Webroot SecureAnywhere Discussion & Update Thread

Discussion in 'other anti-virus software' started by Triple Helix, Jun 6, 2014.

  1. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    The Webroot Intelligence Network includes:

    • 13 Billion URLs
    • 4 Billion File Behavior Records
    • 460 Million Domains
    • 740 Million IP Addresses
    • 7 Million Mobile Apps
    • 8 Million Connected Sensors
     
  2. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    From Firefox 1 Web Filtering Extension which does both jobs called Web Shield and the Password Manager!

    TH

    2014-06-17_12-44-57.png
     
  3. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
  4. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Yes. But that does not explain what the Web Shield does. The browser extension does what the Web Shield is supposed to do. With the information you posted a screenshot of, you might as well uninstall browser extension and still get checkmarks in front of search results and get a phishing filter. But we all know we don't. Webroot should remove Web Shield from the interface, because it's now known as Webroot Filtering Extension.
     
  5. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Web Shield may be disabled in any case because it does not do anything. As long as you keep Web Filtering Extension you'll be protected. Web Shield should be removed from interface IMO because it doesn't do anything.
     
  6. boesdad

    boesdad Registered Member

    Joined:
    Aug 24, 2007
    Posts:
    80
    --------------------------------------------------------------------------------------

    My filtering ext shows as 1.0.0.32 and password mgr as 2.5.0 o_Oo_Oo_Oo_Oo_O??
     
  7. 800ster

    800ster Registered Member

    Joined:
    Dec 1, 2006
    Posts:
    210
    shadek, hope you can get to the bottom of this as it is still unclear to me despite all these posts!

    I like WSA but it is confusing at times. Many parts of the help are just not clear for non-experts like me and I still can't fathom why copy/paste is so unpredictable for me even when the apps are trusted (I did try a support ticket on this but ended up more confused!).

    E.G. with the help, the example below for a shield setting. What does disabling it do? Does it mean that it now needs manual confirmation or that the actual ability to "block untrusted access to user data" is disabled?

    Silently and automatically block untrusted access to user data - Automatically prevents unknown programs from accessing user data.
     
  8. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    I have access to other builds that are not out to the Beta or Consumer but will be soon. Also look here to see what version it says for you!

    TH

    2014-06-17_15-02-23.png
     
  9. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    I understand your confusion. The documentation of WSA is not very clear on many parts. Especially about the Web Shield. Then there are questions like you wonder; what is protected and what really is user data? My documents? My pictures? My back-up folder c:\backup\ ? We can't know because there's no documentation of it.

    I am beginning to understand the Web Shield and I will post back here once my theory of it has been confirmed. :)
     
  10. boesdad

    boesdad Registered Member

    Joined:
    Aug 24, 2007
    Posts:
    80
    -------------------------------------------------------------------------------

    Thanks for the response. I checked and it shows 1.0.0.32
     
  11. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada

    Can you please do a clean reinstall of WSA? Please follow the following steps:
    • Make sure you have a copy of your Keycode
    • Download a Copy Here (Best Buy Subscription users click HERE)
    • Uninstall WSA and Reboot
    • Install with the new installer, enter your keycode and don't import any settings as you can set it up as you like once it's done
    • Let it finish it's install scan
    • Reboot once again
    The reason is to see if you can get 1.1.0.35 Web Filter and are you sure yours is 1.0.0.32 or 1.1.0.32?

    Thanks,

    TH
     
  12. boesdad

    boesdad Registered Member

    Joined:
    Aug 24, 2007
    Posts:
    80
    ---------------------------------------------------------------------------------------

    Did as you suggested, but no change. Listed below are the file versions I checked.

    Program Files
    Webroot
    PKG
    Vistax64 wrflt.dll 1.0.0.32
    Vistax86 wrftl.dll 1.0.0.32

    Program Data
    WRDATA
    PKG wrUrl.dll 1.0.0.32
    Vistax64 wrflt.dll 1.0.0.32
    wUrlFlt.sys 1.0.0.32
    Vistax86 wrflt.dll 1.0.0.32
    wUrlFlt.sys 1.0.0.32
     
  13. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Very odd I will have to do some checking!

