Best answer by RetiredTripleHelixView original
Best answer by RetiredTripleHelixView original
Already have an account? Login
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
what are your versions of Chrome and IE ?
Welcome to the Community Forums :D
Sorry to hear that you have had a bad experience with WSA. To try to get to the bottom of what you have seen (which I must say is most untypical in my experience) can you advise as to the precise actions that you undertook to get the result that you did.
Was the infection actual or are you just saying that WSA did not detect the malware at download? Reason I ask is because WSA looks for active threats and a piece of malware that is on the disk but effectively dormant will not be detected (as it is not doing any harm). However, should it try to activate/run then WSA will detect and jump into block if it identifies it as a threat. If it cannot determine it as either good or bad it will switch to monitor mod, journalling any actions the monitored program undertakes and if a lter determination is that the program is bad then it will block it and then reverse the actions it has taken (nd were monitored) prior to the 'bad' determination.
Do not know if that helps explain what you may have seen, but please feel free to ask further questions and we at the Community will try to answer/explain. ;)
Understand where you are coming from here but let me try to reply to each point specifically before you completely give up on WSA. ;)
Normal plain old install. Completely removed avast using the avast uninstaller. Cleaned up any left overs and rebooted.
Baldrick - Perfect approach
Installed WSA and downloaded the eiar test file usign Chrome. No detection. No alarm.
Baldrick - I have done the same and it does not warn or alarm given the way that I advised that WSA works...until the malware goes active it will not be intercepted/reported...but in the case of eicar...WSA knows what it is and so ignores it...as do some other AVs I know.
Downloaded using IE 11. No detection. No alarm. Nothing in logs.
Baldrick - as per above.
Did a scan and it was detected.
Baldrick - in this case because you are scannng it will report, etc. That is how WSA works.
Does WSA have website ratings when you Google stuff like WOT?
Baldrick - Yes, it does; and in fact Webroot is just rolling out a new version to the user base via silent updates, so it is possible that you would not yet have had it with what you installed. I have received it and it provides the rating of search results in IE, Chrome & Firefox, etc.
How come there is no Chrome plugin to be found?
Baldrick - As stated above there is cover for Chrome in the new Threat Shield that is being rolled out (slowly), but you are still well protected by WSA even if yo have not yet got it.
Unisntalled WSA and tried again. Samething. Downloaded some malware samples and "none" where detected.
Baldrick - Not surprised given what I have advised in terms of what you said about your first install/testing.
All verifed using Virustotal. Scanned with MBAM and all 4 samples were detected.
Baldrick - At the risk of being boring the reason for this is what I have already advised, i.e., that the WSA protection philospohy/the way it works is different to what I would euphamistically called 'traditional' solutions. ANd I have to admit that it does take some time to get used to/trust...but that is because we have been brought up on the 'traditional', etc.
I was done with WSA.
Baldrick - Far from me trying to convince you I will try to find some links to articles to support what I am saying so that hopefully you can make an informed choice.
Mounted my stored image with avast. Sorry but I have tried every av out there and never have I ran accross something like this. Heck even Comodo detects more. Thanks anyways.
Baldrick - One last thing...it is not about just detection (but I am sure that you know this) but also about prevention/interception & correcting...all of which WSA IMHO does very, very well.
Anyway, I hope you will consider what my responses and take a fresh look at WSA. :D
Please feel free to post back if yo do so decide and have more questions.
When I download and install a product it should work as designed. I have watched YouTube videos on WSA and see a webshield but not in my case. I have tried CIS,NIS,KIS,AIS,PCA and others. Never an issue. I felt like I had NO antivirus running at all. Right up there with MSE. I wanna see alarms going off and a webpage saying "malware blocked". Why was the eicar test not even detected when clicked on or when download was finished?
And if WSA is so good then why do use KIS with it? It should be able to stand on its own.
It appears that you mind is made up and so be it. I have tried to explain that WSA works in a different way to 'traditional' AVs/ISs and what you are seeing is as a result of that.
I am not trying to convince you to change your mind; rather just responding to your assertion that "...there are people at Wilders complaining about the samething" by saying that there are 30+ million WSA users...and I do not think that 30+ million users (especially a good number of business users) would be using WSA if what you are saying is the case.
The roll out of the NEW (there is protection from the current one) Threat Shiled is being rolled out as we speak...and I suspect that alot of the comments & criticism that you are referring to is due to the fact that this si taking longer than expected and at present Webroot have not provided much indication of when users will get it/how long it will take. This has been the subject of some serious communication between senior Forum members and the powers that be, etc.
Anyway, if you wish to become more accquainted with the way WSA works then please stick around...if not and your mind is made up I wish you well with whatever security app(s) you decide to go forward with...and a malware free experience. :D
All the best
As had already been mentioned we operate so completely differently to other AV`s. We see infections all the time before other AV vendors do.
1. I beta test for Kaspersky as well, and prior to using WSA I used KIS, so have an attachment to it.
2. No one solution (even WSA...;)) is 100% secure and so I prefer a layered approach, as I believe do many others.
3. WSA is designed to be used on its own if the user so desires but it is also designed to co-exist/complement other
AVs/ISs...something it does better than any other AV/IS I know of.
