Solved

Malware

  • 2 September 2012
  • 32 replies
  • 186 views

Hi I noticed a lot of pop up type ads on facebook so ran full scans but nothing was detected so I ran Malware Bytes which found 27 threats which I removed and which got rid of the the ads on FB just wondering if my Webroot should have picked them up?
icon

Best answer by RetiredTripleHelix 2 September 2012, 02:18

View original

32 replies

Userlevel 7
Hi tempnexus
 
It was and I suspect that the OP is using the generic term 'malware' to refer specifically to the 'opp up type ads' that he was having an issue with.  He is therefore confused.
 
Regards
 
 
Baldrick
if the question is directed at me then my point is clarification of what the OP means by malware.

The OP praises webroot for being the greatest tool out there and then the OP states that it sucks at detecting malware.

I don't know what he means by malware.
Userlevel 7
Sorry, but you have completely lost me...your point is...what exactly?
It's not because there's a problem with your Webroot program, it's just that the Webroot product stinks at catching malware.


What do you mean by malware? virus/trojan/malicious script are all forms of malware.

if you are saying that: "Webroot antivirus is greatest product ever but it stinks at catching viruses" then I wonder what is the point behind an antivirus?
Userlevel 2
Hi there Balders..  Thanks for the back-up info/support, which all points in the direction of: Go ~ Go ~ Go...

It's great when everything falls into place as though it was intended from day one on the planet...  Pity Adam and Eve didn't have it so good...

Cheers...
 
RD
Userlevel 7
Hi RD
 
Can confirm this to be completely true im my experience, as I run WSA & KIS, and usually KIS chirps in when something is detected, and if not then WSA picks it up as a backstop.
 
It is what makes WSA so unique/so brilliant...it works superbly on its own but lends itself to a layered defence approach if used in tandem with 99.99% of other security apps (I hesitate at saying 100% as even Joe & the Team, great as they are at what they do, would be hard pressed to cover every single security app produced, etc. ;)).
 
Regards
 
 
Balders
Userlevel 2
Hi Superssjdan...
 
Many thanks for that interesting information...  I run Win Defender once a week just as a backup to WSA...  As you say: it all works very smoothly ~ almost imperceptible...
 
Robinski...  😃
Userlevel 7
Badge +13
Hello,
 
That's why WSA is the best.It's designed to step out of the way if you are using it with something else.WSA is designed to let the other program step in first.If something makes it past defender,then WSA would detect it upon execution and remove it.If you have 2 progs at the same time detect and try to remove the same malware remnants,it can have some nasty unintended consequences.You never want to have 2 progs battling it out over a registry key..etc.Such is the genius of WSA's design.Nothing to worry about at all.
Userlevel 2
Hope I’m not out of order asking this question here, but whilst on the subject of Malware and programmes that are suitable for dealing with such, I’d like to ask what members thought of ‘Windows Defender’ as an appropriate means of handling such matters…
 
I use it in conjunction with WSA and occasionally, it does detect the odd bits and pieces that are not caught by the main security programme ~ and removes them forthwith…
It doesn’t concern me whether or not these items really are malware…  If they are detrimental in any way, shape or form, I’m always pleased to be rid of them…
 
If this question is inappropriately placed, please let me know, or simply shuffle it to another location if that is feasible…
 
Many thanks…  Robinski…
Userlevel 7
Badge +56
@ wrote:
Daniel, to be candid, I had hoped to continue to be an active contributor here, but it was not meant to be.  I have decided to contribute as a reviewer on Amazon.com, particularly with regard to vitamin and health supplements, where my reviews focus upon an area where folks tell me they have gained a noticeable improvement in their health as a result of my contributions.
 
Like you, I enjoy helping others, and it’s nice to receive positive feedback from that proffer.
 
Take care!
 
RWM
You to the Astaxanthin is working great at 12 MG!
 
Cheers,
 
Daniel
Userlevel 6
Daniel, to be candid, I had hoped to continue to be an active contributor here, but it was not meant to be.  I have decided to contribute as a reviewer on Amazon.com, particularly with regard to vitamin and health supplements, where my reviews focus upon an area where folks tell me they have gained a noticeable improvement in their health as a result of my contributions.
 
Like you, I enjoy helping others, and it’s nice to receive positive feedback from that proffer.
 
Take care!
 
RWM
Userlevel 7
Badge +56
@ wrote:
Daniel, I rarely get upset ... certainly not about anything as mundane as malware.
 
I hope you are well, my friend!
 
(You really should be a Gold VIP; but, hey, what do I know!)
 
RWM
I'm doing well I hope you are also? I always have a heart of Gold helping users & members is what makes me happy you should understand that by now my friend! ;)
 
Daniel
Userlevel 6
Daniel, I rarely get upset ... certainly not about anything as mundane as malware.
 
I hope you are well, my friend!
 
(You really should be a Gold VIP; but, hey, what do I know!)
 
RWM
Userlevel 7
Badge +56
Richard believe me Roy knows about Malware more than I ever will I would take his guidance about other Anti-Malware solutions as I said before do I need them with WSA installed no do I have them yes SAS, MBAM lifetime Licenses but there are allot that I have drop over time like Trojan Hunter, Trojan Remover and The Cleaner what's the sense having them when WSA will detect much more than them and If I do get an unknown Banking Trojan it will be monitored by WSA and after it's Marked bad it will rollback to the preinfection state meanwhile during that time the Banking Trojan still can't see my online credentials if I'm doing Banking or online purchases because of Identity Shield.
 
Also Richard why are you so upset we can take in PMs from here on if you want to further discuss?
 
