WSA v8.0.2.79

You can still use CCleaner alongside WSA if you choose - the main purpose of WSA's System Cleaner is to focus on security-relevant areas and privacy-relevant applications, including a very secure right click "Permanently erase" option.

While we could add this, it is difficult to manage application updates and requires a lot of manual work. Instead, WSA performs transparent sandboxing around each of the applications so even if they are vulnerable, it will still protect your system.

As for websites downloading fake applications, we will sometimes intentionally not block the website but block the files coming from it. It all depends on how the threat enters the system and where it's hosted from (often from an ad which isn't actually part of that website's code).

 

So why isn't chrome/chromium, Firefox and others included? While I understand the security relevance aspect, I think excessive logging is a security risk, and it might be wise to add those to the cleaning roster. But that's an opinion I have in all fairness. I'd just like a better cleaner, while I appreciate the secure erase aspects.

Sign up with Secunia. Part of the security of Linux is repositories. One of the reasons Google doesn't accept installation of extensions outside of their repositories is this provides an additional level of security. Secunia licensed repository would allow WR to scan for vulns, then 1-click update them. I understand if this is an aspect of the product you don't want to focus on, but I still think it is a pretty huge addition. Because keeping a PC upgraded itself is a strong security measure.

This is actually true.. I have discovered some machines get WR-Blocked on a website, and others do not. The difference is one machine had adblock extensions blocking malware/ads which the page had, the others didn't. WR handled the one without, but had no reason to pop up one that did.

I am running some tests on about 200 malware domains to see where WR stands in regards to COMMTOUCH, while not an authoritative test, it will provide me with a baseline with which to judge the products in terms of my person, and corporate implementation of it.

It has been suggested WR will run WITH BG.. That might be a surprisingly advanced combination. I actually installed BG on a system with WR, and forgot to uninstall WR, and after a couple hours working on it, was shocked to see both icons at the bottom - and the fact the machine ran perfectly fine. Any comments on that?

 

It's on my list even though I don't have Chrome installed.

TH

 

They are - if you aren't seeing them and have them installed, please let me know. They're in the Applications list under System Cleaner and I have both on my system.

I agree that Secunia is valuable for managing software updates, but being that it's already free, I would just recommend that users continue to use it free as-is. WSA will still protect vulnerable and patched applications the same: just because something is up to date doesn't mean it won't be vulnerable to something in the future so we still provide the same high degree of security generically on live systems.

If you're looking to test websites, I recommend using our free website reputation toolbar, currently in beta: http://brightcloud.com/wrtoolbar.php

Yes, WSA will work alongside every security product without any problem. The only potential "issue" you might see is some AVs flag Webroot as "incompatible", but you can usually uninstall WSA, then install the other AV, then install WSA again and it will no longer prompt for incompatibilities.

 

Thanks for your responses.

I asked a few questions about Webroot and the USGovt. Can you tell me if WR has any relationship with the DOD or USGovt, and any contracts or cooperations in place with them? This would be helpful in evaluating the product for some folks because of the nature of our privacy destruction in this country. It has been discovered that quite a number of software firms give the govt backdoor access to user data, and I would prefer to have at least some knowledge about WR's stance in this area since security products have a low level of system access. I have nothing to hide, I just enjoy my privacy.

Thanks

EDIT: PrevX offers screencapture call blocking, why isn't this in Webroot? Trusteer has this as well, and I think it is a valuable feature. I would love to see a boost in keylogger blocking and other features in WR, so far it doesn't pass any exploit testing whatsoever. Spyshelter has a handy tester on their page, and WR doesn't snag anything. Not saying its a perfect method to test, but it sure would be nice to have some stuff blocked.
http://www.spyshelter.com/download/AntiTest.exe

 

I don't know what relationship we have with the government but we don't collect any private data or have access to it so I can't see how there would be any backdoor access.

WSA has full antikeylogger and antiscreengrabber protection. It protects all data entered into browser sessions, or you can add custom applications under Identity Shield > Protected Applications. It looks like we have the SpyShelter leaktest whitelisted which is why it's allowed to see the screen, but live malware will be blocked. As far as I know, we haven't whitelisted the Zemana screenlogger ( hxxp://www.zemana.com/LeakTest/simulation-programs/ScreenLogger.exe ) or their keylogger leaktest, if you'd like to test against something which acts more like it would if it was an actual infection.

 

Is there is a logical reason for whitelisting the Spyshelter test? Anyone using it will think that WSA is failing to protect which could result in a) lost business and/or b) endless "WSA fails spyshelter test" posts.

 

I am skeptical about this as well. Spyshelter test slips through the vast majority of products out there, and a lot of folks aren't even aware of the test so I find it odd it would be whitelisted.

I have to dig through some old CD's but I have some pretty nice fake trojan/keylogger type of programs I can no longer find online. I know those aren't whitelisted, if I can find the CD they are on I will test that. It functions similar to the Spyshelter one.

 

I'm not skeptical about it at all. I have previously tested WSA against the Spyshelter test and WSA passed every test with flying colours. I'm just trying to understand how this whitelisting would impact anybody testing now.

 

Yes, I just checked it out and it makes screenshots even though I have this unchecked:

 

I just tested SpyShelter here and we aren't blocking it, but it's because of how the leaktest works. We've blocked the approaches it tests since Prevx 3.0's SafeOnline (you'll see several threads on the forums here describing it as they discovered new techniques which we added, but haven't changed anything since then). The case here is that the leaktest is the foreground window, so the Identity Shield's screengrabber protection stops as the browser isn't the foreground window. We could look into changing this, but I'm not worried as any real threat would be running silently in the background. I've doubly confirmed that we are blocking all of their techniques (BitBlt, StretchBlt, AlphaBlend, GetPixel, MaskBlt, PlgBlt, TransparentBlt). Kudos to SpyShelter for discovering some of these a few years back as they definitely did move the bar forward with screengrabber blocking.

 

But what about keylogging? You can test WSA anti-kelogging with spyshelter as the web page is in front and not in the back. Can you confirm that you don't block it also by design? I am asking since it seems not the behaviour I have experienced since many version of PREVX and WSA. Now I cannot test it properly due to a bug of WSA with WIN8

 

@fax
I don't know if this is what you are asking, but I just tested WSA against the keylogger test of SpyShelter and WSA seems to be working fine. The keylogger menu was showing "************" when I was typing into the search box of a website.

 

The same happens for me as well so it looks like it's working properly.

 

OK! Great. That what I thought it should be. Then I wait for the next version of WSA as it does not work here on WIN8. Btw, Are you testing it on WIN8? No, right?

 

Sorry. I'm testing on Windows 7 Ultimate, 32 bit.
I can't speak for Joe.

 

Win7 x64 SP1.

 

Come on, I expect better from the makers of the excellent Window washer

 

thank you both

 

Hi Prevxhelp

I have opera installed and can not see it in applications in the cleaner settings.
I have w8 64bits installed with WSA+Sandboxie

 

I suggest writing into our support inbox. We have support for some versions of Opera, but perhaps it has recently changed its install locations to where we wouldn't see it anymore.

 

Well I just installed Opera 12.11 on my Win 8 64bit VM and it shows in the Cleaner settings.

TH

 

We've changed this now with the latest build of WSA (8.0.2.93 - you may need to manually download the new build or wait a couple days for the updates to be available globally) and SpyShelter's tests are fully blocked here on Win7 x64.

 

ah, that explains it.

Good, that will clear up confusion for some users,

 

Just to report that latest version 8.0.2.92 works as intended and SpyShelter keylogger is blocked (also on WIN8 32bit).