Webroot SecureAnywhere Discussion & Update Thread

Discussion in 'other anti-virus software' started by Triple Helix, Jun 6, 2014.

  1. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    1,645
    Location:
    Hollow Earth - Telos
    I was just updated to version 9.0.23.32.
     
  2. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,152
    Location:
    Hawaii
    I bet that startled your spouse.:eek:
     
  3. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,059
    Location:
    UK
    I am having a problem finding where in webroots interface is the log file for blocking a network connection.

    I got an alert on first boot in the morning for wow64/consent but i cannot find if that is the correct path to figure out what it is.
    I blocked it

    I googled for consent in the dir wow64 comes up with generic answers for other things so the search terms must be too general.

    So where is it located? ( either in the interface or a log text file)
     
  4. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,622
    Location:
    Ontario, Canada
  5. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,059
    Location:
    UK
    thanks for the reply:

    Sat 22-09-2018 14:34:03.0224 Monitoring process C:\Windows\SysWOW64\consent.exe [E5AA5A1F02EF1AF6630A2EA458FD19D6]. Type: 0 (5322)

    I cant find it in explorer maybe it was a temporary file?
     
  6. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,622
    Location:
    Ontario, Canada
    https://www.file.net/process/consent.exe.html

    2018-09-23_13-34-17.png
     
  7. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,059
    Location:
    UK
    so why did WSA flag it as untrusted on boot up?
     
  8. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,622
    Location:
    Ontario, Canada
    Not sure, but I wouldn't worry about it.

    Also Type 0 Monitoring means nothing.

    Sat 22-09-2018 14:34:03.0224 Monitoring process C:\Windows\SysWOW64\consent.exe [E5AA5A1F02EF1AF6630A2EA458FD19D6]. Type: 0 (5322)
     
  9. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,059
    Location:
    UK
    ok thanks
     
  10. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    1,645
    Location:
    Hollow Earth - Telos
    The webroot filtering extension for chrome does not seem to be working.
     
  11. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,622
    Location:
    Ontario, Canada
  12. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,152
    Location:
    Hawaii
    As of recent date, Google also iced MBAE out of Chrome. Big Brother is up to no good IMO. Long live Firefox!
     
  13. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,622
    Location:
    Ontario, Canada
    Google wants everything to go through there Chrome Store. :(
     
  14. m0unds

    m0unds Registered Member

    Joined:
    Nov 12, 2015
    Posts:
    169
    Enjoy it while it lasts - Firefox has the same code injection blocking in their roadmap for Q1 2019.
     
  15. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,152
    Location:
    Hawaii
    For internet-facing apps, including but not limited to browsers, MBAE affords effective protection against exploits, I believe. Will the blocking of code injection eliminate the need for protection such as that provided by MBAE? If not, is it possible that eliminating code injection will close one door to hackers but open others? I ask these questions sincerely -- not to start a debate -- but to understand.
     
    Last edited: Oct 10, 2018
  16. m0unds

    m0unds Registered Member

    Joined:
    Nov 12, 2015
    Posts:
    169
    I agree, it's a good product, but I feel like the best protection it offers is exploit blocking applied to media players, document viewers and productivity/office apps, as they have a different security model than a browser.
    It's hard to say - with Chrome/Chromium, the browser is sandboxed and isolated and exploits would need to escape the sandbox in order to compromise the system. Firefox is secure, but doesn't use as many fancy techniques, so I'm inclined to think it might potentially benefit more. Both browsers are automatically updated, and both have talented security teams, so I feel it's safe to say that if they're confident that preventing code injection improves stability and security that they know what they're talking about and users would likely benefit more from protecting other apps like PDF readers, Office, media players, etc. that don't have the security model of a browser.
    I'd say that it doesn't open doors to hackers - as a security researcher, the bulk of the browser-borne threats I see are things like drive-by downloads where blocking a bad site or payload downloaded from an unblocked site makes a bigger difference.
     
  17. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    1,645
    Location:
    Hollow Earth - Telos
    It is working as of right now but who knows for how long.
     
  18. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,622
    Location:
    Ontario, Canada
    I'm still waiting to hear back from the Product Manager who looks after the WTS for some info.
     
  19. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,622
    Location:
    Ontario, Canada
    @Dragon1952 here is what I got!

     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.