WSA--->very convenient answer!

Discussion in 'Prevx Releases' started by claudiu, Sep 19, 2012.

Thread Status:
Not open for further replies.
  1. claudiu

    claudiu Guest

    http://community.webroot.com/t5/Webroot-SecureAnywhere-Complete/Trojam-today/m-p/11094#M976


    "Trojam today

    ...it was Avast that popped up telling me I was hit with a Trojan Horse... Now I am wondering it I shuold continue to run both programs on all machines.
    (NB: Avast and WSA)

    and the answer:argh: :argh: :argh:

    "The reason Avast will have got to it first is that if you have another antivirus program on your computer, WSA is smart enough to know that the other antivirus program is a good program just trying to do its job for you..."


    Well,I was born at night but not last night....

    Claudiu
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    This is actually accurate. The reason that WSA is able to be compatible with other security products is that it allows Avast/MSE/Norton/etc. to lock the file/remove the file/or do whatever they please with an infection.

    Other vendors immediately lock down access to threats and this generates significant contention problems, usually followed by system crashes as other AVs try to unlock the exclusive handles held by other AVs. The common thought of "use only one AV" is definitely not a myth - we've put forth considerable research/development in ensuring that we are fully compatible with other AVs, and one of the ways in doing this is to allow them to take credit for the detection.

    Rest assured, however, that if you were using the other AV alongside WSA, WSA would still block the threat even if the other AV missed it.

    Hope that helps! :)
     
  3. d0t

    d0t Registered Member

    Joined:
    Apr 23, 2011
    Posts:
    181
    Just made a fool of yourself... what PrevxHelp just said has been posted a million times in other threads.
     
  4. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,634
    Location:
    UK
    I was going to post something similar to what PrevxHelp said, but by the time I hit 'reply', the thread had been locked and so I was unable to.

    Suffice to say, the fact WSA has been engineered in such a way to step aside to allow another AV product to act if it finds an infection is remarkable. This has to be quite an achievement considering the old adage of not using two anti-malware products together, mainly because of the potential conflicts PrevxHelp referred to.
     
  5. lurkingatu2

    lurkingatu2 Registered Member

    Joined:
    Apr 25, 2007
    Posts:
    22
    Location:
    Oregon
    hello

    just a thought after reading this

    if the other Av that is running along side of WSA finds a unknown virus will WSA take a sample of the virus also and send it to the cloud to be analyzed so that it will help all the people running just WSA

    i mean would it not help other people using WSA for Webroot to have a copy of some new virus also

    Thanks

    James

    :)
     
  6. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    He is back... :ninja: LOL
     
  7. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Yes, WSA will still scan the file once it hits the disk even with another AV in place :)
     
  8. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    I agree, that is very convenient. There is so much inconvenience when educated users would like to run two real-time security programs and kernel level file lock contention brings the system to an untimely death when both of them detect something. Normally, trying to get two AV programs to run together is very difficult, if not impossible.

    It's very nice to know that WSA makes it extremely convenient and actively works to avoid such conflicts. So it's fast, effective, and now also convenient!

    And smart. You don't find too many AV programs that are smart these days either. They do silly stuff like spending lots of CPU cycles scanning Java JARs for rhino exploits even if your version of Java can't be exploited and javascript that takes advantage of something ancient like IE 8. Those are MY CPU cycles, dammit. I don't want some big, fat, AV program chewing up my system resources to watch that stuff. I want to use my CPU cycles for -my- stuff. WSA is smart enough to know that the java and javascript themselves can't do anything except try to get an executable payload, and since it catches the payload, it doesn't waste my time looking for the messenger.

    Heck, I've even seen less-educated people say "But that java/javascript is in my cache now!". Big whoop-dee-do. :p If it's in your cache, the browser will never look at it unless the exact same URL that was cached is visited again and the file delivered by the URL is exactly the same. If that happens, it won't matter if it's in your cache anyway, since it'll just come down from the server again. :p

    It's like people at laser tag who complain "OMG, He's shining the laser in my eyes!!!" ... Four methods to fix this. 1: Blink/close your eyes briefly. 2: Avert your gaze. 3: Hold your hand up to block the laser. 4: Shoot him and his laser will turn off. Seriously, you could stare at the laser from two inches away for hours without even getting a blind spot and your eyes are not valid targets when he pulls the trigger, so you have a better chance to shoot him and turn his laser off. XD

    Thanks for bringing this great observation to our attention, it's definitely helped a lot more people choose Webroot SecureAnywhere. You can use it safely even if you're not sure your old AV was uninstalled.
     
    Last edited: Sep 20, 2012
Thread Status:
Not open for further replies.