Solved

How can I look at the threats?

  • 10 October 2013
  • 13 replies
  • 601 views

So now that webroot has updated the interface, I cannot see a list of the threats it has found.  On the main screen, it says it has removed one threat, but I cannot click on that.  Going through all the screens, I only found a way to save the threat log to a file.   This was buried deep in a menu, under Utilities -> Reports -> Save Threat Log.   Is there an easier way to do it?  What happened to the ability to mark a threat as being safe?  Now it is just written to a file without the ability to decide what happens to it (Quarantine, Delete, etc)
 
Strange changes.
icon

Best answer by Muddy7 10 October 2013, 11:55

View original

13 replies

Userlevel 7
Hello hnaparst and welcome to the Webroot Community!
 
The list of found infections is stored in the Web console, so please go to My Account in WSA GUI and log in to your account using "Access Web Console".
If this convoluted, unintuitive, and unnecessarily difficult procedure is indeed the one intended by Webroot, I would view this as evidence of probable greater misdesign of the product itself.
Userlevel 7
The location for the allow/block is pretty much in the same location as it was in the previous build. Click on the little "cog" icon on the front page beside PC Security. In there you can restore from Quarantine in the Quarantine tab or you can change the local detection in "Block/Allow" tab.
 
I dont see how this is unintuitive or convoluted? You dont want such options sitting directly in the front page of the UI as these changes are for the more advanced user and changing them when you dont know what your doing can allow malicious software to run. I cant think of any other AV where these options arent shown in a similar method.
most packages allow you to look at the list of threats in the console and choose what you want to happen with them.
 
In the solution discussed in this thread, there is no option to bypass quarantine, for insance.  That is also a problem.

Expecting people to know that they have to log into a website that requires yet another login is convoluted. I view it as a major problem if people don't understand this is convoluted.
Userlevel 7
There are at least four ways to look at detected threats
 
1) On the online console
2) After running a scan on the results page there is a button to save a scan log
3) In the Quarantine tab
4) Right clicking on the system tray icon and selecting "save a scan log"
 
If a threat is detected during a scan you can untick the removal option and the file wont be removed (a setting which you can reverse in the Set/Allow tab).The online console for the consumer version is to show the user information about each PC that is on certain keycode its not designed as a command console however. The enterprise console has a vast number of different options as you can use it to manage hundreds/thousands of PC`s.
 
We give you a number of options I use the 4th one myself most of the time. You can also call us or submit a ticket if you want even more information.
 
I still dont see the issue here we give the user plenty of choice about threats.I am still confused about the initial issue, is it a layout problem? lack of function?
 
I cannot find a Quarantine Tab.

I cannot find the Online Console.

Saving a scan log does not give you the ability to decide what to do with the threat, or information about what the threat is or where it came from.

Do you think that users should have to submit a ticket to understand the results of routine scans? That seems suboptimal.

The issue is this: On the main screen, it says: Threats Removed: 1

It is human nature to want to know immediately what the threat was, where it came from, what has been done about it, and perhaps take a different action. The most intuitive interface would allow a user to click on the number "1", representing the number of threats. Then a list of threats would come up, giving more info about each threat. Perhaps even a link to a page describing the threat, how dangerous it is, and so on.

It is a layout and lack of functionality in Webroot that is the problem.
Userlevel 7
There is a "Learn More" button the very front page of the UI that will explain all the features of the program including how to find the various options. I stated that customers can submit a ticket if they want more information its a purely optional to do this I never stated that you have to do it.
 
Understanding where a threat came from, what it did, what is does requires a decent level of technical understanding and thus it cant be just summed up very easily in the client. All of the advanced features of Webroot are in the settings tab of each of the functions, they arent hidden but they are displayed on the front page either. Tweaking the settings on pretty much any AV can result in incorrect detections or system files being blocked. 
 
We will be adding a feature to the Webroot homepage to submit file names/md5`s at some stage but again I dont think this is exactly what you are talking about.That said however in the Quarantine tab it will tell you the filename/location detected and the malware group (adware/rootkit/trojan/dropper etc). We are always available if a user wants more technical information about a certain threat.
Thanks for your reply. I think I need a different solution.
@hnaparst wrote:
I cannot find a Quarantine Tab.

It is human nature to want to know immediately what the threat was...what has been done about it, and perhaps take a different action.
Did you understand, hnaparst, that by going to the "cog" icon on the front page beside PC Security, then to the Quarantine tab, you can see all removed threats and their dates of removal? Further, you can select any of these threats (tick box to the left of the named threat) and restore them (icon in bottom right hand corner). You can then go to the Block/Allow Files tab (same page) and add this file to the list and ask Webroot to allow it (or monitor it).
 
Simple enough for me, and I very much like this feature which has existed ever since I started using Prevx->WSA (Prevx was acquired and adopted by Webroot in 2010) back in 2006 😃. Btw in those days, I believe it was the only AV that offered this possibility (correct me, someone, if I am wrong).
Userlevel 7
Badge +56
Hello hnaparst and Welcome to the Webroot Community Forums.


 
Here is a page from the 2014 Online Helpfile: http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C5_Quarantine/CH5a_ManagingQuarantine.htm
 
HTH,
 
TH
WRONG...! It used to be that way, now it isn't. Under "Quarantine" I used to be able to see the threats and check the box to remove them after review...Now I can't..You should verify your information before YOU post it..! I've got 36 threats removed after the past 5 scans and I can't see any of them....And I've used webroot for years and "Was" able to see the threats removed before.
Userlevel 7
Badge +56
No I'm not wrong but you can save a threat log also! http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C11_ReportsandViewers/CH11b_SavingThreatLog.htm
 
And you could be a little nicer on your first post!
 
TH
Userlevel 7
If the data has been cleared from the Quarantine, you can also view the last 10 infections found by logging into the Account Console
 
Go to PC Security, select the PC you wish to check, and look under the middle tab..

Reply