Solved

Someone please do something about the False Positives and Web Reputation


Userlevel 4
Since I have switched to Webroot SecureAnywhere and am enjoying the best performance on my laptop. It is getting really tiring to get false positives every day, submit a request, and wait till the files are whitelisted.
 
The support team are fast in responding but the amount of FPs is just too much to bear. I thought that Panda Cloud Antivirus was the king of False positives but Webroot SecureAnywhere blows it out of the water!
 
I had submitted SVP in the past and now it's back as a non-safe website according to the Web Reputation add-on in Firefox
 
Now I just tried accessing https://www.privateinternetaccess.com which is a very well known and good VPN that I've been using for long and got another message.
 
I did submit a request to unblock it but is there a possibility of Webroot's team to fix this horrible False positives issue?
 
I've read many complaints on other forums as well about this issue some people would not tolerate them that they switched to another AV.
 
Now I am not hear to switch to another AV, I want this fixed, and hopefully remove this idea out of my and some people's head that Webroot is the king of FPs but rather make it Webroot is the King of AVs
icon

Best answer by Baldrick 30 March 2014, 16:39

View original

49 replies

Userlevel 7
Hi Seeker
 
As I posted to MaXimus earlier in this thread...this is relatively new functionality covering a relatively complex and large area...and I have faith in Joe & his development team, to get it right in the end.  If you look at what has been said by Webroot in response to this feature request, they are working on it.
 
We just need patience (but I understand that this is easy for me to preach when I have minimum FPs...for some reason...http://www.forumsextreme.com/images2/sEm_blush7.gif).
 
Regards
 
 
Baldrick
Userlevel 4
@The_Seeker. I didn't receive one reply about the 4 sites I submitted since more than 24 hours.

The site rep people are totally opposite to the speed and responsive support. They are not doing their job well in the first place, and not even doing it right when customers report false positives
Userlevel 4
For the person who said that keygens are illegal.

They are, but our discussion here is their detection not what they activate and the legality of that.

What I like about NOD32, is that if it detects a bad keygen that is going to harm my system, it detects THAT. not simply detect every keygen made in the world or activator.

Some activators are legit, take for example, the Microsoft Toolkit or the Windows Loader 2.2.1

they are not made for piracy, but rather, made for people who are sick of dialing Microsoft to activate their genuinely purchased product, then have to spend a minimum of 10 minutes entering a large Installation ID, then spend a long time waiting slowly to hear the Activation code. That is when an activator becomes legit. you own the software legally but want to bypass the stupid activation methods that some software use.
 
An AV is supposed to tell me when a file is going to change critical stuff or harm my system, not to play as the police officer.
Userlevel 7
Badge +52
A loader program is a bios emulator used in an attempt to illegally activate windows. It will be detected by Windows Activation Technologies sooner or later. Your screen will turn black and you will get not genuine notices. Usually it will require purchasing and installing genuine windows and all that it entails.
 Unfortunately thieves sell these hacked versions to unsuspecting buyers cheating them out of their money. simply put, use genuine windows and save yourself a lot of grief. 
Userlevel 4
@Petrovic, my Windows 7 Pro and my Windows 8.1 Pro with Media Center are all genuine, I am against piracy

But to be fair this Windows loader 2.2.1 postedo n My Digital Life Forums cannot be detected by Windows and will not be de-activated no matter how many updates you do

but that's not our main point here, the main point still exists...Webroot has too many FPs
Userlevel 7
Badge +6
What I'm trying to convey is that this is an extremely complex issue. It goes to the very root of computer security and the approaches to achieving that.
 
NOD32 isn't saying the activation crack is safe, it's saying that it doesn't know it's dangerous.
Webroot is saying this program is doing extremely strange things and messing with stuff a random program shouldn't be touching. Because it literally shouldn't. These activation cracks aren't doing innocuous things that aren't of concern. They are code of little reputation subverting the proper operation of another program and the in some cases the operating system.
 
WSA is operating correctly. If you wish to use these cracks and activators then you will need to properly whitelist them or temporarily deactivate Webroot's protections. Keep them in .zip files when they are not in use.
 
Webroot is sometimes aggressive and that can lead to FPs. It's a valid point. But this is not the example you want to use in demonstrating that.
Userlevel 5
Hey all!
I personally cannot agree more with these concerns and even all the frustrations. I too use our products as well as support them and I would very much like to see web filtering notifications in the console with ability to override centrally once either the admin has done their research and feel they can override it or have called Webroot support to confirm an FP.
 
I am proposing we launch an online community campaign for Webfiltering Management for the Webroot Endpoint Protection product to see just how many kudos we can get and how many it takes to implement the feature.
 
Who's with me?
 
 
Userlevel 7
Hi Shawn
 
I am with you on this...http://www.forumsextreme.com/images2/sFun_cheerleader2.gifhttp://www.forumsextreme.com/images2/sFun_cheerleader2.gifhttp://www.forumsextreme.com/images2/sFun_cheerleader2.gifhttp://www.forumsextreme.com/images2/sFun_cheerleader2.gif
 
but just in case you have not seen it there is already a Feature Request in the Ideas Exchange, on this topic or in the same area (by @ ) which we should not forget/overlook.
 
