Sorry for my absence, but…

Wow! ​@MajorHavoc ! What a friggen nightmare! I haven't put Webroot on my iMac systems for many years. Since Webroot was failing their own Backup before Carbonite. Couldn't trust it after Beta Testing Webroot. 

So so sorry to hear of all these issues. Webroot has dropped the ball on iMac ever since we lost the best Apple Tech Support which was Wanderingbug. I realize I'm not very skilled in assisting you with your devastating issues with Webroot but I just wanted to emphasize my concerns about all this going on. Wish I could help. 

We miss you as you were a big part of this Forum. Take care and thank you for sharing all these problems and the neglect of Webroot support with their product with us. Very sad as you were an asset to the iMacs  with your technical skills. 😪

I’m at a loss for words on the problems and support for Webroot for Mac. ☹️  I agree ​@Ssherjj when ​@Wanderingbug was the Apple Tech Support for Webroot for Mac we didn’t have these problems.

Thank you both. I really appreciate the kind words. I resisted asking for alternatives here (obviously) but I’m really hoping they can get their act together. I will be back when i get over this frustration. Maybe I can help other with similar problems.  

You're most welcome! 🙃

Hello ​@MajorHavoc Sorry you have these issues with Webroot and Carbonite and our main contact is ​@TylerM so hopefully he will see this and get it to the right Product Manager's and maybe go up the ladder because it's not just you so OpenText should be concerned. The Webroot Window's app works great and they even fix things as you can see in the Beta group.

Take care and we will see you again soon!

Yeah let me move this to the right place and then tag ​@Jeremiah Voris 

​@JR565 

Hi ​@MajorHavoc,

I just want to let you know I’ll mention this to the Carbonite team as well. Am I remembering correctly that you’re using Carbonite SAFE?

As for the Webroot issues, Jyoti and I are talking to support about this. I assume you have at least one call logged they’ll be able to find? We’ll definitely want to be able to get a handle on why you’ve been seeing these.

--

Jeremiah

Hi Jeremiah. Thanks for reaching out. I do believe you and I have discussed this before and I’m not sure if any of the tickets are still open. They often get closed because nothing “can was done” kind of reasoning. So I have not created new tickets yet again but have complainied about both issues multiple times.  
 

Typically  I’m pointed to some FAQ (Carbonite issue) or told the behavior is normal (warnings on .plist files) and they should not return. Then the tickets are closed. But nothing is fixed.
 

Truthfully,  I removed the nightly auto reboot on that one Mac (acting as a server) because the warnings stay on the screen, and have not rebooted lately so not sure if this still happens. But I  am not aware of any updates lately (as there are rarely any for Mac products anyway, another issue IMO) 

As one additional issue that have not yet reported, my wife’s computer is still on MacOS Sonoma and does not have any of these issues. However, her Carbonite turns itself off frequently. I turn it back on, and if I go back to check in a few days, the app window says it is stopped. Not paused but not green either. Stopped. I have not submitted a ticket on that because they will just tell me it is something I am doing wrong, which is ALWAYS the first response. 

If I could fix one thing for customer service world wide it would be for agents to stop assuming we are all idiots and we, not the product, has an issue. It’s really annoying. 

Back to you.  
 

Thanks Tyler. 

Hi Jeremiah. To add insult to injury, I did submit a Webroot ticket about a system file flagged as infected (it was not) but NOT moved to quarantine. The file seems to have been deleted, either by Webroot or by the system because it was done with it (an update dmg file).

But your team has punted on the ticket because I cannot supply the file. I specifically said it was deleted (as mentioend), and then they asked for the file anyway. But to be clear, it was not the file I was complaining about, but the fact that it did not end up in Quarantine after being flagged, and you are flagging system files that are legit.  Again, they made this my problem and said the could do nothing about the issue without the file. 

Yes, I am VERY frustrated with just how bad the software has become and the customer service team’s unwillingness to do any actual research on issues. But, if you are leaving the Mac platform behind as it seems, maybe time to just do it and us Mac users can find another solution. I hope that is not the case, but it sure feels like it. 

 

​@MajorHavoc I want to take the time to address your post and concerns. At this time, Carbonite backup is still a separate product from Webroot SecureAnywhere and is managed by Carbonite Support. For that reason I will avoid addressing anything Carbonite related.

