Discussion in 'Prevx Releases' started by Triple Helix, Oct 3, 2013.
red moon sent you a pm
Yup support is the best. One of the best plus points of getting WSA.
WSA 220.127.116.11 cannot be unregistered in Win8 Action Center, so can only run it alone and cannot enable Window Defender from Action Center, this can be done at previous versions.
My understanding is that in Windows 8, Windows Defender will disable itself as soon as you install any 3rd party anti-malware product.
Here is a quote from the Windows Experts Community (http://experts.windows.com/w/experts_wiki/163.aspx):
"However, you can install a third-party anti-malware product. A successful install of such a product will disable, or should disable, WD. This is the correct behavior/procedure. The issue of having multiple real-time anti-malware products installed has been discussed many times. Regardless of what you have been told, or what a few will recommend, you cannot have more than one real-time anti-malware product installed. This is discussed in more detail later in this document."
"A few users believe that having more than one real-time anti-malware product installed provides “layered-protection”. This is incorrect. It is overlapping protection. Layered protection is good, overlapping protection is bad.
Since many/most anti-malware products available today provide protection for spyware, viruses, worms, Trojans, etc., their coverage overlaps. As soon as their protection begins to overlap, the risk for a conflict begins to increase. There is no “design” that allows them to coexist. Rather, they compete. It is a common misconception that “if having one real-time anti-malware product is good, then two must be better” when, in reality, it is just “piling on” overlapping applications.
“Layered protection” is having complimentary items/protection, as in this example:
•Hardware router firewall
•UEFI booted 64-bit Windows 8
•Data Execution Prevention (DEP) set to ON for all programs and services
•Real-time anti-malware protection (such as Windows Defender on Windows
•Spam/junk filter (usually provided by your ISP, email provider, or email client)"
Just my 2 cents!
In the case of WSA, with another real-time anti-malware product, that is basically, and in most cases, PANTS (excuse my British expression!).
Have run WSA with a number of AV/AM & IS solutions it has 99.99% of the time played very well and provided a layered approach...exactly what Webroot designed it to do, i.e., either a great product on its own or a superb co-product (see my current signature line).
IMHO the Security Centre is overrated as a mechanism for advising as to whether you are protected or not by 3rd party apps. Far better to trust in the apps on status reporting.
But again, this is just my thoughts on the subject/my experience...and certainly not gospel.
Why would you even need Windows Defender when you got WSA? It's far superior and very strong on its own. Webroot can be used with any other AV very smoothly because PrevX tech is part of it. But that doesn't mean it's always meant to be used with other AVs. It has enough punches in it's bag to smack threats out of the system. So please people, it's time to let WSA work its magic on its own.
@apm - This is true with the 2013 version all you had to do is uncheck the box in WSA to not show in Action Center then that would leave the New Windows Defender in Win 8 & 8.1 on if someone wanted to maybe Joe can shed some light on this. With that being said WSA is far supieior than WD and IMHO you don't need WD when you got the great overall protection from WSA as PIInfinity has already said.
Have a look here to learn more about the 2014 products: https://community.webroot.com/t5/Co...ecureAnywhere-is-Here/td-p/57799#.Ull1wBBcUhw
I have 2 questions. When I press 'scan my computer' in the GUI does that do a quick ore full-scan? Items with a U in the log are unknown right? Do they automatically get submitted and whitelisted?
I agree WSA is my only real-time security program and I feel totally safe with it
where are the safety ratings
You are not yet using the new web filtering but will receive it as we continue to migrate users over.
It runs a Deep scan, which is all you should ever need to use. Our threat researchers are aware of all unknown files but you can usually expedite whitelisting by writing into our support inbox.
Hope that helps!
I see thanks! Scan speed is very impressive only takes like 1,5 minute to scan nice
With my system Intel i7 CPU with SSD's and about 100 processes running my scans are about 20 to 30 seconds. As Joe said the default Deep scan is the only scan needed as WSA is very smart and looks in places were malware hide also the realtime protection is always keeping an eye on your system and only uses 2 to 6MB of RAM.
Just couldn't agree more.
It's the option a) true?
It's the option c)/d) in 2014 version?
No a is not true, not-true in C either, and D does not apply any longer, -BUT- does have Warn unless whitelisted.
For -most- users, the actions described in the post would drive them nuts in short order with requests for user action and things being locked down. I have fewer infections with default settings than some folks achieve with hardened settings.
Right on buddy!
A isn't necessary anymore (because of Infrared), B will primarily just produce additional prompts (which some users like but can generate confusion), C isn't required now because all websites are protected all the time, and you can set Maximum heuristics which duplicates 'D' but it will produce additional prompts.
In the previous version monitored/untrusted programs could not touch system objects. In the previous more detailed version programs not seen by a large part of the community were blocked also when increasing popularity setting. Would drive them nuts is not true either, WSA is/was silent with those settings, it only involved untrusted programs going outbound.
Hey Joe, PrevxHelp what is happening here? I believe you told me that most of these tweaks made it as default (at least A en C are). Get all those parrots of my back please!
Only on one of my computers the new web filtering has been rolled in.............is it normal?
I have a few other licenses that are still on the old one.
Is there a date after which we have to worry?
An announce............."Everything has been rolled out"?
Thanks in advance
The logic isn't just "if < X users, then block" as that would mean we would block every application every time for the first X users (creating a ton of support cases, considering how often software is updated). You can still increase the settings to Maximum if wanted (which sets everything to block in this mode), but it will create more prompts. The new, intelligent engines behind the product are an easier way to reduce prompts while still looking closely at every attribute of the program.
Indeed WSA isn't automatically blocking all kind of stuff in monitor mode, even with heightened heuristics. I have noticed with several new versions of some antirootkit tools that while they were still on Monitor, they were allowed to install their driver which they need for proper scanning. So I don't think manually setting a process to Monitor blocks them from acessing/writing to system objects.
Im getting a false positive while trying to login on ebay.de. It says its a phishing website, im using Firefox here. I cliked allow and proceed.
My guess is that the driver is identified as legitimate and allowed through, even if the parent application is suspicious still.