Solved

More information about the type of Threat found?


I was wondering if someone can guide me in the right direction to find more information about a Threat once it has been found.
Does Webroot keep a list of all the threats detects (with a brief description of each and what it does) or do you just have to Google the Filename or Malware Group to find out more information about the threat?
I have been searching the forums but can't find an answer. Thanks.
icon

Best answer by shorTcircuiT 7 July 2014, 05:02

View original

8 replies

Userlevel 7
Hello cuffs, welcome to the Webroot Community!
 
As far as I know, Webroot does not keep a publicly available list of all threats detected.  The reason is very simple: to keep the bad guys guessing.  For this reason, Webroot also no longer notes what new major infections are now detected in the Release Notes of new versions.
 
To locate more information about a specific threat, you probably should file a Trouble Ticket with Webroot Support.
 
For HOME product users, use this link.
 
For BUSINESS product users, use this link.
 
 
Thanks for the welcome and the quick reply.
Didn't want to trouble the support people unless it was really necessary. Just wanted a quick way to decide if the threat was high risk, low risk or maybe a false positive. I appreciate your feedback.
 
Userlevel 6
Hi cuffs,
 
There's a feature request for a Threat Encyclopedia: https://community.webroot.com/t5/Ideas-Exchange/Threat-encyclopedia/idi-p/17872
 
Meanwhile you could upload your threat on Virustotal or search the MD5 hash so that you can see how your malware is named by the other AV vendors. This will make your search much easier as every vendor has its own naming policies and also every malware is different; although two pieces of malware are in the same family they can be totally different.
Hi Regnor,
 
I had a look at the thread and hopefully the Threat Encyclopedia it is still on the drawing board?
 
For now I will just search on the MD5 as you suggested and see what I can find. 
Userlevel 7
Regnor is quite right of course, VirusTotal can be quite valuable in this situation as well.  I should have mentioned it, but also file that Trouble Ticket as well: if it is a False Postive, Support will get the files whitelisted for you.
 
 :)
 
Good catch @ 
Userlevel 6
@ wrote:

I had a look at the thread and hopefully the Threat Encyclopedia it is still on the drawing board?
 
According to the last post the devs are looking at it, so I hope they will implement it sometime.
On the other hand this will mean a massive effort to keep this Encyclopedia uptodate as there're thousands pieces of new malware every day.
 
@ wrote:
Good catch @ 
Thanks, but I have to admit that I had the same question and @ suggested to go to Virustotal ;)
 
Userlevel 7
Badge +56
@ wrote:
@ wrote:

I had a look at the thread and hopefully the Threat Encyclopedia it is still on the drawing board?
 
According to the last post the devs are looking at it, so I hope they will implement it sometime.
On the other hand this will mean a massive effort to keep this Encyclopedia uptodate as there're thousands pieces of new malware every day.
 
@ wrote:
Good catch @ 
Thanks, but I have to admit that I had the same question and @ suggested to go to Virustotal ;)
 
Our own support guys recommend it, so it must be good 🙂
Userlevel 6
@ wrote:
Our own support guys recommend it, so it must be good :)
Virustotal is really great if you need a second opinion or if you have to find a different name for a certain malware 🙂

Reply