WSA suggestions thread

Discussion in 'Prevx Releases' started by Dermot7, Oct 27, 2011.

  1. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    The lock is just reflecting the status of the foreground window with focus - it is very likely that other browsers and other applications could still be being protected in the background: it's just trying to show the user the status of what they're currently typing into and using.
     
  2. acooldozen

    acooldozen Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    221
    Location:
    White Rock, BC, Canada

    Can't be any plainer than that!............................. Also see Post #121
     
    Last edited: Dec 18, 2012
  3. guest

    guest Guest

    Thank you very much for listening and implementing "Control Active Processes" into context menue of (W)-Symbol. :thumb:
     
  4. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,103
    Location:
    on my zx10-r
    yeah joe and webroot are one of the ONLY companies out there in the av world that imo listens and actually tries to add what users want!!
     
  5. Anarion

    Anarion Registered Member

    Joined:
    Dec 22, 2012
    Posts:
    36
    Location:
    Finland
    There are few things that annoy me a bit.

    1. The counter in Overview view... I really doubt it that user finds it useful that the program has inspected 20 234 265 874 since you logged in and 2 034 234 265 874 235 since you installed the program. At least I'd like to have option to disable these statistics, totally useless and meaningless waste in my opinion. From overview and in general. In fact, I don't want it to count nor show how many times I've pressed keyboard for example. :p
    2. It would be nice to have advanced option to control which shields/modules WSA monitors. I.e. if I'd like to disable firewall, it wouldn't nag about it. So simple menu in advanced section where you have check boxes for items that you monitor.
    3. Option to remove "Permanently erase with Webroot" from right click menu.

    Other than that it has been really smooth experience (well, excluding the Identity Shield issues).
     
  6. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,103
    Location:
    on my zx10-r
    not sure if it works on webroot since i can not test it right now but if you use something like ccleaner you can remove webroot from the context menu. not sure if webroot will put it back on the next reboot or not though.
     
  7. Anarion

    Anarion Registered Member

    Joined:
    Dec 22, 2012
    Posts:
    36
    Location:
    Finland
    the WRShellExt seems to add both so there doesn't seem to be separate entries for scanner and that wiping thing.
     
  8. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,103
    Location:
    on my zx10-r
    ah okay i was not sure as my system that has webroot is not with me right now so i could not check. i thought it was worth a shot to check.
     
  9. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    This was a feature requested by a large number of users. The count isn't as immediately valuable (although very useful for us when debugging issues with users) but you can click on each of the types of events and view the persistent events as they take place in realtime (a la Process Monitor).


    I agree - there have been some other requests for this as well and it's on our list :)

    We recently added a registry value to remove it - if you create a new DWORD value under HKLM\Software\WRData\ (or on x64 - HKLM\Software\Wow6432Node\WRData\) named NoRightClickErase with a value of 1, you will no longer receive the right click menu for erasing files.

    Hope that helps! :)
     
  10. Anarion

    Anarion Registered Member

    Joined:
    Dec 22, 2012
    Posts:
    36
    Location:
    Finland
    That did it, thanks!

    Still though, the zillion billions are a bit confusing. ;)
     
  11. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Previously I suggested making a diagram of some kind under a tab of WSA to show cloud statistics. I see now that that is probably an overkill.

    I do still, however, feel strongly that for a cloud product there should be some mention of the cloud connection.

    With the 2013 updates implementing the statistics on the overview/main tab I got an idea. Just to be perfectly clear, I'm not talking about the main status of your PC security. I'm talking about adding one of those little sub-statuses like where it shows you how many active connections the firewall is monitoring.

    Green check. You are currently connected to the cloud. The cloud is currently protecting X people from Y threats.

    Blue Mark. You are currently offline from the cloud, but Webroot's offline more is ensuring your protection.

    I just think that would he informative, cool, diagnostic perhaps, and not cause any user panic.
     
  12. d0t

    d0t Registered Member

    Joined:
    Apr 23, 2011
    Posts:
    181
    We could have an option to hide the window when erasing with Webroot in the background. Maybe an icon on the task bar when it's on going
     
  13. Anarion

    Anarion Registered Member

    Joined:
    Dec 22, 2012
    Posts:
    36
    Location:
    Finland
    I wonder if it would be a good idea to make a section for false positives somewhere (either here or Webroot forums) where people could post virustotal links and stuff so that those fp's could be removed quickly. Spamming support isn't probably the best idea considering that Webroot is pretty trigger happy... Something like what Comodo is doing @@ their forums, it has been really effective.
     
