Webroot SecureAnywhere Discussion & Update Thread

Mac Version 9.0.2.42 (Released July 25th, 2016)

Updated

• Enhance agent identification system for partners.

Fixed

• Bug fixes.

https://www5.nohold.net/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=1939&

 

Version 9.0.2.42 another smooth update on my Big Mac!

 

What does worry me it's failed a few rollback tests on you tube

 

Day 12 https://www.youtube.com/watch?v=sCy1P5VBrBU

 

That's simply because there have always been trivial ways to bypass the journaling function, many of them are still working today.

 

There are some malware types - e.g. screenlock ransomware - that journaling and rollback cannot reverse.

Plus, Webroot has explained that one should allow up to 4 hours with an active network connection for reversal to initiate; sometimes it takes this long - but it is not common.

I have reported what I have found along with samples to Webroot Support about a year ago.

Webroot has never replied - it might be due to the nature of how the malware works, it might be that WSA journaling and rollback doesn't have a removal routine yet in the cloud or the routine is not possible for specific types of malware, the reports could have been mis-placed or forgotten, etc.

Without an explanation from Webroot you cannot assume that it is a complete failure of WSA...

 

Webroot never said Rollback is 100% or everyone would be using it see here: https://www.webroot.com/blog/2015/07/28/encryptor-raas-ransomware-as-a-service/ and Youtube Tests are useless it's not real world testing.

Do the changes at your own risk.

https://community.webroot.com/t5/We...securing-your-environment-against/ta-p/191172

Webroot is always improving there Client you can have a look at the long list: https://www5.nohold.net/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=857&

Good Back Ups is always a must for risky users and in most cases for any users, but for most people using the thing between your ears is the best thing to keep your PC safe.

Daniel

 

SPOT ON, Daniel

Could not have put it better. Even if one has a security solution that IS 100% (which is an impossibility) then sensible precautions such as a image of one's system is a MUST, especially if one engages is risky activity/goes places on the web that are less than salubrious. If not then as Forrest said "Stupid is as Stupid does".

Regards, Baldrick

 

Right on Buddy!

Daniel

 

Notice to Beta testers that a new Beta v9.0.11.70 is now out to you!

 

Thank you Daniel.

 

I have discovered that Webroot is the best av to use for computers which aren't turned on very often. Most av's in this situation churn out definition updates forever, slowing down the system and making it hard to use. Webroot purrs right along and no slowups, even when booting up after a two-week shutdown. It is working out great.

 

Well that's why WSA is the only Full Realtime Cloud Anti-Malware and there are no Definition updates to be concerned about!

From the Webroot Education Youtube Channel: https://youtu.be/GqvVTE8-fA4

Daniel

 

It's so nice to be in the cloud. One other thing good about Webroots Full Realtime no Definition updates, No Reboots! Some of the other Security Software sometimes require a reboot to install the definition update, which could be a PITA. No reboots with Webroot and always up to date.

 

True and no Reboots needed for Program Updates as well. In a flash in an eye!

 

2 questions:

First one: Where do you turn off the reports popup? I must have found it in the past since it doesn't popup anymore on our 2 main computers, but since I installed webroot on the HTPC last month, it keeps popping up and I can't find the setting anymore in the (very confusing, even for an IT guy) interface.

Second: I had to install Shark codec pack on the HTPC to resolve a video issue, but webroot keeps flagging the file setting32.exe as W32.Gen.BT. I excluded the file in the interface(after confirming it's a false positive with virustotal), but that seems to last only one week and then it's flagged again as a threat.(I have already excluded it multiple time over the last month) I also reported it to webroot support as a false positive weeks ago but it still gets detected. Is there any way to solve this permanently in the interface?

Thanks!

 

1. You can't and it will stop in a couple days and other users are asking for it to stop see here: https://community.webroot.com/t5/Id...sed-Security-Report-and-other-IPM/idi-p/90140
2. Submit a Support Ticket and ask them to look into your file and ask them why it's being detected! If you have the MD5 Hash check it here or if the file is small upload here: http://snup.webrootcloudav.com/SkyStoreFileUploader/upload.aspx

Thanks,

Daniel

 

1- Thanks, that explain why it's not poping on the other 2 computer where webroot has been installed for over a year On the HTPC it's extra annoying since there is no keyboard/mouse attached to it, so I have to RDP in it to close the popup.
2- Ok. I had already uploaded the file some weeks ago, but I now opened a ticket for it too. I also opened a ticket to "complain" a bit about issue 1 at the same time

 

Webroot SecureAnywhere Antivirus Versus Microsoft Defender Comparative Analysis
June 2016
https://www.mrg-effitas.com/wp-content/uploads/2016/06/Webroot_vs_Microsoft_report.pdf

---------------------
Webroot SecureAnywhere Business Endpoint Protection Versus ESET Endpoint Security Comparative Analysis
June 2016
https://www.mrg-effitas.com/wp-content/uploads/2016/06/Webroot_vs_ESET_report.pdf

 

Interesting and Thanks!

Daniel

 

This comparison shouldn't even be done, WSA has all its features enabled (HIPS, webfilter, privacy protection, etc...) while WD doesn't (it is complemented by smartscreen and UAC which were disabled)...
It is like comparing Superman with Jack Sparrow...

However, WSA performed quite well, which is the interesting part of this test.

 

Granted. But I did find the ESET/Webroot comparison interesting.

 

Hey that was up to the higher ups in Webroot! To me it's nice to see some testing of WSA. Sense when does WSA have a HIPS module? And all the other features are on by a default install so no tweaking needed (Out of the Box) per say!

Daniel

 

Yes and especially after the 24 hour period and MRG made a tiny mistake by 1% under the result of the test!

Webroot
87%
8%
4%
Doesn't add up to 100%

ESET
88%
0%
12%

Please lets not do a comparison or a vs b then we can keep this topic open or get this part removed. It was just a test.

Thanks,

Daniel

 

^ +1