Skip to main content
Greetings.  I run Malwarebytes on my Windows 10 desktop in addition to Webroot.  I updated Malwarebytes to Version 3 today and Webroot identified a Malware database update file as a trojan, W32.Trojan.Gen, and caused the PC to not log on to the desktop with a blue screen of death.  I was afraid I'd have to rebuild but persistent reboots, selecting the startup option to not start malware software, after about 8 reboots it finally started up.  Another scan ran, it picked up the file again and I selected Webroot to allow the file instead of remove it this time.  I am unable to find the file on the computer with search at all, but I'd like to verify that the file is in fact whitelisted and won't cause any more issues, and perhaps exclude more from scanning.  How is that done in the application?
Hello

1 - save a threat log | how to: http://live.webrootanywhere.com/content/843/Saving-Threat-Logs

 

2 - Find [e] characters in to saved file

for example

[e] d:soft rashreg rashregx64full.exe [MD5: 2B3742E423AC0C5B7326E84B8FD58D72] [Flags: 40080100.6112] [Threat: W32.Trojan.GenKD]

 

3 - send this string(-s) and description of the problem to support: https://www.webrootanywhere.com/servicewelcome.asp

 



 

+

You can read articles:

Managing Quarantined Items

http://live.webrootanywhere.com/content/603/Managing-Quarantined-Items

Blocking or Allowing Files

http://live.webrootanywhere.com/content/604/Blocking-or-Allowing-Files

Managing Protected Applications

http://live.webrootanywhere.com/content/610/Managing-Protected-Applications
Hi anothermike

 

Welcome to the Community Forums.

 

There is actually no need to provide the detail to the Support Team...just opene the support ticket, explain which file you are concerned about/believe may be the subject of a false positive determination and that should do it as the scan log data is automatically upload by default as and when you open the ticket.

 

You are of course free to add the additional infromation in the body of the ticket but there is no need to take the time or trouble for just one file.

 

Having said that I routine do what Petr has described, review the contents of the [u] designated files listed, and some times there are a number, copy/paste them into the support tciket and use that to ask the Support Team to verify & whitelist the ones they find to be safe, etc.

 

Hope that helps further?

 

Regards, Baldrick
@ wrote:
as the scan log data is automatically upload by default as and when you open the ticket.
Hmm, I didn't know that. I thought they needed the WSA Download Logs Link Tool. Learn something new today. 😃
Well, actually, DAve...neither did I until one day one of the Webrooter advised on this in a thread and since then I have refrained from including anything in the support ticket and usually that is enough but if the Support Team need more info then they will almost certainly request the use of the wsalogs.exe tool as you have stated.

 

But then again I amy be wrong or this may have changed so perhaps @ can comment on the veracity of my statements?

 

Regards, Baldrick
This False Positive appears to have been corrected - we don't have the exact info here but a file matching your description was whitelisted. 

 

If a file is detected, restoring the file from quarantine will whitelist the file locally for you.

 

It is always best to report any false positives you encounter via the support system. You can also submit files via the client or the following link: http://snup.webrootcloudav.com/SkyStoreFileUploader/upload.aspx

 

-Dan
@ No detections here so it must be something else? Can you post the MD5 hash so we can check it?

 



 

Daniel 😉
 

Yes, general information is included when you open a support ticket with us. This includes the scan log and all activity with Webroot since it was first installed.

 

The WSALogs tool provides a much more broad overview of the System as a whole. If our Team is requesting this, it's because they need some of the information that it includes.

 

Hope this helps. My motto is: If all else fails, LOGS, LOGS, LOGS!
Hi JP, thanks for confirming that I had not imagined it or that I was falling victim to my advancing years...;)

 

Baldrick

Reply