    Thanks,

    Daniel
     
  14. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Mine is version 1.0.0.32 as well. I think that is the newest stable version?
     
  15. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    Disabling the Web Shield disables the phishing protection that is the URL blocking feature but keeps the URL checkmarks in a search enabled. Disabling the extension disables both the phishing and the checkmark features.

    I think it's useful for people who may want to disable the phishing protection for a moment but wouldn't worry about the checkmarks. In that case disabling the Web Shield would be more convenient than disabling the extension which would require the browser to restart. It offers more granular control.
     
  16. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    You're right.:thumb:
     
  17. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Agreed! Indeed it's useful. The problems are at the moment:

    1) That Webroots user interface will turn Yellow when Web Shield is off. Those who want to permanently disable URL-blocking will have to stand the annoying yellow color.
    2) There is no documentation of this in the Web Shield area of the support page. It needs to be more describing of what the Web Shield actually does.
    3) Here's the biggest problem... and the reason I started the discussion from the beginning. Turning off Web Shield in user interface of WSA does not do anything. According to Shawn at Webroot, who confirmed my suspicion, disabling the Web Shield currently DOES NOT disable URL-blocking. In fact, the Web Shield only makes the GUI switch colors, nothing else. He's escalated this to the devs so they can have a look. Webroot will sort this out for us. :)
     
  18. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    The interface turns brown. And of course the user have to stand the annoying color and the warning. The Shield is a part of the protection the product provides and Webroot would want you to enjoy the product to the full extent.

    Every other AV warns and changes color too if you disable a shield. For example try disabling a shield in Trend Micro products. It's just not meant for a user to permanently disable a major protection feature.

    To do that you have to custom install the AV leaving out the shield. Like Avast! offers. WSA does not. And we gotta live with that.

    It says here, 'Web shield. Blocks known threats encountered on the Internet and displays a warning. The Web shield maintains information on more than 200 million URLs and IP addresses to comprise the most accurate and comprehensive data available for classifying content and detecting malicious sites.'

    I think it has been described pretty well.

    Turning off the Web Shield in the WSA interface disables the phishing protection that is the URL blocking feature. I have tested it a minute ago. Unless of course if you disable the extension beforehand.
     
    Last edited: Jun 18, 2014
  19. Emetic

    Emetic Registered Member

    Joined:
    Oct 4, 2011
    Posts:
    73
    Just got WSA-AV up and running and initially set up, in practically no time at all.

    I used PrevX for a while and always liked it, not least its speed and compatibility. Didn't have a license for it though. I tried some kind of update from PrevX but it was really annoying or something, I can't remember, but I uninstalled it straight away. So I wasn't able to try it out before buying, coz my trial period had run out!

    But I bought it anyway after finding it for a good price, and of course, so many people saying how great it was. I was halfway to buying Emsisoft Anti-Malware, and I may still buy that at some point, but I got sidetracked, and am very glad I did.

    It is using up hardly any resources at all on my win7x64 system. It is super compatible with me running CIS Firewall alongside it, with MBAM on full protection in real time too.

    The interface is really great as well - a lot more improved than the last version I quickly uninstalled - it was too bright iirc. Things are very well laid out and ergonomical.

    I may even do something I've never done with a Security Suite before and install it on one of my Audio Workstations. They aren't connected to the net, and have absolutely NO security on them at all (in the form of AV or AM ). But, the footprint is just so incredibly small, and only the AV module will be needed, really, I might give it a try, seeing as I will have a license left over out of the 3 I purchased. I am assuming as well, that it's ok to put one of those 3 on a family member's computer? If not, I'll just buy another license.

    Anyway, just wanted to say what a great job you've done over all. I don't really get excited over AV, viewing it as just another tool, but you've put together such a great package, it's hard not to be impressed.
     
