Hi again guys i ser this test on this forum and dont remember the threat or post the link was http://www.amtso.org/feature-settings-check.html
i ser too many members pasa the dice test i dont pasa the second and the piahing test second and dice one respective i think my machine was infected i ser webroot catch somethings and bypass others now i am runing a complete scan and found some threats i configure webroot agresive hheuristic now i close all programa during the scan but i want to be sure i dont hace remanent infections i dont know how to attach images here and dont know how to create reporta please help and thanks and congrats for the members please tell me what i hace to do to be sure my computer is clean show you reporta and attach images
god blessyou
Userlevel 7
Hey there :)
If after having run a scan with WSA, and you think there is a chance that an infection remains on the computer, the best way to make sure that everything is clean may be to submit a Trouble Ticket. There are a couple of reasons for this.
If after having run a scan with WSA, and you think there is a chance that an infection remains on the computer, the best way to make sure that everything is clean may be to submit a Trouble Ticket. There are a couple of reasons for this.
- While on the Community we try our best to help others with the use of WSA, that does not extend to virus testing
- Webroot provides the support services at no cost, including removing any infections on the computer. By having Support take a look at it, if there are infections or remnants remaining, that will provide them more information on that specific infections allowing them to improve the detection and removal capabilities for everyone :)
Userlevel 2
Hi i submit a ticket but still open this threat if someone knows more qbout this test i will try to contact the guy in forum who submit a test
Userlevel 7
Userlevel 7
Perhaps the best way to explain it is that the EICAR tests were designed to trigger AV solutions, but without actually being dangerous. That is why it can be missed by WSA: WSA's detection is by behavior. When it detects a file attempting to do something it should not be, it blocks it and shows you a threat has been detected.
Since the EICAR files do not actually do anything, there is nothing to block.
Since the EICAR files do not actually do anything, there is nothing to block.
Userlevel 2
Yes i understand webroot reacts whwn infectoon sttemps but test fail in pishing test too and now ser a threat on reciclebyn . Old folder from a previous reciclebin
Userlevel 2
Oh fails too in pup test
Userlevel 7
The old file from a previous recycle bin could be a couple of different things.
When a new virus is released, it will not be detected by the 'MD5' of the file, it will be caught by the behavior.
Once a virus has been identified, however, that MD5 is then known to the Webroot cloud. This could be something that never did do anything malicious on your system, so was missed by behavior, but is not a known threat and is being caught by the Cloud due to the known MD5.
Also... it could be a new False Positive which does sometimes happen. In the event it is a FT, Support will likely correct that in the Cloud.
When a new virus is released, it will not be detected by the 'MD5' of the file, it will be caught by the behavior.
Once a virus has been identified, however, that MD5 is then known to the Webroot cloud. This could be something that never did do anything malicious on your system, so was missed by behavior, but is not a known threat and is being caught by the Cloud due to the known MD5.
Also... it could be a new False Positive which does sometimes happen. In the event it is a FT, Support will likely correct that in the Cloud.
Userlevel 7
Userlevel 2
The reciclebin threat was in Old reciclebyn who stay in my machine on d drive affter formar pc how can i show you my scan reporta? Now i perform a second complete scan in all drives on normal mode
Userlevel 2
Sorry if i dtop anserring going to sleep on 30 minutes
Userlevel 2
Thats the Great of amdtso test https://community.webroot.com/t5/Tips-and-Tricks/How-Well-is-Your-System-Protected-Five-Simple-Test-from-AMTSO/m-p/48854 forr more references
Userlevel 2
Going to sleep but iwill read tour anserrs in 4 hours the second scan still to finish and do t fin notjing
Userlevel 7
+56
To me all tests pass except Phishing test and again these are only tests and I find tests like these are useless but if you come across a real Phishing Website it will be blocked!
