Solved

Malware

  • 2 September 2012
  • 32 replies
  • 227 views

Hi I noticed a lot of pop up type ads on facebook so ran full scans but nothing was detected so I ran Malware Bytes which found 27 threats which I removed and which got rid of the the ads on FB just wondering if my Webroot should have picked them up?
icon

Best answer by RetiredTripleHelix 2 September 2012, 02:18

View original

32 replies

Userlevel 7
Badge +56
@ wrote:
Hi I noticed a lot of pop up type ads on facebook so ran full scans but nothing was detected so I ran Malware Bytes which found 27 threats which I removed and which got rid of the the ads on FB just wondering if my Webroot should have picked them up?
It's hard to say as you let Malwalebyte's clean it up so I would suggest you Submit a Support Ticket so that they can have a look at your scan logs to see and make sure it's fully cleaned up! The first step always if your running Webroot SecureAnywhere and you think your infected is to contact them as they will clean your machine FREE of charge and let you know why!
 
HTH,
 
TH
 
Userlevel 7
Hi barafundle,
Sorry to hear that you had 27 threats. I would do what TH suggested about the support ticket to find out why WSA didn't pick them up.Your post hit my eye when you mentioned Facebook. I run WSA and MBAM Pro together on all my computers. My wife is always on Facebook with her computer so I checked the logs for MBAM and seen no hits on malware. I also just did a Full scan with MBAM Pro with negative results. You could have got these threats from Facebook or another website.
Even though I find Webroot complete to be the greatest anti-virus ever, and I mean EVER made, to be honest it has the worst Malware protection. I finally got sick of this problem and downloaded the free MalwareBytes program to run along with my Webroot and things are good.
It's not because there's a problem with your Webroot program, it's just that the Webroot product stinks at catching malware.
Userlevel 7
Badge +56
I'm sorry but I have to disagree with you I'm not sure if you seen this video or not but it does explain what's working in the back ground: https://community.webroot.com/t5/Webroot-Education/What-Happens-if-Webroot-quot-Misses-quot-a-Virus/ta-p/10202#
 
TH
I respect that you disagree with me. But it's a fact. I'm the second person on this thread that has discussed the lack of Webroot stopping Malware.
1. You run Webroot and it says 0 infections.
but
2. You run Malwarbytes and it catches malware that Webby couldn't.
 
Sorry, but that's the truth. Webroot sucks at stopping Malware.
Userlevel 7
Is it possible some of the items that were found by MalwareBytes were things more like cookies used by the ad-dropping services? A lot of solutions show these as malware, when really they aren't, they are more annoyware. The original poster remarked how ad free Facebook was after running it: I get the same result by simply clearing browser cache and cookies.

I see instances very often in which a user swears their computer is infested with 100's and even 1000's of viruses. The solution they are using classifies all tracking cookies as malware, which most are not. They simply tell what recent pages you visited so the ad-bots can send you targeted ads. No personal information about you is contained, only the fact that your computer visited webroot.com for example, and really present no real threat to you.
I'm sorry that your addiction to Webroot is so strong that you feel it can never make a mistake.
 
I personally find it to be the best anti-virus and firewall made.
 
But it sucks at Malware.
 
Malwarebytes shows you the infections and they are not cookies. Infection Webroot didn't pick up.
 
Deal with it.
Userlevel 7
I just know it has not yet missed any malware on my system, and yes I do double check. I am sorry if your experience is less than mine but I would encourage you to submit logs to Webroot as that will help improve the product so that it will better meet your expectations.

🙂
Userlevel 7
Badge +56
Have a look at this post from Kit and actually it's a great thread: https://community.webroot.com/t5/Tips-and-Tricks/Question-Is-Webroot-SecureAnywhere-a-Full-Anti-Malware-or-just/m-p/23482#M393
 
TH
Userlevel 7
Thanks TH!  I had forgotten about this thread.  I need to tag it for my own future use, as it really does a good job of explaining!
Userlevel 7
You are assuming that Malwarebytes detections are correct which is a dangerous assumption. I`d bet a large sum of money that the detections from Malwarebytes are either a)Cookies or b)Windows settings. We dont detect cookies so I would expect a Malwarebytes scan to pick up things that we dont. Detecting cookies is a waste of time and at worst can be scare tactic (not saying thats what MBAM is doing btw). 
Userlevel 7
Badge +56
Hi Roy,
 
