Webroot for home updated with latest definitions.
Running full scan reveals no threats found.
Launching Chrome at times launches a pop up, with "Your Browser is Old and requirs an update". URL in windows points to download1.file-mirror.org/process/chrom-upadate-perion.aspx?clientid=solid-common&userid=C8CBB823AC55&source=ytdforim&name=XP_chromeupgradepr
Doing a url lookup with Webroot, I see 40 This is a suspicious site. There is a higher than average probability that the user will be exposed to malicious links or payloads.
Why does webroot report no infections when clearly this is one?
Why does webroot allow going to url, when it's url lookup says it's a suspicious site?
Page 1 / 1
Hello ahcomput, and Welcome to the Webroot Community.
The URL referred to is classified as "Suspicious", and has only recently been set up. Webroot would allow you to go there, if accessing it, in itself, would not cause infection.
But there is the clear warning Suspicious, which is seen as: "These are suspicious sites. There is a higher than average probability that the user will be exposed to malicious links or payloads."
It would be likely that the classification may change, as evidence manifests and you can ask for a reputation change if you wish also: : URL Reputation Change Request | Webroot BrightCloud
You may find good info also here, about what you're seeing, and be sure and ask us any quesions:
What you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application) These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Trouble Ticket, especially if you cannot remove it easily from the directions in the KB Article.
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket. Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
I hope this helps you both understand, and resolve the problem and if not please let us know!
NOTE: As noted above, PUA's that:
are often NOT detected and removed. This is partly for legal reasons: the source of the download can complain about it's extra software being blocked automatically by Webroot. There may be to allow WSA to recognize and block a LOT more PUA's than it currently can. Please see THIS IDEA for more information, and give a KUDO if you agree. User Idea requests are noted by the Webroot Team, and the more Kudo's on an Idea the more likely we may see dev time devoted to it.
Thanks!
The URL referred to is classified as "Suspicious", and has only recently been set up. Webroot would allow you to go there, if accessing it, in itself, would not cause infection.
But there is the clear warning Suspicious, which is seen as: "These are suspicious sites. There is a higher than average probability that the user will be exposed to malicious links or payloads."
It would be likely that the classification may change, as evidence manifests and you can ask for a reputation change if you wish also: : URL Reputation Change Request | Webroot BrightCloud
You may find good info also here, about what you're seeing, and be sure and ask us any quesions:
What you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application) These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Trouble Ticket, especially if you cannot remove it easily from the directions in the KB Article.
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket. Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
- Open Webroot SecureAnywhere
- Click on ‘Advanced Settings’ from the top right
- Select ‘Scan Settings’ from the left side
- Unselect the option “Detect Potentially Unwanted Applications”
- Click on the Save button (you may have to enter in a CAPTCHA)
- Reselect the option to “Detect Potentially Unwanted Applications”
- Click on the Save button
- Run another scan with Webroot and remove any items that get detected.
I hope this helps you both understand, and resolve the problem and if not please let us know!
NOTE: As noted above, PUA's that:
- Come in with other downloads
- Have a clear opt out ability prior to install
are often NOT detected and removed. This is partly for legal reasons: the source of the download can complain about it's extra software being blocked automatically by Webroot. There may be to allow WSA to recognize and block a LOT more PUA's than it currently can. Please see THIS IDEA for more information, and give a KUDO if you agree. User Idea requests are noted by the Webroot Team, and the more Kudo's on an Idea the more likely we may see dev time devoted to it.
Thanks!
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.