Daniel ;)
Daniel ;)
Userlevel 7
+35
I have run the tests on this site several timesbefore, and just ran them again and we detect all of the test files as you can clearly see in these excerpts from my log file:
Fri 2014-04-11 10:08:02.0343File blocked in realtime: c:documents and settingsadministratormy documentsdownloadseicar.com [MD5: 44D88612FEA8A8F36DE82E1278ABB02F, Size: 68 bytes] [524800/00000003] [W32.Malware.Gen]
Fri 2014-04-11 10:08:39.0499File blocked in realtime: c:documents and settingsadministratormy documentsdownloadseicar.com [MD5: 44D88612FEA8A8F36DE82E1278ABB02F, Size: 68 bytes] [2753056/00000003] [(null)]
Fri 2014-04-11 10:09:38.0108File blocked in realtime: c:documents and settingsadministratormy documentsdownloadspotentiallyunwanted.exe [MD5: 0BB291750D42B911EA63FB71D180927C, Size: 33280 bytes] [524288/00000003] [W32.Trojan.Gen]
Fri 2014-04-11 10:10:08.0265File blocked in realtime: c:documents and settingsadministratormy documentsdownloadscloudcar.exe [MD5: 3FB121FBBCCB27969668CC36D0A8F15B, Size: 7178 bytes] [524288/00000003] [W32.Malware.Heur.Dkvt]
Also, if you check the Phishing test page http://www.amtso.org/feature-settings-check-phishing-page.html on our BrightCloud URL lookup page here: http://www.brightcloud.com/tools/url-ip-lookup.php you will see that it is being detected as a phishing page.
-Dan
Fri 2014-04-11 10:08:02.0343File blocked in realtime: c:documents and settingsadministratormy documentsdownloadseicar.com [MD5: 44D88612FEA8A8F36DE82E1278ABB02F, Size: 68 bytes] [524800/00000003] [W32.Malware.Gen]
Fri 2014-04-11 10:08:39.0499File blocked in realtime: c:documents and settingsadministratormy documentsdownloadseicar.com [MD5: 44D88612FEA8A8F36DE82E1278ABB02F, Size: 68 bytes] [2753056/00000003] [(null)]
Fri 2014-04-11 10:09:38.0108File blocked in realtime: c:documents and settingsadministratormy documentsdownloadspotentiallyunwanted.exe [MD5: 0BB291750D42B911EA63FB71D180927C, Size: 33280 bytes] [524288/00000003] [W32.Trojan.Gen]
Fri 2014-04-11 10:10:08.0265File blocked in realtime: c:documents and settingsadministratormy documentsdownloadscloudcar.exe [MD5: 3FB121FBBCCB27969668CC36D0A8F15B, Size: 7178 bytes] [524288/00000003] [W32.Malware.Heur.Dkvt]
Also, if you check the Phishing test page http://www.amtso.org/feature-settings-check-phishing-page.html on our BrightCloud URL lookup page here: http://www.brightcloud.com/tools/url-ip-lookup.php you will see that it is being detected as a phishing page.
-Dan
Userlevel 7
+56
Hi @ see here it's not being blocked even though BrightCloud says it's bad. https://community.webroot.com/t5/Tips-and-Tricks/How-Well-is-Your-System-Protected-Five-Simple-Test-from-AMTSO/m-p/99098#M752 & https://community.webroot.com/t5/Tips-and-Tricks/How-Well-is-Your-System-Protected-Five-Simple-Test-from-AMTSO/m-p/99306#M758
Thanks,
Daniel 😉
Thanks,
Daniel 😉
Userlevel 2
Hello and thanks to stay pendient of my worries and concerns i appreciate tour efforts and follow my steps i think webroot delete all remanente of test but am worried about the d drive infection inside the Old rexiclebyn on d drive because i formar c for pro lema whith win 8.1 update1 and dont know where appear that incection and what is it and if webroot leave través i perdorm two full scan in all drives the cirst one found infection the second dont find nothing the support team employers only perform Quick scan dont ser reporta and says ecerything ok and in their words say dont spend more time whith me u u
Userlevel 2
Ok no new reciclebyn maybe it was a trace if virus on d and webroot removes good thanks
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.