Why is Webroot reporting links from legitimate emails as unsafe, including sites for local stores, and organizations that I belong to.
Page 1 / 1
Hello djorten, welcome to the Webroot Community!
This is something that Webroot Support will probably need to take a look at. There may be a few causes to this, although it is possible you can fix this on your own. Sometimes this behavior is caused by what we call a PUA (Potentially Unwanted Applications). Simply put, these are not malware, but they can be problematic.
What follows is a bit long, and I apologize for that. There is a decent chance that by going through it all you might be able to fix this yourself, but if not please submit a Trouble Ticket. Webroot Support is FREE for anyone with a valid WSA license.
_____
What you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application)These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Trouble Ticket, especially if you cannot remove it easily from the directions in the KB Article.
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket. Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
I hope this helps you both understand, and resolve the problem and if not please let us know!
NOTE: As noted above, PUA's that:
are often NOT detected and removed. This is partly for legal reasons: the source of the download can complain about it's extra software being blocked automatically by Webroot. There may be to allow WSA to recognize and block a LOT more PUA's than it currently can. Please see THIS IDEA for more information, and give a KUDO if you agree. User Idea requests are noted by the Webroot Team, and the more Kudo's on an Idea the more likely we may see dev time devoted to it.
This is something that Webroot Support will probably need to take a look at. There may be a few causes to this, although it is possible you can fix this on your own. Sometimes this behavior is caused by what we call a PUA (Potentially Unwanted Applications). Simply put, these are not malware, but they can be problematic.
What follows is a bit long, and I apologize for that. There is a decent chance that by going through it all you might be able to fix this yourself, but if not please submit a Trouble Ticket. Webroot Support is FREE for anyone with a valid WSA license.
_____
What you are seeing and describing sounds like it may be what we on the Community refer to as a PUA. (Potentially Unwanted Application)These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
For those that are not detected by WSA, please see this KB Article. It has some easy to follow directions on locating and removing PUA's. You may also want to submit a Trouble Ticket, especially if you cannot remove it easily from the directions in the KB Article.
For those that ARE detected by WSA, but cannot be removed automatically, you can submit a Trouble Ticket. Webroot Support will help you get these annoying 'crapware' off your computer at no extra charge, and the additional examples may help to better automatic removal of that particular PUA for all users in the future.
To make sure that your WSA is checking for PUA's with the best proficiently, it sometimes helps to reset the PUA detection within WSA's settings. For PUA's that had previously been scanned and determined to be OK, but have since been added to detection/removal, you may want to complete the following steps:
- Open Webroot SecureAnywhere
- Click on ‘Advanced Settings’ from the top right
- Select ‘Scan Settings’ from the left side
- Unselect the option “Detect Potentially Unwanted Applications”
- Click on the Save button (you may have to enter in a CAPTCHA)
- Reselect the option to “Detect Potentially Unwanted Applications”
- Click on the Save button
- Run another scan with Webroot and remove any items that get detected.
I hope this helps you both understand, and resolve the problem and if not please let us know!
NOTE: As noted above, PUA's that:
- Come in with other downloads
- Have a clear opt out ability prior to install
are often NOT detected and removed. This is partly for legal reasons: the source of the download can complain about it's extra software being blocked automatically by Webroot. There may be to allow WSA to recognize and block a LOT more PUA's than it currently can. Please see THIS IDEA for more information, and give a KUDO if you agree. User Idea requests are noted by the Webroot Team, and the more Kudo's on an Idea the more likely we may see dev time devoted to it.
Hello and Welcome to the Webroot Community!@ wrote:
Why is Webroot reporting links from legitimate emails as unsafe, including sites for local stores, and organizations that I belong to.
Are you talking about Web Site blocks such as this? And the ones you go to all the time are blocked as well?
Thanks,
Daniel ;)
Hi djorten
Well, if you are seeing what Daniel has posted in his response then I suspect that there is something in the links that you are getting via email and that WSA is objecting to/seeing them perhaps as unsafe. I think that your best bet per page is to go through the block, of you are sure the page is safe, by clicking on the 'Unblock & procced' button in the bottom lefthand corner of the WSA blocking page...this will whitelist the site locally and also transmit details of the override to Webroot/BrightCloud notifying them of the override, and if enough users in the same position do this then the message should get through. But only do this if you believe the site is safe or you must access it.
You can also log a Support Ticket to let the Support Team know of the issue; please give them details of the site cocnerned, etc.
Or thirdly you can visit the BrightCloud site and log a URL Reputation Change request which also notifies the relevant pésons as to the issue, etc.
Hope that builds on what has already been provided and helps?
Regards, Baldrick
Well, if you are seeing what Daniel has posted in his response then I suspect that there is something in the links that you are getting via email and that WSA is objecting to/seeing them perhaps as unsafe. I think that your best bet per page is to go through the block, of you are sure the page is safe, by clicking on the 'Unblock & procced' button in the bottom lefthand corner of the WSA blocking page...this will whitelist the site locally and also transmit details of the override to Webroot/BrightCloud notifying them of the override, and if enough users in the same position do this then the message should get through. But only do this if you believe the site is safe or you must access it.
You can also log a Support Ticket to let the Support Team know of the issue; please give them details of the site cocnerned, etc.
Or thirdly you can visit the BrightCloud site and log a URL Reputation Change request which also notifies the relevant pésons as to the issue, etc.
Hope that builds on what has already been provided and helps?
Regards, Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.