MBAM does not detect cookies but what it does find is harmless left overs from previous infections Reg Keys, files in a folder that are not dangerous and possible good reg keys which could cause harm. SUPERAnti-Spyware another malware cleaner finds lots of cookies in which are harmless even Hitman Pro which at one time Prevx was part of finds cookies also it's just some users need to be careful when using such tools but if anyone has a WSA subscription it best to contact the support inbox and get help by Webroot Threat Researchers like yourself!

but do I need them no I don't WSA is very secure unlike another user says in this thread.
 
Daniel 😉
Userlevel 7
Badge +35
It appears that the term "malware" is being used in a very broad sense here. The vast majority of cases I see where "malware" is detected that Webroot SecureAnywhere misses has been leftover registry entries and other minor, non-malicious leftovers from infections that were removed by WSA or other security products as others have stated. I've also seen grayware/PUAs being detected. While I would agree that many of those programs are "junkware" that I certainly wouldn't want on my machine, calling them malware is a bit of a stretch. 
 
If you're seeing any truly malicious software that we are missing, please submit a support ticket with logs so that we can make the necessary updates. 
 
-Dan
Userlevel 6
Rakanisheu, I am troubled by your post.  You state that “assuming Malwarebytes detections are correct” is “a dangerous assumption.”  You then offer to bet a “large sum of money” that the detections from Malwarebytes are cookies or windows settings, without offering any proof for either claim.  You then claim that “detecting cookies is a waste of time and at worst a scare tactic.”
 
Then, TH, in his post, states that “MBAM does not detect cookies.”  You fail to respond to TH’s statement, so I will assume you concede that your assumption is incorrect and his is correct.
 
Seems to me that a “threat researcher” (someday, someone will have to explain to me what a threat researched does) should be more circumspect with his choice of words than you are.  My advice, get your facts straight and then post them!
 
Sorry, but you get no "kudos" from me!  In my opinion, the three you already got are three too many!
 
I use SAS as a backup and I’m glad I do.  I have seen no definitive proof that WSA is foolproof, certainly nothing of sufficient quality to dissuade me from relying upon SAS as a backup!
 
BTW, correct me if I am wrong, but isn't MBAM a lifetime license that initially cost about $20.00?  If so, what's the big deal?  I'm presently being hounded by WSA to renew my annual subscription for $79.95, and the pounding I'm getting from WSA seems to never stop.
 
RWM
 
Userlevel 7
My reply was based on my years of working with malware and also the large number of support calls/tickets and not just for Webroot. As I dont have the logs from the original detection I was making a guess based on said past experience. My original post said "I bet the detections are for..." meaning that I was taking a gamble on what the detections were based on what I regularly see. 
 
As for cookie detection I am correct. Cookies are plain text and cannot be malicious, if they have any code in them they arent cookies.If you are really worried about them block all of them/flush there are plenty of addons in FF/Chrome that will do this. I still stand by my original comment, scanning for them is a waste of system resources and time (we are not the only AV company that doesnt scan for Cookies btw)
 
I thought I saw MBAM detecting cookies the last time I ran it on my test VM. If it no longer does then I hold my hand up but I still stand by my original comment about MBAM detections. 
 
I dont have to defend my ability as a threat researcher on here to be perfectly honest. As for my choice of words this forum is a more informal method of interacting with users/resellers and other tech people. Its often my opinion on certain topics and thus it may not always be in agreement with everybody. 
Userlevel 6
Re:  "As for cookie detection I am correct."
 
Why don't you discuss this with TH and iron it out.  Personally, I have a lot of respect for TH's opinion.
 
"Informal?"  Hardly.  This is a public, unrestricted forum.  If you want an "informal" discussion, then publish it on a restricted thread.  Also, you're a Webroot employee.  If you publish things that are positive about the company and critical of other companies, you need to be prepared to back it up.
 
Cheerleading has its place to a limited degree, but when it clouds objective reasoning and causes confusion or the dissemination of mis-information, I have a problem with it.
 