  14. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,818
    Location:
    Ontario, Canada
    The best place to report FP's is the the Support inbox only: https://www.webrootanywhere.com/servicewelcome.asp?

    Please see here: https://www.wilderssecurity.com/showthread.php?t=314555

    TH
     
  15. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    Webroot doesn't use VT information regarding false positives and does detect a LOT of true-positives that -nothing- on VT detects. When you put in the ticket, they automatically get the information related to your FP with the ticket and are able to address it directly in the system, whether it be clearing the item or telling a shocked user, "No, sorry, that really is a threat. While VT says nothing, it tried to load a DLL into your browsers and call out to a URL that holds TDL4." And last time I checked, they don't have a plethora of FPs from the majority of customers.

    So the ticket system is still the most efficient for the customer and for Webroot.
     
  16. Anarion

    Anarion Registered Member

    Joined:
    Dec 22, 2012
    Posts:
    36
    Location:
    Finland
    Not necessarily the most efficient way but I need to give it a try...
     
  17. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    Your suggestion:
    Go to VT and upload the file.
    Get the results (Which Webroot will ignore because they are smart).
    Go to a forum and log in and post the results of VT.
    Dig through your WSA logs to include the relevant scan line in the post.
    Webroot needs to log into the forums and finds it in the forums and starts to work to move data from the forums to their back end system to make a determination without contextual data.

    The way it works right now:
    Click-Click. Click. Click. (Go to Support Ticket from the agent)
    Select False Positive from the dropdown list.
    Type "I tried to run supersomething.exe and it was detected by Webroot." and click send.
    Webroot has all the information automatically, including context, and you receive an alert - usually within hours or less - as to the outcome. The outcome is live in the system and affecting all Webroot customers prior to you receiving that alert.
     
  18. Anarion

    Anarion Registered Member

    Joined:
    Dec 22, 2012
    Posts:
    36
    Location:
    Finland
    Apparently they do and I didn't really think about it, feels almost scary. :D Anyway they fixed the FP's. Well, it does seem to work pretty well this way actually.
     
    Last edited: Feb 8, 2013
  19. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    When you open a support ticket and the agent sees you do it, it automatically sends it's own diagnostic info linked to the ticket. This is important for context too, because the support team can see if there if more going on related to the report than the user would know to look for. Like if there is a "FP" on something related to an unknown tampering with it, for example.

    Glad it worked well!
     
  20. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,330
    Location:
    Outer space
    I think it would be a nice feature to be able to right click a file and request (cloud) information about the file:
    Date of first appearance
    Number of users
    Is it digitally signed? If so, is it a valid signature?
    Is the file a known good/trusted file?
     
  21. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    That would be interesting. The Digital Signature part is already supplied by Windows in the Properties dialog, but the rest is Webroot information.

    Don't know if that would end up revealing anything dangerous or abusable in any manner. That would need to be taken into account. For example, a malware author querying "How many people are infected with my currently-unknown item before I throw the secret command out?"
     
  22. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,330
    Location:
    Outer space
    About the signature, yes that's true, but if it would also be included, that means less clicking :p

    I'm not sure if it would add any danger, but if the malware author is able to communicate with a piece of malware running on victims computers, then it wouldn't be hard to find out how many machines he has infected anyway.
     
  23. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    This idea, or a version of it, has always been on the cards from the beginning of Prevx 4 alphas, and will be coming, but other priorities have taken over development of that side of things.
     
  24. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Bring back the simplicity of Prevx.
    Plain and simple. Not the product but the theme in WSA. Come on, WSA is still a nightmare for a non-geek user. I know because I hear it all the time with, "What or how do you set it, oh great one."o_O

    Webroot, bought the product or the technology? Look at your overall sales numbers based on list price. Are you happy with them? No, if you were I would not be able to buy copies of WSA for .99 cents on the internet.

    You folks still hold the key, at least I think so, on offering a new alternative for security products that you just lock and load. It has got to be more user friendly, if it isn't, it will be like so many other products. Just limping along. That gets to me because you, do know exactly what I am talking about. Will it be another Webroot product, or will Webroot approach like it Prevx Ltd did with no holds barred.

    Folks, or vendors, where do you make your long term money. Short sales or long term users. The wave of the future is for products to be as simple to use
    and also understand.
     
  25. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I'm interested in any suggestions here - the feedback we've received is that the configuration changes made for the 2013 product solved the complexities, and the automatic out-of-the-box self-configuration answers users needs. If there's something you're hearing isn't working easily enough, I'd definitely be interested in hearing about it.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.