WebRoot on my Mac just popped up that a file “/Library/Google/…./GoogleSoftwareUpdateAgent” has the threat “MacOS.MacRansomEvilQuest.1.r”
It quarantined correctly, but…. what’s going on… is this a bad file, or does WebRoot have a mistake, or is Google pushing ransomware?
Best answer by Nathan G
Support have confirmed my case is a false positive. It’s fixed in definition 1451
+63Hello
It’s best to Submit a Support Ticket and they will let you know what is going on and make sure your system is clean.
Note: When submitting a Support Ticket, Please wait for a response from Support. Putting in another Support Ticket on this problem before Support responses will put your first Support Ticket at the end of the queue and support can take up to 48 hours to reply or a little longer because of COVID-19.
Thanks,
+63See here about OSX.EvilQuest: https://community.webroot.com/webroot-secureanywhere-for-macs-18/osx-evilquest-344055
+1Ran in to the same issue today. Does anyone have any new information on this?
+63Hello
It’s best to Submit a Support Ticket and they will let you know what is going on and make sure your system is clean.
Note: When submitting a Support Ticket, Please wait for a response from Support. Putting in another Support Ticket on this problem before Support responses will put your first Support Ticket at the end of the queue and support can take up to 48 hours to reply or a little longer because of COVID-19.
Thanks,
Same issue, about an hour ago. Noticed Google Chrome had the green update available icon, then Webroot popped up shortly after, Run malwarebytes Scan doesn’t detect anything, checked the file system for other files related to this virus found nothing. Is this genuine or a false positive?
+63Hello
Thank goodness for this thread, I just experienced this as well. It seemed like an odd filename for a threat. I was pretty worried… still am. But it’s good to know I’m not the only one this has happened to.
+63Hello
+63Is this the version of Chrome you all updated to? Chrome 84.0.4147.89
https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html
+63Most likely a False Positive but I can’t be sure only support can tell and fix it!
Support have confirmed my case is a false positive. It’s fixed in definition 1451
+63Thanks for the Update
I also have had this alert come up. I tried to delete it and run a new scan and it shows up again. I want to report to support, but I don’t have the right password to do so and it won’t email it to me, even though I’ve clicked “forgot password.”
+3Got the exact same alert a few minutes ago. Glad to know it’s a false positive. Any way to get rid of it?
Webroot is aware of the unusual activity and it has been resolved in the latest update. If you have yet to receive an update, you will as soon your computer checks in. Security is at the core of what we do and securing our customers’ data is our top priority. Your device is secure and there's nothing else you need to do at this time.
+25Webroot is aware of the unusual activity and it has been resolved in the latest update. If you have yet to receive an update, you will as soon your computer checks in. Security is at the core of what we do and securing our customers’ data is our top priority. Your device is secure and there's nothing else you need to do at this time.
For anyone who is still having this issue on an older build just uncheck the files and continue the scan
I got this also - 7 alerts labeled MacOS.MacRansom.EvilQuest.1.r in Library/GoogleSoftwareUpdate/.
All were Quarantined; I deleted ASAP, quick rescan found nothing more, I’m still in process of full rescan which is now over 8 hours and still running, nothing found so far.
Do I need to get a Ticket and more checking?
Will I get an update while WSA is still scanning?
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
