Webroot v8.0.2.14 arrgghhh!

[quote=Anyway, the "A" thing has caught plenty of things that the "G" thing missed until two weeks later on my system, so I'm not sure that resident database really helps in reality. Only in some peoples' odd little worlds.[/QUOTE]

Hi Tecfox1976,

Well, if you are so overconfident in program "A",see this from Webroot forum :


http://community.webroot.com/t5/Webr...m-p/11532#M393

"...even though i am running secureanywhere, I picked up some malware yesterday. thankfully malwarebytes cleaned it..."

"...Just to let you know, it wasn't dormant/left over malware. The malware took over my computer. Had to force quit and reboot into safe mode and run the other program....[MBAM]"

[PC_Fiddler]

Quote:

Originally Posted by umbrapolaris

Light RAM usage is not necessary means low impact on system, Norton for example uses less RAM than ESET but ESET is lighter than Norton on the system 's responsiveness.

I agree neither CPU % or apparent RAM use use don't tell the whole story & due to the way MS Windows handles memory having 16 GIG of DDR3 isn't necessarily going to cause you to have no slowdowns even while it seems you have heaps of available RAM - Windows is better at memory management than it was but in real life situations it's still far from perfect & the way RAM is used is far from simplistic.

Though in probability a program using 4 meg of memory is 'likely' to have less system impact than a program using 40 meg -

[umbrapolaris]

Quote:

Originally Posted by claudiu

http://community.webroot.com/t5/Webr...m-p/11532#M393

"...even though i am running secureanywhere, I picked up some malware yesterday. thankfully malwarebytes cleaned it..."

"...Just to let you know, it wasn't dormant/left over malware. The malware took over my computer. Had to force quit and reboot into safe mode and run the other program....[MBAM]"

will be better if he gave more details then some MBAM's logs and screenshots.

[fax]

Well, yes... just by chance that specific user got infected... yes... yess... just a coincidence

[umbrapolaris]

Quote:

Originally Posted by fax

Well, yes... just by chance that specific user got infected... yes... yess... just a coincidence

you said loudly what i thought silently :p

[PC_Fiddler]

Quote:

Originally Posted by claudiu

"I was updating & cleaning a friends PC today that has another AV on that's free (ends with 'G') & looking in hidden files the size on disc that I counted was just under 400 meg & just idling it was using around 40,000 kb "
__________________
Hi PC Fiddler,

The free AV you are talking about, ending in "G", has a resident signatures database which will protect you the same regardless of your on-line /off-line status, hence the 40000kb

The paid AV you are so happy with, ending in "A", will protect you when you are off-line only based on heuristic and behaviour; unfortunately , the AV ending in "A" refused to be tested on AV Comparatives based on heuristic and behaviour ,see:

http://www.av-comparatives.org/compa...ospective-test

Claudiu

We are free to make our own choices I personally are quite happy with WSA - The example of the PC I was maintaining is fully factual & in I were to look further into it's system files there would likely have been even more disc use & as the PC was doing nothing it's logical to assume under load the RAM use would also have increased.

Lots of people seem to have accepted the fact than AV's are entitled to use just about any amount of RAM & disc space they wish without ever questioning if that is really needed. All the PC's I own are online whenever they are on & when a portable unit isn't online (extremely rare) I'm unlikely to be downloading suspect files in any large amount.

I'm soon going to a far flung part of the world that I have had to have several inoculations that are costly & will need to take precautions about only drinking bottled safe water, being careful eating local food, I need to protect myself against insect carried problems & will need to cover myself up & douse myself with insect repellent & much more as that's needed in that situation - This though will metaphorically speaking increase my personal RAM load & increase my brain CPU cycles & will make life more difficult.

