Webroot SecureAnywhere Discussion & Update Thread

Attacking meh? I was praising meh, in fact I love meh.

 

Yes, you've brought facts, but it's the same thing over and over. If you don't like it, move on. It will be fixed, maybe not as fast as you or others may like, but it will be.

 

Thx bro

 

i run it on my own system without the filter. i dont like the current one and it will catch stuff anyway, i also test the beta as well.

 

Do you uncheck the Web Filter Driver as well since you have a BETA keycode?

Thanks,

Daniel

 

no on the beta i run with it. its the other systems i disable it

 

I remember at one time WRSA was able to detect an (IE) exploit on one of my clients computer, stopping it from further malicious downloads and removed the infections (i think it was where the rollback kicks in).
My client was suprised when i showed him the log during my routine maintainance inspection, he didn't even used IE as his primary browser and did not know when and how it took place as he has no recollection of WRSA trigger a notification.
Everything is done silently in the background it seems.

Most of my customers who have WRSA on their machine are made of gamers. I did a few demonstration on how to configure WRSA to detect suspicious activities for sneaky programs like spyware, bots, loggers in their gaming machine.
This is particular helpful if they are using cheat bots. From there on words started to spread around, his friends told his friends and so on.
Some of them are former Kaspersky users as they like the application control alot but after introducing them to Webroot and how unintrusive and light this program is they started to like it.
Webroot came with a retail box option, in the region where i live in, most computer user prefered to buy offline. They can be easily available at certain IT store.

Apart from the rollback function (i wouldn't say it is perfect), the identity shield and the outbound application firewall is a great plus. At one time on my desktop computer WRSA was able to detect and stop a trojan (in an application) from calling home and my Comodo firewall (talking about its great antileak capabalities) wasn't able to stop it. I believed Comodo D+ is useless if the user set them to allow or fully trust signed programs it just flag them to as safe. In my humble opinion Comodo is not meant to be used by just anyone.

Elsewhere with the right setting WRSA can't be easily fool as every malicioua activity is journal and analyze in the cloud untill they are proven to be malicious. To my understanding many don't understand how WRSA works, just because malicious program(s) are allowed to write to the disk or run it doesn't means WRSA aren't doing its job.

Another example from my own experience with the Max settings it was able to detect a signed driver rootkit in my mobile modem. About a year later the US government banned this particular vendor from bidding government contracts or buying their products. This event even strengthen my suspicions how WRSA is underated by naysayers and fanboys of certain products.

But sadly Webroot has dumb down its advanced settings so i wasn't able to configure like i used to. I prefer to be in control of my security programs. I think WRSA is unique in its own way and i have very much satisfy customer. I'm yet to receive a serious complains from them.

I'm a great fan and an expert user of Malware Defender but since it was abandon and not 64bit supported there seems no other "swiss army" program like it. Others that l really like are SpyShelter Premium, ESET Smart Security, NVT EXE Pro and the promising Crystal Security (i wish Kardo had change that cheesy and common brand name).

I completely agree with Mortal Raptor and some others regarding the Web filter extension. I hate the 3 seconds delay that comes with it. Webroot should support every browser that the user used. I prefer Cyberfox as my main browser which i had to manually configured the extension myself. Webroot should follow ESET example and go extensionless. Atleast they should compensiate their customers from the partial flaw - a 6 month extended license will be a nice compliment.

It's up to them fixed or lose customers.

 

Great post, very well said man. Another thing I don't like about WSA is there is no way to exclude folders from being scanned. That's a very vital feature for me as a pgoram I use called SVP (Smooth Video Project) works best when there is no intrusion from the AV. It's clean, it just doesn't play nice if an AV is scanning. Such a great AV not having a way to exclude/files plus folders (I'm not talking about allowing an app upon detection, I am talking proper whitelisting of an entire folder) is a big show stopper as well.

 

For your information this Idea is in process and looks like in the second quarter: https://community.webroot.com/t5/Id...-specific-files-folders-from-scans/idi-p/3300

TH

 

that's perfect! thanks for listening to your customers

 

This reminds me of Bitdefender, files or folders that are in the exclusions lists are not completely excluded from its protections, they may not be scanned but they are stilll being monitored by the AVC (active virus control) which is a good thing. I'm not sure about how WRSA would behave if certain files or folders are excluded but it is not impossible given by Bitdefender example.

Thanks

 

Better late than never.

 

Sorry to stand out from the crowd but while I understand users wanting this feature as they are typically used to standard AVs design I feel the exclusion by folder is opening up a potentially huge security issue for a solution that checks the system based mainly on execution behavior rather than on read/write. I would prefer more R&D on faster or easier whitelisting of multiple files (e.g. if a folder is selected all existing files are whitelisted, but future files should be still monitored).

For a security product safety should be the first priority.

I have WSA installed on several machines that I monitor remotely and FP or misbehavior is very rare, well not really happening since some years ...

 

Fully agree with you, but if it is gonna be implemented as a advanced optional feature, I see no harm.

 

And I'm not sure how they are going to implement it but as we all know if something gets loose WSA's Realtime Shield is always on the look out! I see it mainly for Business users and Programmers for there work does not get detected but the average user will not use it and I don't have any reason to use it but Webroot does listen and some things will never happen as we might want a feature but WSA will stay under 1MB that's all I can say!

TH

 

When I had Norton the exclude folders and subfolders option was indispensable to allow certain programs to run; a local TV streaming app that I use, for example. Whitelisting the main .exe file was never enough because of the way Norton monitors unknown programs. With Webroot I never had that problem, when I whitelist an exe all its related modules are whitelisted too.

 

Daniel can i have the beta download link again..I reformatted but i at least wrote down my beta key
Tom

 

i hope they allow exclusions like this. i HATE when an av allows you to exclude something only to detect it by one of its real time shields that you cant turn off auto delete on. i just cant stand when an av want to be the sole ruler of my computer and thinks it always knows whats best for me. and yes as long as this in in the advanced feature set i dont at all see the issue. normal users dont even go into the advanced section.

 

Daniel, I've just installed the Webroot SecureAnywhere Beta version on my Windows 7 device thanks to Serena's request to Nic, and I'm surprised that I'm no longer seeing any search annotations (the BrightCloud icons to the left of each Google search result) in my Firefox browser. Is this perhaps normal with the current Beta version??

FYI v8.0.8.77 is installed, the Web filtering driver is enabled in Advanced Settings/Firewall, and the Web Filter Extension no longer appears in the Firefox Add-ons.

EDIT: I've looked again more carefully, and I now see that the Web Filter Extension Add-on is there, a new version 1.1.0.58, but it is disabled.
When I try enabling it, if in Firefox I right-click on Google search results and select 'Open in a new tab' I get FP blocks with the same webpages as I got in the past. When I disable it, I do not get the FP blocks.
Also when I enable the Web Filter Extension, I get the search annotations. When I disable it, I do not. (However when it is enabled, curiously I get no search annotations with this Google search results page.)

 

Report it in the Beta group!

Daniel

 

Yes, you're right. Given the further points raised in my "Edit", this is now a matter for the Beta group.

 

I'm using wsa 8.0.8.77 together with the latest version of MBAE.
Have you experience any problem using both together? I have notice that the MBAE log is empty despite in the general tab appears that is protecting 1 application (browser)

 

You might want to check through the WSA UI to make sure it isn't protecting/monitoring/blocking MBAE processes.

 

Everything is in allow, maybe is an issue of MBAE that doesnt' log properly, I have asked the MBAE thread just in case.

 

How do I know if the web filter is working...?... Just the the search ratings showing up?