4. I beta test WSA and given 2. & 3. above it makes sense for me to run both.
5. Of the two laptops we also use in my family BOTH run ONLY WSA. It is only the main, desktop system that runs both
apps...and I feel safe on the laptops with just WSA...despite what I said in 2. above.
As I said earlier...I am not going to try to convince you as your mind is obvioulsy made up...that is your right & perogative. If that is the case then you are welcome to stick around...but if you do please desist with the ranting...I contend that you have made your point...for anyone reading the thread to see.
As I said...I wish you well for the future...with or without WSA.
PS. I am not a Webroot employee, nor have any affiliation with the company other than being a user of WSA and a Community Forum member. 😉
Dormant files even if malicious but only sitting on your HD are harmless. However once executed WSA will catch them and handle them accordingly (block, delete, put to quarantine etc.).
As for the shield, the new web shield (based on BrightCloud technology) is being rolled out progressively and possibly you have not received it yet. Nevertheless you have "the old shield" that does its work still perfectly. On top of that there are other WSA modules/shields which are protecting you in the same time. So there is no reason to be somehow worried.
Last but not least, WSA is so good that you can use it alone what many users, including me, do. ;)
FYI...............The file listed on Virustotal I provided was executed with NO detection. I was placed in my start up folder. Was succesfully remvoed with MBAM Free.
How can I get Webroot Filtering Extension version 18.104.22.168?
Glad to hear that you are not a lost case...;)
If you have concerns about what you are seeing then I would take up the offer that Rakanisheu made in post 10. If you provide him with what he has requested he can get to work to understand what is happening on your system. You will be in good hands with him. :D
To answer the 1st question of your last post; because it is part of the NEW Web Threat Shield, and from the looks of things it has not yet been rolled out to your installation.
2nd question; you have to wait for it to be rolled out to you. You may have seen in other threads/posts on the subject that there are some that have it and some who do not yet. As I said previously senior member sof the Community are in contact with Webroot to try to get more infomation about where we are in the roll out and when it is expected to be complete...but with 30+ million users to update it has been taking a while and could go on for some time...unfortuantely all I can say at this time is...please be patient...if you decide to persist with WSA.
Maybe the other point is that it is not always great to show the general public parts of advanced builds (ie - BETAs or not fully released to the public) before they are included in current build / release (be it downloaded installed or 'pushed' from the backend server the moment the software becomes active).
What about the people that just spent $30-50 on WSA 2014? They dont even get a webshield? Is the download link in my email any good? I am using the most currect version.
Also what about this roll back feature. How come I did not see an option for that?
May I suggest that you open a Support Ticket and provide a synopsis of your issue(s). At this stage I believe that they are the only source of assistance for your issue(s).
I will correct you on the point "What about the people that just spent $30-50 on WSA 2014? They dont even get a webshield?". They DO get a web shield...it is the current one NOT the new one that is being rolled out progressively.
If you are using v22.214.171.124 then you are using the most current version...as I said before the new web shield is being rollout electronically and is not part of the current downloadable installer.
Finally, the roll back features are under the cover and their use is determined by WSA. There is (thanksfully) not option for user control. If you require that then I would suggest dedicated rollback software...there are a number available.
Open a ticket and see what the Support Team can do to help.
What I mean by that is what explanoit explained in an earlier post (see post 12 in case you missed it):
"As for the shield, the new web shield (based on BrightCloud technology) is being rolled out progressively and possibly you have not received it yet. Nevertheless you have "the old shield" that does its work still perfectly. On top of that there are other WSA modules/shields which are protecting you in the same time. So there is no reason to be somehow worried."
Hope that clarifies?
I refuse to open a support ticxket for a product I am merely trying on for size.
I filled out the the free 6 months Bronco's give a way. The download link in my email sent by Webroot should be the mosr current version. Am I not right?
Just downloaded the trial version and its the same as the version I have. Care to elaborate? The installer downloads all the nessary files from your servers. It is not a full offline installer. So why arent the nessasary componets being installed?
Sad to say but I believe that trying to help you is a lost cause. The answers are in the previous posts in this thread.
Try reading those, and reflecting on them rather than fiinding more to complain about.
All the best
Dear Baldrick.................Your replies do not help my issue at all. Why does the 2014 installer not even contain a web shield? So anyone buying WSA 2014 right now does not get a web shield? Seriously? 2 installs and NO web shield. Nothing in the program data folder at all. I am not talking about the upgraded web shield.
How does one obtain WSA 2014 with a web shield? Explain please. Thanks.
Is there a server issue that is not downloading all the nessasary WSA files onto ones pc?
As explanoit has said previously and I have referred to as well..."As for the shield, the new web shield (based on BrightCloud technology) is being rolled out progressively and possibly you have not received it yet. Nevertheless you have "the old shield" that does its work still perfectly. On top of that there are other WSA modules/shields which are protecting you in the same time. So there is no reason to be somehow worried."
Cannot be any clearer than that.