The other 99.9% of my life that I spend in the UK or Europe etc. none of those precautions are needed - Using a signature based solution I feel is like living as if I'm still in the jungle 24/7/365 though in the UK the water is fine, I am unlikely to get malaria, yellow fever, typhoid etc, I can eat just about what I want what I want yet if I continued taking all the jungle precautions on a day to day basis (and using large amounts of personal RAM & suffering though unneeded) when back home my friends would quickly & quite rightly soon think I had become unhinged - Times change & the bottom line is all my devices are online 24/7 so I don't need to have all available inoculations on my PC's (anymore) as it's easier to have them elsewhere if & when needed & I don't need protection against situations that just don't happen anymore - They did 10 years ago but not now.

Years ago I would have had all my mail on my PC's now I'm quite happy to leave that & other files for someone else to look after (who knows where & who cares) knowing I can retrieve it anytime I want using the net just about anywhere I go but for some reason some have a Luddite like approach with AV thinking all AV signatures (inoculations) must be carried on all PC's (people) at all times wherever we are - It don't make sense & it's illogical !

And BTW the words - 'The free AV you are talking about, ending in "G", has a resident signatures database which will protect you the same regardless of your on-line /off-line status, hence the 40000kb' - Isn't quite as straightforward as it seems as when a PC that uses signatures is offline it is unable to download new sigs so is unlikely to protect you against new threats until it has access to the internet assuming when it has it's within it's update schedule which it may not be & that AV also will have to use heuristics to protect you & may not monitor changes to a PC that may have got infected with a new threat? Or it will quarantine (vault) those unknowns & could render a PC unusable until those files are identified as good or bad depending on the size or type of the files you have acquired while offline, if you remain offline for sometime the sig based AV will be in trouble, but that rarely happens, in the last 10 years I really can't remember a single day where I did not have internet access & I've been to some places.

[TonyW]

Quote:

Originally Posted by claudiu

Well, if you are so overconfident in program "A",see this from Webroot forum

Once again, I think people are missing the point about how WSA actually works. But disregarding that for a moment, it is fair to say every anti-malware program misses things at some point. The defining issue is how soon such an unknown piece of malware can be detected by these programs. In WSA's case, it works through the journaling process.

Hi PC_Fiddler,

"....Or it will quarantine (vault) those unknowns & could render a PC unusable until those files are identified as good or bad depending on the size or type of the files you have acquired while offline..."

A cloud Av is not a guarantee of less FP, in fact WSA scored the worst in AV Comparative test /March212 / False Alarms test with 428 FP!!!

MSE which is not a cloud AV had ZERO FP!!!

So ,your theory is totaly flawed.

And a piece of advice: while you travel by air DO NOT OPEN any file previously downloaded ; durring download WSA did not scan it and now, while in the air with no internet connection, WSA may not detect offline a dormant treath in your pc.

Have a nive trip!

Claudiu

[PC_Fiddler]

Claudiu - I have a little rule when on forums that has always served me well: - 'Beware of those who post in upper case' - I will now follow that rule - Therefore:

You are fully entitled to your opinions & I respect those but I can only wonder why you continue to frequent a forum dealing with a AV you obviously have no interest in - As I have said before I feel you are showing signs of troll like behavior - You have stated your feelings & opinions as I have mine, we would seem to disagree & that's fine but we are discussing an Anti-Virus solution here not a life or death situation - I see no reason to continue a conversation with you anymore regarding WSA either now or in the future - I don't remember me stating I will be traveling by air though I may be - But rest assured my trip will be a pleasant one as always & hopefully virus free

[TonyW]

Quote:

Originally Posted by claudiu

A cloud Av is not a guarantee of less FP, in fact WSA scored the worst in AV Comparative test /March212 / False Alarms test with 428 FP!!!

And those were fixed by the time the report was published as were all the other AVs that had FPs. The other thing to comment on is did you have all those 428 packages on your system at the same time of the test? I doubt it. I've said it before and I'll say it again: I don't even know most of the software programs listed in all of the FP reports, let alone have them installed on my machine. The testing labs are not indicative of a real-world situation. This is why many say they've never seen or have seen very few FPs, me included.

[Techfox1976]

Quote:

Originally Posted by claudiu

Hi Tecfox1976,

Well, if you are so overconfident in program "A",see this from Webroot forum :


http://community.webroot.com/t5/Webr...m-p/11532#M393

"...even though i am running secureanywhere, I picked up some malware yesterday. thankfully malwarebytes cleaned it..."

