To Customer Support To Customer Support
Solved

I'm flummoxed with WSA and a probable false positive

  • 31 March 2013
  • 8 replies
  • 68 views
D
Rank
Having tried several security programs, I installed the trial version of WSA, although I'm not sure exactly which variant. This morning, I tried to enter http://www.cyprus-mail.com/ and got the following message


This surprised me because it is a site I've trusted for years, without problems. I therefore tried a few malware web detectors and they all said there was no malware. Consequently, I tried to click on 'Allow' ad it said to the effect that I had no right to allow it and to consult Admin. I tried to open WSA and it refused to let me, I had to consult Admin (which I am).
 
WSA seems to be a good system with a lot of advantages but, if this kind of obstacle is thrown up, I don't know whether it is what I need for my 3 computers. If I do decide to purchase it, I'm not sure how to go about this in view of the fact that I haven't a clue as to which version I currently have on this machine.
icon

Best answer by Rakanisheu Retired 1 April 2013, 18:54

View original

8 replies

shorTcircuiT
Rank
Userlevel 7
Hello devil, and welcome to the Community!
 
Regarding the Admin warning: I have not seen that behavior previously, except in cases where the computer has multiple user profiles.  The times I have seen it the warning/permission has meant that the user must be logged into the computer to a profile that has Admin privileges, not a "normal user".  Do you have multiple user profiles set up on the computer, and if so, was the one you were using set to Admin rights in Windows Users?
 
All security programs get false positives from time to time, at least all of the ones I am familiar with.  Please report your false positive by Submitting a Trouble Ticket. This will get it in the hands of those who can adjust the URL Blocking.  I am not sure, but I believe being Easter Sunday it is likely that it will be Monday before they are able to look at it.
 
I am still a bit new here, so maybe someone with more experience than myself will also put a reply here with some additional suggestions/guidance.
 
 
D
Rank
Thanks, David. No, I have only one profile on this computer and this obviously has admin rights.

Anyway. the p problem now seems to have gone away, without my doing anything; maybe it has been clouded over (pun intended!)
shorTcircuiT
Rank
Userlevel 7
@ wrote:
Thanks, David. No, I have only one profile on this computer and this obviously has admin rights.

Anyway. the p problem now seems to have gone away, without my doing anything; maybe it has been clouded over (pun intended!)
Well, that leaves me a bit flummoxed as it fixed itself.. but I am glad it is working now.  Do let us know if you have further problems, or submit that Trouble Ticket.
Rakanisheu Retired
Userlevel 7
Hello,
 
I can see the block in our database for this site that site (Cyprus-mail.com), the site itself site is being flagged by Google as saying it contains malware. However I have checked the site and it looks OK with no unusual behaviour. I have removed the block from our database and you should not get that alert any more.
 
If you get any more alerts or have any issues just reply to this forum post or submit a ticket.
 
Thanks!
M
Rank
Hi Folks
I had this problem some time ago. I checked with Cyprus Mail and they assured their readers that they knew of the problem but the site was safe.
HTH
John
 
D
Rank
John
 
The last person I would trust, saying that a site was safe, would be the author! I understand that the problem with this site was a Google warning. My experience with Google warnings is that they regularly monitor sites for malware and, if they find some, they will block the site if you try to enter it from a Google search, with a warning for other means of entry. This will remain in place until a) the owner removes the malware and b) he explains to Google the means employed to do so. Google rechecks the site and, if it is clean, they remove all blocks and warnings. If a warning remains, triggering a WSA block, it may mean that the clean-up was incomplete or the author did not take an action to inform Google that the site was well cleaned up. In this case, it may be that the latter was what happened. Whatever, the Cyprus Mail seems to be at fault, even if the site is safe.
Rakanisheu Retired
Userlevel 7
BTW we dont rely on Google for a our website determinations.Although we will take other AV companies information about websites into consideration we have our own system. We have a huge database of checked websites and we scan a very large number of websites a month (roughly 50 million) to help protect our customers.
Trooper
Rank
Userlevel 2
Glad to hear that you guys do not rely on Google for website determinations! 😃

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.