Another "What should I pair with webroot" post?...

Discussion in 'Prevx Releases' started by Syntax Terror, Sep 1, 2013.

Thread Status:
Not open for further replies.
  1. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,044
    Location:
    Ontario, Canada
    Last edited: Sep 3, 2013
  2. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Not sure what you mean by, "if it's bad I can remove it"? They are not allowed at all last I heard. But post them if you want too, I don't mind :)

    I fail to see how watching a youtube test, will change what unexperienced users will think, or not think about WSA. I believe youtube tests can make it even worse, especially if the tester don't know how WSA works exactly.

    The best we can do is to direct users to that thread only, and skip the talk about youtube tests all together.

    Edit:
     
    Last edited: Sep 3, 2013
  3. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Well I figured, why not post the current status here on Wilders too so everyone that are wondering and eagerly waiting can read it here as well. :)

    https://community.webroot.com/t5/Co...es-and-Webroot/td-p/17708/page/2#.UiY_dD-uPm4
     
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Could you please provide more information on this? We haven't seen anything like this.
     
  5. Syntax Terror

    Syntax Terror Registered Member

    Joined:
    Sep 1, 2013
    Posts:
    6
    Location:
    United States
    I am more curious about WRSA's mail shields, and IM shield, even though they are not important to me, because I you can see mail threats coming and act accordingly, and IM threat is minimal because I don't generally converse with jerks.

    That's not to say that I'm not curious, should I ever have a $5000 computer and a 100Mbps DL signal that I'd want a full suite for. WR's firewall is outgoing only, and the controls are not very comprehensive or intuitive.

    That's why I figured I'd pair it with Comodo FW.

    Didn't like ZoneAlarm's interface. The offline scanning has got to be pretty crappy, just by the nature of its design. All of this doesn't bother me because the most important parts, the file shield and web shield managed to be rated very well, and their effect on performance is so negligible that it's in an unparalleled class of its own.

    For mindful surfing, nothing can compare to WR SA, pound for pound. The active protection is is between good an great, but, more over, the speed blows doors down and provides quality, realtime defense in a way that's only been imagined before.

    95% of the time the basic WR SA, set right, permits websurfing at rates that would cost yu hundreds per year in internet bills and hardware. That's why It's my de facto AV.

    However, I want a tangible - for lack of a better word - realtime AV engine with powerful and competent, but not overactive and paranoid, heuristics, that I can flip on, in junction with a highly customization firewall for when I need to suit up and go into the freeware realm of the darkside of the web. I do solo IT work, and I don't recommend/install anything that I don't try first.

    I's had, Trend Micro, Titanium Maxium, Norton 360, Avast IS, BitDefender Total, Kaspersky, and more probably more, on my desktop this year, and Webroot has had the biggest impact on me.

    I never get burned becayse I have a assortment of other tools for scanning.

    Malwarebytes is the best scanner, but the "PRO" element of it is nowhere near as good as the realtime provided by BD, Kas IS, or Norton IS. And webroot either, it seems. However MBAM is so cool, I feel they deserve the 1-time $25, just for such a kickass scanner.

    I haven't found a good free antispyware scanner. Spybot eems to be the only option, and I'd rather not.

    I hit the adware/spyware with my unlimited, disposable SAS portable technician edition scanner(s). That thing is worse than the Cookie Monster about goblin' 'em up. I have a plethora of other tools, but never need them.

    I'm ironclad over here. And lately, regarding realtime defense, I've just been running WR SA & Win FW(no win defender). I got WR SA 1-user for 10 dollars. Best deal evar. I'd hate to just install the main component of avast as additional prtection. For the avergae user, Avast! is the best overall free AV. However, Avira nd AVG's annoying and invasive, selves are stronger. I guess i was wondering that, since I can't get BD Free to work with WR very well (too bad, it's exactly what I'm looking for. striiped down, awesome, in-the-PC AV component, with little resourse impact and, no frills. ), whether I could just install Avira's main engines, and set WR and Avira to compliment each other.

    But my last experience with Avira was a pain in the @$$. I just want a awesome, non-cloud, engine to work with WR, and the CFW I'll probably put on there just for optional control of outbound and inbound, but will not use most of. BD, Vipre, and Kaspersky seem to have the best databases and signatures. Maybe i will try AdAware's AV element. It's supposedly comin back up in the AV world, particularly concerning new, unknown malware defense. Uses the Vipre engine, IIRC.