"...Just to let you know, it wasn't dormant/left over malware. The malware took over my computer. Had to force quit and reboot into safe mode and run the other program....[MBAM]"

Even though I was running AVG, the system picked up some malware. Thankfully WSA cleaned it.

Wait... Got more of those from Webroot's community? Must be lots of them according to your opinion! AVG has these from this week:
http://forums.avg.com/us-en/avg-foru...show&id=217352
http://forums.avg.com/us-en/avg-foru...show&id=214804
http://forums.avg.com/us-en/avg-foru...show&id=217355
http://forums.avg.com/us-en/avg-foru...show&id=217196
http://forums.avg.com/us-en/avg-foru...show&id=217266
http://forums.avg.com/us-en/avg-foru...show&id=216953
http://forums.avg.com/us-en/avg-foru...show&id=217075
http://forums.avg.com/us-en/avg-foru...show&id=216835
http://forums.avg.com/us-en/avg-foru...show&id=216543
http://forums.avg.com/us-en/avg-foru...show&id=216760

Wait... there aren't 30 a week on the Webroot forums? But there should be, if AVG is that much better, there should be many, many more people getting infected!!

Oh, oh, and AVG has the following advice for people who are infected:
Try following Step 1 and 2 in this virus/malware removal guide: http://www.selectrealsecurity.com/ma...removal-guide/
Then get an AVG Scan Result Export, and an MSInfo output, and a GMER scan result and we'll look at it.

WSA must have you try to run 12 or 13 things when you're infected!! Wait... All they need you to do is let them know and they can fix it for you already most of the time? And when they can't, they'll remote to your system for free to fix it for you? And they'll fix it remotely and for free even if the computer can't even boot because you turned off WSA and got a TDL4 infection that whacked the MBR and installed a new boot partition? But AVG won't even lift a finger to help you other than with volunteers on the forums?

If that's what you call "overconfident", then yes, I'm "overconfident" XD For you to be confident, it sounds like your computer needs to be turned off at all times to avoid infection. I recommend that you power your computer down immediately and avoid turning it on or using any computers for any reason because they might get infected.

[umbrapolaris]

Quote:

Originally Posted by claudiu

A cloud Av is not a guarantee of less FP, in fact WSA scored the worst in AV Comparative test /March212 / False Alarms test with 428 FP!!!

oh ! some people still believe that test labs are independent...

Btw , WSA is not designed to be an On-Demand scanner for Malware packs.

on my own 0-day malware tests (i believe only on mine) WSA has not the best detection rate (compared to ESET or EAM) but when i try to execute them it catch most of them.

Nothing is perfect but WSA does far better than average.

[Triple Helix]

Quote:

Originally Posted by Techfox1976

Even though I was running AVG, the system picked up some malware. Thankfully WSA cleaned it.

WSA must have you try to run 12 or 13 things when you're infected!! Wait... All they need you to do is let them know and they can fix it for you already most of the time? And when they can't, they'll remote to your system for free to fix it for you? And they'll fix it remotely and for free even if the computer can't even boot because you turned off WSA and got a TDL4 infection that whacked the MBR and installed a new boot partition? But AVG won't even lift a finger to help you other than with volunteers on the forums?

Partial Quote above:

I fully agree and how many users here complain about being infected? And if someone did I would direct them to Contact Webroot Support inbox to get Professional help for free and as you said they would even connect remotely and clean it themselves as it's part of Webroot's Guarantee when you have a subscription to WSA!

TH

[AMIGA500]

Webroot pretty much failed in this test.it was killed by a fake AV.

~Link removed. See this --> About YouTester video test publications~

Any ideas why it failed at all please.?

[fax]

Old video from the "(in)famous" Languy youtube tester. Already discussed here many times... not again pleeeease.

[Triple Helix]

I agree with fax and it's been discussed to death not just in this forum but all of Wilders Please see here: http://www.wilderssecurity.com/showthread.php?t=180128

Thanks,

TH