Regards
 
 
Baldrick
Userlevel 7
Badge +6
@ Hi Shawn, I think you posted this in the wrong place. The complaint about WSA-E not having web whitelisting you heard about is in the Business community with 11 kudos.
 
https://community.webroot.com/t5/Feature-Requests/Website-Exception-Management-in-Console/idi-p/80853
Userlevel 7
Well, explanoit...complaints both in Business AND Consumer versions...that has to be a big indicator that change in this area is required all over. ;)
 
Baldrick
Userlevel 7
Badge +56
I'm in @ !
 
Daniel
Userlevel 4
@Shawn:

Thank you for agreeing that this is a major nuisance for a user.

I hope that one day this would be fixed because False positives, be it files OR Wenbfiltering are the only reason that blew me away from Webroot.
I will keep my 3 year license which is for 5 PCs until one day Webroot matures more to enable me to use my system properly without headaches. Until then, I will continue to use my NOD32 license and suffer from a huge performance hit but at least I have no false positives.

It electrifies my body when I receive an FP
Userlevel 7
@ hope that you are keeping well?
 
Have been picking up some continuing complaints, over at Wilders, re. the fact that despite the reporting of FPs and the subsequant raising of URL Reputation Change Requests, that in some case these do not seem to be being processed as it has been over a month but the report sites are still being incorrectly detected by the Threat Shield.
 
Thought that you might want to know in case there is something that can be looked into re. improving the service.
 
Regards
 
 
Baldrick
Userlevel 4
I keep monitoring the forums in hope that this nuisance will ever be reoslved but in vain....
 
sigh...
Userlevel 7
@MaXimus wrote:
I keep monitoring the forums in hope that this nuisance will ever be reoslved but in vain....
 
sigh...
Maximus, 
 
You already know the answer to this.
 
1) It IS being addressed by Webroot
 
2) YOU can be part of the solution, you know how.
 
Thanks.
I am a happy user of WSA but the FP issue with the webshield is getting very annoying.  It is OK saying "you can be part of the solution" but the complaint is that many of us have tried over many months to do this and the situation is not getting any better.  I personally have posted on Wilders,  exchanged private messages with Joe,  submitted several support tickets and spent some time providing multiple examples.  The fact them so many valid commercial sites (e.g. VPN providers) are being blocked (not just warned)  is plain wrong and has not been fixed.   The only valid reason I have had back in that time is that the site list is business focused rather then consumer so many sites that businesses might want blocked from users are included.  How true this is I don not know but it does not help us consumers if it is.
Userlevel 7
Badge +35
@ wrote:
I am a happy user of WSA but the FP issue with the webshield is getting very annoying.  It is OK saying "you can be part of the solution" but the complaint is that many of us have tried over many months to do this and the situation is not getting any better.  I personally have posted on Wilders,  exchanged private messages with Joe,  submitted several support tickets and spent some time providing multiple examples.  The fact them so many valid commercial sites (e.g. VPN providers) are being blocked (not just warned)  is plain wrong and has not been fixed.   The only valid reason I have had back in that time is that the site list is business focused rather then consumer so many sites that businesses might want blocked from users are included.  How true this is I don not know but it does not help us consumers if it is.
MadeMeCry,
You are correct about the business focus when it comes to sites such as VPN providers, which does make sense in a business environment. You could post a suggestion in the Ideas Exchange to treat these specific examples differently for the consumer and business products.
Of course those sites aren't the only issue being brought up in this thread...
 
-Dan
Userlevel 7
Good thought Dan...Nice one!
 
MadeMeCry...go for it and start a Feature Request...I for one will add comments and support it if it is along the lines suggested by Dan.
 
Regards
 
 
Baldrick
Userlevel 4
The main problem with these FPs, is because they are so many, now when I get a virus I don't know if it's an FP or a REAL virus, I cannot trust Webroot 😞
Userlevel 7
Badge +56
I for one know that you are smarter than that so why do you continue to complain we already told you what to do and we will again please fill out one of these forms to get the web page corrected! http://www.brightcloud.com/tools/change-request-url-reputation.php? or http://www.brightcloud.com/tools/change-request-url-categorization.php and if not Submit a Support Ticket and ask them to get it corrected.
 
Daniel 😠
False positives, regardless of how long it takes to resolve them, destroys the confidence I have in Webroot Mobile Security. I have been dealing with the same false positive for at least 1 month. I have a premium account and am considering cancellation. I am currently reviewing Norton mobile security solutions.
Userlevel 7
Hi airdragon1953
 
No FPs whatsoever here and I suspect for the vast majority of user.  I would strongly recommend following Daniel's advice (2 post back) as it is the right approach.
 
Regards
 
 
Baldrick
Userlevel 7
Badge +35
@ 
We would need more information about the False Positive you've been seeing in Webroot SecureAnywhere Mobile. We aren't seeing any support tickets under the email address you are using on the community, did you submit a ticket under a different email address? Please Submit a Support Ticket with the threat name and application name/package name so we can investigate further. You may also try uninstalling and reinstalling the Webroot SecureAnywhere app, which can help clear False Positives that have already been fixed.
 
-Dan
Userlevel 7
Hi Dan
 
Thanks for chipping in and confirming what some of us have been advising be done, for a while now.  Unfortunately it seems that some are not ready to follow the good advice given by the likes of TripleHelix & DavidP1970...which is a shame.
 
Regards
 
 
Baldrick

Reply