    I don't know why they cant test Webroot. I don't disbelieve it, as it truly is a unique AV, but, in the real world, the same random malware comes at a WR user the same as a Kaspersky, BitDefender, or Norton user. I hate BD's "you're dumb, we'll handle the settings" interface, but BD is undoubtedly strong. Norton has flown right back into the top 5 this last year or two. 360 isn't slow, considering the vast array of options and tools that it gives a user. My Kaspersky IS trial wa a nightmare It simply didn't function properly, in many ways, and was awful to uninstall. Other than that, I loved it. The perfect balance of aesthetics, useful options, legible and dignified dialogue, and vsuper effective, as usual.

    In the end, WR gives top tier protection with speeds that put all other AVs to shame.
     
    Last edited by a moderator: Sep 4, 2013
  6. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    That's easy to answer.

    Test Says:
    "Malware sample. If the threat process starts, fail."

    With everything else, that's true. If they miss something and it loads into memory and starts executing, Game Over. Also, if it's not detected immediately, gotta wait for a definition update. Hours? Days? Weeks?

    With Webroot, it's still Game On because of system critical function shielding and journaling for rollback, so Webroot can quite literally prevent Malware from successfully doing anything malicious even while it's running and then still cleanly remove a completely new and unseen threat 10 minutes later.

    Test Says:
    "Infect the machine with AV off, then see how well the AV cleans it."

    With other AV, any given infection has a very specific set of rules for how to clean it built into the definition file. Look for these 500 things and delete the three of them that are found, for example. One of those 500 things -might- be legitimate? Oh, bummer... Well, we will have to remove it anyway since we'd fail otherwise. Oh, that fourth thing was not on our list of 500? Ahh well. Partial pass is good enough.

    Webroot, by comparison, works properly when it sees the unknown infection come in and journals it. It sees precisely the four things the threat does and targets them explicitly. Precise surgical removal, no collateral damage, nothing missed because of the journalling. But that means there are no 500-step generic cleanups built for each threat family, so when it can't see what happened (AV Off), it gets partial or full fail more often. Even though it removes the threat itself and any capability for the threat to operate, it might leave something like a text log file the threat made on install or a folder that the threat was in.

    So it's like the other AV is a wall around the city with guards at the gates, and any bad people who get into the city have free reign. Thus if the test gets past the gate, instant fail.

    Webroot is the wall with the guards, but also anybody who isn't known gets an escort wizard that controls what that unknown person can see and rolls back time for everything the person did if they turn out to be bad. The tests don't understand the wizard, they only understand "Bad person inside the city", and call it a fail without taking the magic into account.
     
  7. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,044
    Location:
    Ontario, Canada
    Nicely said Techfox! :thumb:

    TH
     
  8. nsm0220

    nsm0220 Registered Member

    Joined:
    Aug 30, 2013
    Posts:
    138
    Location:
    USA
    on a side note:while Eset needs to fix their zero day protection badly like the world was ending and besides i didn't post any youtube links here
     
  9. nsm0220

    nsm0220 Registered Member

    Joined:
    Aug 30, 2013
    Posts:
    138
    Location:
    USA
    1st of all i make sure every av guards for unknown malware testing part is on after i scan a pack of malware in and it depends on the malware its lets in if pups or adware and make a pc mess full of it then it will the so-so scale but if lets in malware that has rootkits,lets in Ransomware,lets in patching virus,or makes a mess in the important windows folders like system 32,windows,and other important windows folders needed to start windows then it gets a big fat 0
     
    Last edited: Sep 5, 2013
  10. GreekGuy

    GreekGuy Registered Member

    Joined:
    Oct 6, 2011
    Posts:
    41
    Location:
    Toronto, CANADA
    I think the point TechFox is making is that Webroot's shields would NOT allow an undetected piece of malware that slipped through undetected (such as a rootkit, Ransomware, patching virus, or malicious code that damages Windows files) to actually do any damage to critical areas of your computer. Any changes the undetected piece of malware makes will be undone by Webroot's journaling and rollback features (once Webroot detects the infection) and your computer will be returned to its pre-infection state.

    Is this not the case? Please correct me if I am wrong.
     
  11. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    That's the way I understand it also GreekGuy. I'd like to hear if that's the way it works, and also how successful they've been in their own testing. Can software really be monitored for any length of time and all changes it has make be completely restored without causing trouble elsewhere on the computer? Seems like a lot to ask of any security program.

    My question is more out of curiosity than because of concerns, because if something malicious is found by WSA or o-d scanners, I'd just install a system image rather than trying to fix things. Still, it is comforting having WSA there in case something unexpected happens.
     
    Last edited: Sep 5, 2013
  12. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    nsm0220 posted this at #31591 at the What is your security setup these days? thread: "the only trouble is with Webroot SecureAnywhere is it weakness with zero day malware,fake av's,Ransomware,and rootkits you should make a bootable cd or hitman pro kickstart in case Webroots weakness gets your pc badly hit by malware"
    https://www.wilderssecurity.com/showthread.php?t=111264&page=1264

    I believe he should provide some evidence other than a YouTube review by malwaregeek if he's going to spread that around at Wilders.
     