RWM
Userlevel 7
I wasnt critical of Malwarebytes at all I just said that I had a good idea on what it detected. We have different detection criteria hence I had an idea of what the issue was based on what I see regularly. I have a lot of respect for Malwarebytes and there research team. Nothing that I said in my original post was negative or was critcal of another company.   
 
We have gone off topic now if you have a problem with my posts report them. I wont post any more in this threat as its no longer to do with the original topic. 
Userlevel 6
Off topic?  Take a look at the OP post and those that follow.  This discussion couldn't be more "on topic."  Nice deflection, Rakanisheu.  I don't need to report this.  It's a matter of public record.
 
RWM
Userlevel 7
Badge +56
Richard believe me Roy knows about Malware more than I ever will I would take his guidance about other Anti-Malware solutions as I said before do I need them with WSA installed no do I have them yes SAS, MBAM lifetime Licenses but there are allot that I have drop over time like Trojan Hunter, Trojan Remover and The Cleaner what's the sense having them when WSA will detect much more than them and If I do get an unknown Banking Trojan it will be monitored by WSA and after it's Marked bad it will rollback to the preinfection state meanwhile during that time the Banking Trojan still can't see my online credentials if I'm doing Banking or online purchases because of Identity Shield.
 
Also Richard why are you so upset we can take in PMs from here on if you want to further discuss?
 
Regards,
 
Daniel
Userlevel 6
Daniel, I rarely get upset ... certainly not about anything as mundane as malware.
 
I hope you are well, my friend!
 
(You really should be a Gold VIP; but, hey, what do I know!)
 
RWM
Userlevel 7
Badge +56
@ wrote:
Daniel, I rarely get upset ... certainly not about anything as mundane as malware.
 
I hope you are well, my friend!
 
(You really should be a Gold VIP; but, hey, what do I know!)
 
RWM
I'm doing well I hope you are also? I always have a heart of Gold helping users & members is what makes me happy you should understand that by now my friend! ;)
 
Daniel
Userlevel 6
Daniel, to be candid, I had hoped to continue to be an active contributor here, but it was not meant to be.  I have decided to contribute as a reviewer on Amazon.com, particularly with regard to vitamin and health supplements, where my reviews focus upon an area where folks tell me they have gained a noticeable improvement in their health as a result of my contributions.
 
Like you, I enjoy helping others, and it’s nice to receive positive feedback from that proffer.
 
Take care!
 
RWM
Userlevel 7
Badge +56
@ wrote:
Daniel, to be candid, I had hoped to continue to be an active contributor here, but it was not meant to be.  I have decided to contribute as a reviewer on Amazon.com, particularly with regard to vitamin and health supplements, where my reviews focus upon an area where folks tell me they have gained a noticeable improvement in their health as a result of my contributions.
 
Like you, I enjoy helping others, and it’s nice to receive positive feedback from that proffer.
 
Take care!
 
RWM
You to the Astaxanthin is working great at 12 MG!
 
Cheers,
 
Daniel
Userlevel 2
Hope I’m not out of order asking this question here, but whilst on the subject of Malware and programmes that are suitable for dealing with such, I’d like to ask what members thought of ‘Windows Defender’ as an appropriate means of handling such matters…
 
I use it in conjunction with WSA and occasionally, it does detect the odd bits and pieces that are not caught by the main security programme ~ and removes them forthwith…
It doesn’t concern me whether or not these items really are malware…  If they are detrimental in any way, shape or form, I’m always pleased to be rid of them…
 
If this question is inappropriately placed, please let me know, or simply shuffle it to another location if that is feasible…
 
Many thanks…  Robinski…
Userlevel 7
Badge +13
Hello,
 
That's why WSA is the best.It's designed to step out of the way if you are using it with something else.WSA is designed to let the other program step in first.If something makes it past defender,then WSA would detect it upon execution and remove it.If you have 2 progs at the same time detect and try to remove the same malware remnants,it can have some nasty unintended consequences.You never want to have 2 progs battling it out over a registry key..etc.Such is the genius of WSA's design.Nothing to worry about at all.

Reply