Turning off shields

Is there anyway for the Webroot icon in the taskbar to stay green when you turn off one of the shields? Tired of looking at the gray and orange exclamation mark. I know I turned off the shield and do not need the constant reminder.

 

No there isn't but what Shield do you have off and why may I ask?

TH

 

I turned off USB shield. Sometimes when I put something on my USB stick on this machine with Webroot and then try to transfer to my other machine I sometimes get an error message and Win7 fixes the USB stick and the new files disappear and I have to do everything over again. Sometimes it works and sometimes get error message.
Everything I put on my USB stick has already been scanned with Webroot, EsetNod32 and Emsisoft Anti-Malware so I do not need the USB shield.

 

Wait...grey?!?!

The only status colors within the WSA interface should be green, blue, yellow, and red.

Green means you're good.

Blue means you're protection is fine but a scan hasn't been run recently be it missed schedules repeatedly or you manually do it ad haven't done it in a while. Please scan now.

Yellow means you have disabled a non-essential shield.

Red means threat detected or you disabled an essential shield.

 

Yes Gray what version are running STV0726?

TH

 

At the moment, we don't have any way to prevent the tray icon or status screen from reflecting the fact that a shield is disabled, although there may be some value in adding a registry setting or some option to hide the disabled shield status just to make the indicator more visually appealing.

Let me know your thoughts!

 

Option to hide the disabled shield status is a great idea!

 

I also agree and make it an Option in the settings?

TH

 

I would like to see this option added too. If the tray icon is permanently indicating an error (because the user has turned off a shield) it loses it's value as a way of alerting that something has gone wrong that requires attention.

 

Ah I now see what you all are referring to...

Green means enabled and grey means disabled for the shields setting tab and on the tray icon.

What I was referring to was the overview page's main status color. There, grey is not used. It is green, blue, yellow, or red.

In the greyed out tray icon, WSA will also show a tiny red/yellow color corresponding to the status on the overview tab. Look closely in your screenshot...you can see it.

 

Yea, make it stop, make it stop.........................................................

 

The idea though is that "Nobody should have any reason to turn off a shield", so if a shield is off, it's wrong, and hiding the indicator of such is fixing the symptom (Indicating the shield is off) rather than the problem (Not having any reason to turn the shield off).

For example, the USB shield doesn't scan stuff being put onto the USB drive unless it hasn't been scanned and registered "Good" before. It applies stricter scanning rules and checks to things coming -off- the USB drive, especially when the system is off the internet. So if it's impacting putting things onto the USB drive, they'd prefer to fix the cause for turning it off (whether that be reducing or removing the impact, or educating the user that it does not impact and does not need to be turned off), than to implement a way to hide things that could be a problem (Shields down! Photon torpedo incoming, Captain!).

 

"...so if a shield is off, it's wrong, and hiding the indicator of such is fixing the symptom "

Agree with you, that's why the WSA installer should have a "custom" option in which you can choose which shields to install and which not; maybe I have a better application which will cover that "shield" and I do not need the WSA shield.


And "...educating the user ..." to fit the WSA product doesn't seems a bright ideea....


Claudiu

 

"""""that's why the WSA installer should have a "custom" option in which you can choose which shields to install and which not; maybe I have a better application which will cover that "shield" and I do not need the WSA shield."""""

"""""And "...educating the user ..." to fit the WSA product doesn't seems a bright ideea....""""""






exactly how I feel too, couldn't had said it better
you should be able to install what "YOU" want
"NOT" what someone else wants

 

Been said many times before that a layered approach is perfectly fine and if the shield operates properly and doesn't impact anything when operating the same function that the "other application does better" in your opinion, there is no reason to turn it off.

No impact, no cost, extra benefit... Why disable it?

As to education, we are well aware that we cannot help willfully-ignorant folks, but if a person is misinformed of something like "If you run ESET and WSA at the same time your computer will be completely unusable no matter what because running two at once is horrible.", then simply showing them "Look. This computer is running both at once on default settings with no special arrangements and it still works." can often educate them properly. Or educating that they don't need to schedule the agent to check for updates despite the fact that everybody taught them that they need to set their AV to check for updates as often as it can.

As such, yes, it is a very important idea to educate users who are capable of being educated.

 

Ouch... They are back...

 

Hi Techfox1976,

"Been said many times before that a layered approach ...."

layered approach doesn't mean running duplicate software (like 2 AV, 2 firewalls,etc)

read this:

http://community.webroot.com/t5/Web...nternet/WSA-missed-a-trojan/td-p/14494/page/2

"....I told him to install Webroot and perform a scan to see if it would find anything. It did not. We also tried two other scanning tools and they found nothing. Finally we used Malwarebytes and it found two threats...file name was _isdel.exe (trojan zbot). Once the two files were quarantined, the problem disappeared. I was disappointed that the spyware function in Outpost missed it as well as all the others...including Webroot. So I'm wondering how common this really is?"

Once MBAM is faimous in malware detection and removal, sounds logical to want to have it on your PC as part of " a layered approach " and dissable/remove the simmilar shield from WSA.

Hope is clear now.

Thanks,
Claudiu

 

What is "clear" to me is that several dozen systems running WSA + MBAM Pro + Privatefirewall have never had a single detectable malware infection on them. Call that "duplication of software" or whatever makes you happy. I call it "seems to be working for me".

 

+1

 

What about enhancing the system tray icon to indicate that Shield settings have been customised, i.e., one or more turned off...perhaps change the colour of the 'W' or add a star to the top right corner of the icon?

And then in the context menu provide an option called Shield Status that shows the status of each shield, ie, on/off?

And if we are really going to town whilst we are here, I would add the option to switch the individual shields on/off. From a usability perspective I think that this would greatly improve things and most probably allow users to keep all shields on all of the time and just drop them as and when required (and for whatever reason) rather than having to call up and go through the main UI.

Of, course I understand that this might well add to the overall app footprint that Joe & the Team have done a marvelous job in keeping so small...but I am sure that if considered they would weigh up the related trade offs etc.

Just my half penny's worth.

Regards


Balders

 

That fails at the layered approach though. The idea behind layers is to have two different things covering the same function in slightly different ways.

Your example seems to advocate turning off all AV protection on WSA because MBAM caught something. Yet MBAM doesn't catch everything (trust me, I know this WAY too well and make a lot of money off MBAM not catching everything XD). So you have AV from MBAM AND AV from WSA and WSA catches some stuff MBAM doesn't and MBAM catches some stuff WSA doesn't.

That's what having layers is. Not puzzle pieces stuck side by side, but two things covering the same vector without interfering with each other.

By the way, in that thread you referenced, it's still looking at whether it really was a ZBot infection since MBAM had a rash of FPs on that file set.

UPDATE: On that thread on the Webroot Community, it turned out to be an FP. Good Job MBAM, way to wipe out those system files! Which is precisely why I haven't used MBAM in years if I am able to do a manual removal.