanding as to what the problem is and pointing out one of the impediments to reaching that objective.
 
There was no intention to be personal but my post stands...I am however very happy for you to PM me if you feel that would assist in the process of helping you in clarifying things.
 
Regards
 
 
Baldrick
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
V
Rank
to Baldrick:
 
Thanks for your attempt to help, but I would appreciate if you could focus
on things for which you can find the sollutions but not to shift that focus
on some person as suggestion I'm the part of the problem, because of
my questions.
 
 
I would also suggest to delete your post if it wasn't your intention to put
me down what you did already. And keep focus!
 

This kind of talk, without intention to change a topic, but to help
someone you shall do privately.
Baldrick
Rank
Userlevel 7
Hi vx
 
Part of the problem is that a lot of what you are posting does not make complete sense in English.  I am not trying to be condecending or to put you down, when I say this but rather concerned as you are trying to express an issue you have, and we are not really understanding.
 
A bit of clarity would be appreciated.  m
May I ask if you are a native English speaker and if not whether you are using online translation in your posts?
 
Regards
 
Baldrick
 
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
V
Rank
You are right. Believing to owe the internet could be widely spreaded.
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
@ wrote:
(edited) to : (/edited)
 
Are you that kind of american who thinks it owes others communications
 
or imagines that can order anyone what to do ?
 
 
If you look at his profile you will see he is not American either well maybe you can't see that so what do you have against Americans? Also have you read the Community Guidelines? If not I suggest you do https://community.webroot.com/t5/Community-Announcements/Webroot-Community-Guidelines/td-p/2#.Uu077bQaquI
 
TH
Rakanisheu Retired
Userlevel 7
I am not American and that has no relevance at all to this discussion. I still dont know exactly what the issue is. Different builds will have different MD5`s as will different downloads. Our installer is not an infection and its digitally signed.
 
You can test the installer in a VM and look at what it does if you dont believe me. The one AV that detected our installer as infected gave it a Zeus defintion, if you look up what Zeus is you will see why its quite clearly a FP. If you are a customer of Rising AV I would drop them an email about the detection. Apart from that there isnt much we can do. 

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.