Software to compliment WSA?

Discussion in 'other anti-virus software' started by mattfrog, Jun 5, 2015.

  1. mattfrog

    mattfrog Registered Member

    Joined:
    Apr 3, 2012
    Posts:
    85
    Location:
    United Kingdom
    Hi all,

    After choosing Webroot SecureAnywhere Endpoint for the network I manage at work, I have a home license for WSA, which I am very happy with!

    I wanted to check with the fine folks here what bases may still need to be covered - for example, what's the best application whitelist software these days?

    WU is automatic, files are backed up to the big almightly cloud, uBlock with Firefox for browsing, and LastPass for password management.

    Thanks in advance!
     
  2. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,129
    Location:
    USA
    I use WSA and along with it MBAM Pro, Comodo Firewall and HitmanPro Alert. They are complimentary IMHO, and get along fine with minor configuring.
     
  3. subhrobhandari

    subhrobhandari Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    708
    I would recommend HMP.Alert, and you might throw WFC in the rig too.
     
  4. Durad

    Durad Registered Member

    Joined:
    Aug 13, 2005
    Posts:
    591
    Location:
    Canada
    I used MBAM with it, no problems at all.
     
  5. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    Either Shadow Defender or Sandboxie. :thumb:
     
  6. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    2,283
    Seems to be interest in WSA over at VS > start here #7181
    FWIW ~ I prefer ERP and not a fan of auto WU
     
  7. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,101
    Location:
    Adelaide
    MBAM PRO.
     
  8. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    Some time ago, I raised a concern regarding the WSA rollback feature if using Shadow Defender in a multi-volume environment, where some disk volumes are shadowed and others aren't, which was never properly answered.

    Webroot Rollback Feature? - Post #76

    Webroot Rollback Feature? - Post #85

    There was no reply to post #85.

    I suspect this could potentially be an issue for any light virtualization utility in combination with a program that uses rollback for recovery if a single tracking journal used for rollback across all disk volumes is maintained centrally on the system volume, rather than a separate journal for each volume in a multi-volume environment.
     
  9. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,016
    MBAM Pro and/or HitmanPro
     
  10. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,937
    Location:
    London On
    Good Morning! I've used in the past both MBAM Pro...and Appguard...in tandem with WSA Security Plus...for a layered umbrella of protection! The beauty of WSA is it's been engineered to run harmoniously with pretty much every existing app...that's the way it should be! Sincerely...Securon
     
  11. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    359
    Malwarebytes AntiExploit and either VoodooShield or EXE Radar Pro.
    If you are willing to pay, then you can choose HitmanPro.Alert over Malwarebytes AntiExploit.
     
  12. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    But see post #8.

    It's not clear what would happen if WSA attempted a rollback using a corrupt tracking journal as a result of light virtualization in a multi-volume environment where some volumes are shadowed and others aren't and a reboot had already occurred prior to rollback being activated.

    Only Webroot can say whether the file system would be left in a consistent state after rollback in this situation. So far they haven't confirmed what the likely outcome would be.

    Other than that specific scenario, I agree WSA should be compatible with most other security software under normal operating conditions.
     
  13. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    657
    Location:
    Southwestern Massachusetts
    On one of my systems used for online banking, I am using AVG IS, WSA Complete, MBAE free, and MBAM Pro concurrently; no config changes were needed to any of these products to make/allow them to run concurrently. There is no noticeable "drag" on this system other than a longer boot-up as the products update their malware databases.
     
  14. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    769
    Location:
    "Here on Wilders"
    Baldrick hit the nail on the head with his post! ;) Good Combo. :thumb:
     
  15. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    :argh::argh::argh::D:argh::argh::argh::thumb:
     
  16. Emetic

    Emetic Registered Member

    Joined:
    Oct 4, 2011
    Posts:
    67
    Personally, I run MBAM Pro, Comodo Firewall and Defense+, SAS on demand (though I have a full license) , Emsisoft AM on demand (though I have a full license), Winpatrol Plus, Hitman Pro on demand (though my license has run out and I need to renew).

    I don't get any conflicts at all with any of that.

    So really, to answer your question, I would say run MBAM Pro with it and you are pretty much covered. Whilst still taking other precautions like system imaging and virtual machines and sandboxing, of course.

    Oh, I nearly forgot, Voodoo Shield, that gives another vector of space covered.

    On a fairly well set up machine (that has its OS built and is not having loads of new programs installed), then something like WSA, with MBAM Pro and Voodoo Shield, would have pretty much anyone covered, with minimum fuss. Each of those does something that the other doesn't. For example, what I am most impressed by with MBAM is its real time malicious website blocking. The day I caught malware was the very day it did not start. It does that sometimes, it's a pain in the ****. I never use its real time malware protection, though on occasion I have and it has worked well. I just don't need it.

    For me, WSA is super super light weight. If you have a good firewall and hips set up, I don't see why you would need anything more than MBAM and VS on top. Very low cost, very broad range and complimentary protection.
     
  17. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    Hi pegr,

    I'm embarrassed to ask, but what do you mean by 'the WSA rollback feature'? o_O

    Cruise
     
  18. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    Hi Cruise,

    The following contains details of the WSA rollback feature. Although described on the Business section of the Webroot website, it applies equally to the WSA Home version. Rollback is central to the way WSA (all versions) works to remediate changes made by programs of unknown status that are later determined to be malware.

    http://www.webroot.com/gb/en/busine...risk/forensics#journaling-monitoring-rollback

    The concern I have relates to an edge case where ALL of the following conditions hold true:-
    • A multi-partition environment exists where only the system partition is restored to an earlier time. How this has been achieved - LV reboot-to-restore, snapshot/rollback, re-imaging, etc - doesn't matter.
    • WSA was monitoring and journalling the changes across all partitions made by a program of unknown status right up to the restore of the system partition, which left both WSA and the unknown program still installed.
    • After the restore of the system partition, WSA subsequently determined the unknown program to be malware and performed a rollback operation using its journal to reverse any changes made by the program.
    Because WSA maintains a single unified journal on the system partition (confirmed by Webroot), the journal may be left inconsistent with the state of the file system in a multi-partition environment after a restore of only the system partition. What the consequence of this would be if the journal were subsequently used to rollback changes made by a program later determined to be malware is unclear (at least to me).

    This is in no way a criticism of WSA or the way WSA works. The situation I am posing is an edge case, which most users probably wouldn't encounter; but as a regular Shadow Defender user, I was interested to know the answer to this before trialling WSA on my system.

    Kind regards
    pegr
     
    Last edited: Jun 24, 2015
  19. Charyb

    Charyb Registered Member

    Joined:
    Jan 16, 2013
    Posts:
    555
    I'm using WSA Internet Security Plus and Windows Firewall Control with several images and file backups. I have no worries.