  13. nsm0220

    nsm0220 Registered Member

    Joined:
    Aug 30, 2013
    Posts:
    138
    Location:
    USA
    you know why i won't test webroot because your behavior stinks,2 i don't test avs that have a history with bad zero day protection 3. its detection rate sucks as well.trust me if i did a test on this things will end badly for Webroot.
     
  14. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    The only response I will give to this is the same one that we give to others who come up with similar statements: that is, you clearly don't understand how Webroot SA works. I suggest re-reading Techfox1976's excellent post above [#31].

    Even AV-Comparatives acknowledge WSA's detection methodology as different to other more conventional AVs. To that end, as SweX mentioned [post #28], AV-C & Webroot are currently working on a new type of test to look at how WSA functions differently to more traditional AVs.

    YouTube tests are generally frowned upon at Wilders so most don't give them much credence. Leave the tests to the more credible testing organisations.
     
  15. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    Well there you go. With proof like that who needs testing?
     
  16. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    This is about WSA not ESET, yes I know that you haven't posted any youtest links here yet, it was only a reminder to keep them out of Wilders.
     
  17. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Please not again this amateur tests, with no idea on the working of the software and a smelly soup of malware to test. :thumbd:
     
  18. PC_Fiddler

    PC_Fiddler Registered Member

    Joined:
    Aug 18, 2012
    Posts:
    167
    Location:
    Yorkshire - UK
    I don't frequent this forum very often mainly due to the fact I rarely have any issues with security - I've just renewed WSA yet again & have had no problems either on the PC's in this house (I have a 13 year old!) - My brother hasn't with his PC's or my 2 sons & family's or my son in law PC's & others in my extended family who use WSA - I don't need to read any reviews or tests, I now have a fair amount of personal experience :D
     
    Last edited: Sep 6, 2013
  19. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    'To each his own' they say. There are choices available. If someone thinks an AV isn't good enough for them then choose another. If one remains stuck with one's belief without considering facts, reasons or viable data available then one can save us some pain ~ Snipped as per TOS ~ and simply move on to the next best choice according to his/her belief. If you want to help why not produce some constructive criticism and points of error so that people can make the product better and everybody benefits.

    Why go on giving one sided comments? Wastes everyone's time and energy.:thumbd:
     
    Last edited by a moderator: Sep 6, 2013
  20. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,044
    Location:
    Ontario, Canada
    Nicely said PIInfinity! :thumb: All you have to do is look at all his posts from his profile he argues with everyone in other words Trolling. feed.gif

    Daniel
     
    Last edited by a moderator: Sep 6, 2013
  21. nsm0220

    nsm0220 Registered Member

    Joined:
    Aug 30, 2013
    Posts:
    138
    Location:
    USA
    btw i know how Webroot zero day protection works i saw it in action
     
  22. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    That's a moot point, since we've seen how your "testing" works, so we don't really care what you think. Even better, despite any attempts you may make to think about contemplating the possibility of considering maybe kinda sorta halfway somewhat semi pseudo sounding like you know what you are talking about, you have no idea what you come across as to other people when you pretend to have any semblance of credibility.

    But thank you for helping Webroot get more customers. ^.^ Your feedback has convinced quite a number of people to get Webroot. I'm impressed. I never would have thought that trolling rants about how supposedly horrible something is would be a good way to get people to want to see, find out that it's good, and get it. You should become an affiliate.
     
  23. nsm0220

    nsm0220 Registered Member

    Joined:
    Aug 30, 2013
    Posts:
    138
    Location:
    USA
    i and most other youtube testers are most likely driving off customers away from this av then helping
     
  24. nsm0220

    nsm0220 Registered Member

    Joined:
    Aug 30, 2013
    Posts:
    138
    Location:
    USA
    btw i will test this av whatever you like it or not
     
  25. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    Not the case at all, so don't put yourself down like that.

    You're putting its name out there and your results are so outrageously ridiculous that people look deeper. You're bringing attention to the product in such a way as to sensationalize it and embed it in the viewer's mind, so people want to know more. Then they have absolutely no problem finding real information, so they buy it. They wouldn't have seen past the Norton and Trend boxes in the store had they not seen fit to look into it because of videos like yours. I highly applaud your work, because it's so sensationally insane that it works wonders for getting the attention of the viewers who see it and getting their mind focused on the product.

    Looking forward to your next review to see how many extra sales it creates.

    (YouTube is owned by Google. Webroot uses Google Tracking on its pages. Yes... They do know exactly how many customers buy after viewing videos like that. Heh.)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.