Regards,
 
Daniel
Userlevel 6
Off topic?  Take a look at the OP post and those that follow.  This discussion couldn't be more "on topic."  Nice deflection, Rakanisheu.  I don't need to report this.  It's a matter of public record.
 
RWM
Userlevel 7
I wasnt critical of Malwarebytes at all I just said that I had a good idea on what it detected. We have different detection criteria hence I had an idea of what the issue was based on what I see regularly. I have a lot of respect for Malwarebytes and there research team. Nothing that I said in my original post was negative or was critcal of another company.   
 
We have gone off topic now if you have a problem with my posts report them. I wont post any more in this threat as its no longer to do with the original topic. 
Userlevel 6
Re:  "As for cookie detection I am correct."
 
Why don't you discuss this with TH and iron it out.  Personally, I have a lot of respect for TH's opinion.
 
"Informal?"  Hardly.  This is a public, unrestricted forum.  If you want an "informal" discussion, then publish it on a restricted thread.  Also, you're a Webroot employee.  If you publish things that are positive about the company and critical of other companies, you need to be prepared to back it up.
 
Cheerleading has its place to a limited degree, but when it clouds objective reasoning and causes confusion or the dissemination of mis-information, I have a problem with it.
 
RWM
Userlevel 7
My reply was based on my years of working with malware and also the large number of support calls/tickets and not just for Webroot. As I dont have the logs from the original detection I was making a guess based on said past experience. My original post said "I bet the detections are for..." meaning that I was taking a gamble on what the detections were based on what I regularly see. 
 
As for cookie detection I am correct. Cookies are plain text and cannot be malicious, if they have any code in them they arent cookies.If you are really worried about them block all of them/flush there are plenty of addons in FF/Chrome that will do this. I still stand by my original comment, scanning for them is a waste of system resources and time (we are not the only AV company that doesnt scan for Cookies btw)
 
I thought I saw MBAM detecting cookies the last time I ran it on my test VM. If it no longer does then I hold my hand up but I still stand by my original comment about MBAM detections. 
 
I dont have to defend my ability as a threat researcher on here to be perfectly honest. As for my choice of words this forum is a more informal method of interacting with users/resellers and other tech people. Its often my opinion on certain topics and thus it may not always be in agreement with everybody. 
Userlevel 6
Rakanisheu, I am troubled by your post.  You state that “assuming Malwarebytes detections are correct” is “a dangerous assumption.”  You then offer to bet a “large sum of money” that the detections from Malwarebytes are cookies or windows settings, without offering any proof for either claim.  You then claim that “detecting cookies is a waste of time and at worst a scare tactic.”
 
Then, TH, in his post, states that “MBAM does not detect cookies.”  You fail to respond to TH’s statement, so I will assume you concede that your assumption is incorrect and his is correct.
 
Seems to me that a “threat researcher” (someday, someone will have to explain to me what a threat researched does) should be more circumspect with his choice of words than you are.  My advice, get your facts straight and then post them!
 
Sorry, but you get no "kudos" from me!  In my opinion, the three you already got are three too many!
 
I use SAS as a backup and I’m glad I do.  I have seen no definitive proof that WSA is foolproof, certainly nothing of sufficient quality to dissuade me from relying upon SAS as a backup!
 
BTW, correct me if I am wrong, but isn't MBAM a lifetime license that initially cost about $20.00?  If so, what's the big deal?  I'm presently being hounded by WSA to renew my annual subscription for $79.95, and the pounding I'm getting from WSA seems to never stop.
 
RWM
 
Userlevel 7
Badge +35
It appears that the term "malware" is being used in a very broad sense here. The vast majority of cases I see where "malware" is detected that Webroot SecureAnywhere misses has been leftover registry entries and other minor, non-malicious leftovers from infections that were removed by WSA or other security products as others have stated. I've also seen grayware/PUAs being detected. While I would agree that many of those programs are "junkware" that I certainly wouldn't want on my machine, calling them malware is a bit of a stretch. 
 
If you're seeing any truly malicious software that we are missing, please submit a support ticket with logs so that we can make the necessary updates. 
 
-Dan
Userlevel 7
Badge +56
Hi Roy,
 
MBAM does not detect cookies but what it does find is harmless left overs from previous infections Reg Keys, files in a folder that are not dangerous and possible good reg keys which could cause harm. SUPERAnti-Spyware another malware cleaner finds lots of cookies in which are harmless even Hitman Pro which at one time Prevx was part of finds cookies also it's just some users need to be careful when using such tools but if anyone has a WSA subscription it best to contact the support inbox and get help by Webroot Threat Researchers like yourself!

but do I need them no I don't WSA is very secure unlike another user says in this thread.
 
Daniel 😉
Userlevel 7
You are assuming that Malwarebytes detections are correct which is a dangerous assumption. I`d bet a large sum of money that the detections from Malwarebytes are either a)Cookies or b)Windows settings. We dont detect cookies so I would expect a Malwarebytes scan to pick up things that we dont. Detecting cookies is a waste of time and at worst can be scare tactic (not saying thats what MBAM is doing btw). 
Userlevel 7
Thanks TH!  I had forgotten about this thread.  I need to tag it for my own future use, as it really does a good job of explaining!
Userlevel 7
Badge +56
Have a look at this post from Kit and actually it's a great thread: https://community.webroot.com/t5/Tips-and-Tricks/Question-Is-Webroot-SecureAnywhere-a-Full-Anti-Malware-or-just/m-p/23482#M393
 
TH
Userlevel 7
I just know it has not yet missed any malware on my system, and yes I do double check. I am sorry if your experience is less than mine but I would encourage you to submit logs to Webroot as that will help improve the product so that it will better meet your expectations.

🙂

Reply