  20. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Brown, sorry! If you're having serious problems with over sensitive URL-filter (Brightcloud has blocked my bank 6 times in the last year... and it's the biggest bank of Sweden!) you might want to disable the URL-filter. How to do that? Disable the browser extension or disable the Web Shield in user interface. If I disable the browser extension, everything is turned off. The over sensitive URL-filtering is disabled but search results won't be checked anymore. The only good solution in my case would be to turn off the Web Shield as URL-filtering would be disabled but search results would be scanned, but then the whole interface of WSA would go brown and remain that way until i enabled Web Shield. I'm not very fond of that. A solution would be to set WSA to ignore if Web Shield is disabled and remain green if the user wants it to.


    There are two points to this;

    1) Other users except me are confused, so it's not described well.
    2) Secondly, It's not described well because nowhere is it documented that the browser extension is a part of the Web Shield. There is no way a layman user would just know this.


    Here we go again! :) No, the Web Shield does not work. Try this in Win 8.1 x64... found a suspicious site yesterday when I was testing it.

    1) Start Internet Explorer 11 with Web Shield disabled in User Interface of WSA. Make sure Webroot Filtering Extension is installed and active in IE 11.

    2) Browse to:


    You will see that the URL-filter is still active and blocks the site. With the Web Shield disabled this should not happen. This issue was confirmed last night by a Webroot official. He noticed that disabling the Web Shield didn't really do anything except changing colors of the user interface of WSA. Perhaps only some of us are affected because we run a certain OS or browser?
     
  21. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    Congrats. Good move getting WSA. Now just sit back, relax and enjoy the speed, lightness and the super customer support.
     
  22. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    Your proposed solution is the right one. But only if a user wants to disable the shield permanently. How many average users would want to disable a shield permanently? A shield which offers a major protection feature? Very few I reckon. And if the user understands the shield blocks malicious url, he would get worried and would want to keep it enabled.

    Now for fps, you could try to get them whitelisted instead of turning off the protection altogether. It's like if you have a headache, chop off the head! AVs give fps on urls and processes. What would you do if WSA gives a fp on a process? Turn off the Realtime Shield?

    In most situations the average common user may want to disable the shield temporarily. And WSA is correct in warning the user as most users could forget to turn the shield back on.

    So solution is only applicable to you and maybe a few others. This warning practice is common among most AVs and is widely useful to most common users. The only acceptable solution would be custom installation of WSA components.

    1. What's more to be described? It's clearly saying, 'Blocks known threats encountered on the Internet and displays a warning. The Web shield maintains information for classifying content and detecting malicious sites.' It blocks threats and detects malicious sites. If it said blocks malicious URLs to describe it more easily, well I would have no problem.
    2. I agree it would have been better if there was a clear description of the connection between the shield and the extension.

    Well I only use FF.

    No thanks. I use http://www.cyberghostvpn.com/en_us to test. I know it's a fp. I'll get it whitelisted later. ;)

    The site is not blocked anymore. Turning on the shield and refreshing the page blocks the site again.

    Could be. Maybe it's a bug. We need extensive testing with various browsers.
     
  23. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    I have just tested with IE. And you're right. Good find @shadek. The problem is only with IE. With FF the shield works as intended. That is turning it off disables url blocking only. But not with IE.
     
  24. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Thanks for confirming! No wonder why no one could understand what I meant. I'm happy you opened my eyes that it could be related to a browser issue.
     
  25. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,102
    Location:
    on my zx10-r
    i leave the web filter on but disable the toolbar. i also turn off the checkmarks (i personally cant stand when they are there but for most people i agree they are a good idea)

    Mine is version 1.0.0.32 on the non beta system i have here?? ill check the one running beta when i get home.

    so without the web filter there is no web protection at all?? thats imo NOT good, because ie always alerts to the webroot filter as one to slowdown ie and many people i have spoke to turn it off because they see this (clients of mine until i suggest they turn it back on. they see is alert them that its slowing down loading of the browser and they turn it off thinking they are in fact still protected without the filtering extension.) if that is correct thats a major issue imo the program should natively be able to protect from infected pages and downloads without the extension. i was always under the assumption it was mainly for the good / bad webpage checkmarks thing and not the actual web protection.

    hopefully maybe joe or someone can clarify that to be 100% sure unless i missed it in this thread.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.