The suspicious activity alerts are a pressing issue. Alert fatigue is an issue we want to address, particularly if they are for "false positive" events. Speaking with development and Support leadership, we are reviewing the efficacy of the Suspicious Activity alerts. With the aim to either 1) deprecate the feature if it does not enhance the efficacy of the SecureAnywhere agent or 2) implement an enhancement to lessen the noise it may generate ensuring only legitimate threats are reported.

Regarding your concerns about false positives, the quarantining of detected threats, and how SecureAnywhere lists what is detected in the User Interface. I would like to start with how we list detected threats. We are aware that the interface cannot be expanded in a meaningful way to display the entire path or threat type, however, we do provide an option for a threat report. The report would include the path in its entirety - https://answers.webroot.com/webroot/ukp.aspx?pid=10&app=vw&vw=1&solutionid=1242.

If the threat was not quarantined, you would be able to see the entire path of what was detected under /Library/Application Support/Webroot/WSALog.log. Please be aware, the WSALog.log often only contains data from the last 24 hours. Therefore, when a potential false positive is detected, saving a scan log is recommended for retaining historical data for Support to review.

Currently, SecureAnywhere for Mac does not automatically quarantine threats. A design choice to allow users to ignore potential false positives before a cleanup scan is completed. Our stance on this behavior is changing and we are planning to implement the automatic quarantining of threats in the future.

Lastly, false positives. Supports current process is to attempt to retrieve the MD5 or SHA256 hash for detected files that may be a false positive. Our Threat Research team needs the hash to update our definitions to prevent a re-detection.

In the examples you provided, some detections are transient files that are no longer on the system preventing tools like Terminal from generating a hash. We are also aware of a deficiency in our logs to notate the file hash; often listing a series of 0’s next to the detected file. Development is working on enhancements to the WSALog.log file.

​@aharon1986  Thank you for your reply but seriously, nothing here is really a reasonable or good answer.  Let me reply: 

Ok, I realize Carbonite and Webroot are separate products, but for the Mac, they are both failing miserably since the OpenText purchase. You need to be aware that most of my clients have left both products. 

On suspicious activity alerts, I am glad to hear this is a “pressing” issue, but I think I have been reporting them for almost a year. Just this morning, the reboot of my MacBookPro made me click through 126 activity reports, almost all related to changes to .plist files that startup activities will do. Deprecating seems like a harsh response to fixing the issue.  Kind of like saying I broke my fingers, so let's cut off the arm. This is just one example of where no Mac development seems to show. 

“We are aware that the interface cannot be expanded in a meaningful way “: this too has been an issue for YEARS, no just a few months. I can’t help but wonder just how hard it would be to make that window resizable. I belive it is a setting in the window descriptor. Too much work? 

“we do provide an option for a threat report.” Seriously? You want me to explain to consumer users that they need to generate a log, then search for the log, and then go search the log for a partial string they saw in a threat, because they could not read a string you in a window you cannot figure out how to make expandable? Sigh. This is a non-starter for answer. I find this answer completely ridiculous. My clients are home consumer users. They are not going to be searching through log files. 

“ Please be aware, the WSALog.log often only contains data from the last 24 hours” : Now that is completely useless if I happen not to see the warning for a day. I consider this a fail. 

“Currently, SecureAnywhere for Mac does not automatically quarantine threats”  Wait, did you not say in the paragraph above, “If the threat was not quarantined, you would be able to see the entire path of what was detected...” So if it does not automatically quarantine, how would “if the threat was not quarantined” work? How would it get quarantined?  Confusing. 

“Lastly, false positives. “ Ok, I get that a single file that is repeated everywhere is handled through hash signature. Sure, that I get. But some files, especially system files, should be known already and you should have the hash. Never had this problem with other virus programs. They all seems to know what is a valid system response. Sure, the system file could be compromised, but on a Mac that is VERY unlikely. I believe there is a lot more Webroot could do here if they wanted to But again, that would require a functioning software team for the Mac product. From the outside observer, looking at no update to the Mac app for what, almost 2 year, maybe longer, while the Windows app sees regular updates tells me that the Mac is not a priority and very little effort is put into this. Please, prove me wrong. 

“Development is working on enhancements to the WSALog.log file” Well, that is good, but making a user search a log file is still an unreasonable things for a simple consumer to do. 

I appreciate you taking the time to respond, but nothing said here makes me feel any better about the current state of this program and how badly it currently performs. 

My best bet at this point is to simply stop using it. Then you won’t have to hear me complain about bugs and errors that never get fixed. (like the UI which is more stale than a year old load of bread.)