To Customer Support To Customer Support
Solved

Identifying Threat WSA Removed During Installation

  • 11 June 2014
  • 7 replies
  • 47 views
H
Rank
Userlevel 4
Hi

I recently had to refresh Windows 8 and thus lost all my installed programs. I first installed KIS 2014 and had done a Full Scan with KIS at Max High Level which found nothing.

I later installed WSA IS to run with KIS 2014, and during installation WSA ID'd a threat and I chose to have WSA remove it. Idiot that I am I did not write down the name of the infected file or what the infection was. Is there a location in WSA or on my PC that I can access that would have recorded the threat detected and removed during WSA installation ?

WSA recommended after full installation that I change all my passwords because of the threat it had discovered.

Unless the threat was sitting in some non-exe file it is likely new because I did my Windows refresh yesterday afternoon.
 
(Cross-Posted at Wilders - Sorry)
icon

Best answer by Baldrick 11 June 2014, 23:23

View original

7 replies

Baldrick
Rank
Userlevel 7
Hi hawkeye
 
Yes, you should look in Quarantine (click on the gear/cog to the right of the PC Security tab, and then select the Quarantine Tab) if WSA has removed anything it should be detailed therein.
 
You can also check the latest Threat Log (click on Utilities tab, and then on the Reports button revealed, you then click on the Save Threat Log button to display and save a copy of the latest threat log which should detail any threat that WSA has recently identified and removed).
 
Hope that helps?  Please come back if you have any further questions.
 
Regards
 
 
Baldrick
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
H
Rank
Userlevel 4
Thanks Baldrick
 
Got It 🙂
Baldrick
Rank
Userlevel 7
Cool, my pleasure.
 
Hope that has resolved it for you or at least shed some light on the issue. ;)
 
If not then do post back as there should always be a member or two about who can help out.
 
Regards
 
 
Baldrick
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
H
Rank
Userlevel 4
It was a PUP with malicious capabilities: OpenCandy
 
PUP.Optional.OpenCandy it’s technically not a virus, but it does exhibit plenty of malicious traits, such as rootkit capabilities to hook deep into the operating system, browser hijacking, and in general just interfering with the user experience. The industry generally refers to it as a “PUP,” or potentially unwanted program.

The PUP.Optional.OpenCandy infection is used to boost advertising revenue, as in the use of blackhat SEO, to inflate a site’s page ranking in search results.
shorTcircuiT
Rank
Userlevel 7
@ wrote:
It was a PUP with malicious capabilities: OpenCandy
 
PUP.Optional.OpenCandy it’s technically not a virus, but it does exhibit plenty of malicious traits, such as rootkit capabilities to hook deep into the operating system, browser hijacking, and in general just interfering with the user experience. The industry generally refers to it as a “PUP,” or potentially unwanted program.

The PUP.Optional.OpenCandy infection is used to boost advertising revenue, as in the use of blackhat SEO, to inflate a site’s page ranking in search results.
Some PUP's WSA will find, some it won't.  If anytime you encounter one that WSA did not find, do please file a Trouble Ticket.  Webroot Support will help remove it, but will also review it do determine if it SHOULD be detected.
 
Note about PUP's (We usually call them PUA's on the Communmity): While Webroot is listing more and more of them, there are some that will not likely ever be listed.  Many browser toolbars, such as some of the 'search assistants' are not likely to be added.  If it is something that can easily and visibly be opted out of installing (for those that come piggybacked with legit software such as Adobe downloads), and which are easy to remove by simply uninstalling via the Control Panel and/or removing the browser extension, are not likely to be listed.
H
Rank
Userlevel 4
Gotcha :-)
 
Thanks DavidP
 
I understand that there are legal issues involved in blocking PUPs and WSA is to be commended for taking action against some of them.
Baldrick
Rank
Userlevel 7
Hi hawkeye
 
Glad to see that you have got to the bottom of things.
 
Hi David
 
Completely agree, and very good advice re. can be a very devisive subject, i.e., how an app should handle PUPs/PUAs.
 
Regards
 
 
 
Baldrick
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.