Solved

No Webfiltering in IE 11 or Chrome

  • 20 November 2013
  • 57 replies
  • 373 views

Userlevel 2
Hi..............I just installed WSA 2014 and so far I am not impressed. Please fix my problem. I have uninstalled and reinstalled 2x. There is no webshield/filter running or installed in either IE 11 or Chrome. I am using Win 7 Home Premium 64bit. There is also an ongoing thread at Wilders. I do not even have the crx file listed by Triple Helix. So what gives? IThe eicar test does not even get blocked. Thanks. 
 
http://www.wilderssecurity.com/showthread.php?t=356072
icon

Best answer by RetiredTripleHelix 3 December 2013, 01:54

View original

57 replies

Userlevel 7
Badge +56
Ok here is the final version! Everyone has the 2014 product most still use the 2013 Web Shield and the new Web Shield they are rolling it out slowly to keep an eye on it as it's all new tech so you lose nothing but have patience in the waiting for the new Web Shield it's been said from an inside source that approx 1/6th of the Home users have it now with further roll outs until complete and there is no time table when it will be completed.
 
Thanks,
 
Daniel
Userlevel 4
Badge +16
Thanks for the responses, guys.  You answered all my questions.  Appreciate the time and concern.
Userlevel 2
"Here is the final version"? What does that mean? Did you provide a link? How is it that I have NO webshield at after 2 installs? Just like these users.
 
http://www.wilderssecurity.com/showthread.php?t=356072
 
I downloaded and installed WSA 2014. That should contain the 2013 webshield. It does not. Explain please. Thanks. 
Userlevel 7
Hi dbrisendine
 
As TripleHelix said...the new functionality is coming...and I believe that they will be accelerating the tranches of user keycodes that get updated...as the monitor the current and are satisfied that the new shield is at least as good as the old one...and most likely better.
 
As TH said...patience is required.  I have two licenses for WSA...one has received the update, the other not yet. ;)
 
Regards
 
 
Baldrick
Userlevel 7
Badge +56
Great to hear and thanks for understanding! ;)
 
Cheers,
 
Daniel
Userlevel 7
Badge +56
@ wrote:
"Here is the final version"? What does that mean? Did you provide a link? How is it that I have NO webshield at after 2 installs? Just like these users.
 
http://www.wilderssecurity.com/showthread.php?t=356072
 
I downloaded and installed WSA 2014. That should contain the 2013 webshield. It does not. Explain please. Thanks. 
Sorry if I'm going to be rude or blunt! What part of what I posted above that you don't understand? There is nothing more to say but have patience you will get the new Web Shield in time as that person had issues of getting the new Web Shield installed in Chrome so there are issues so the reason for a slow roll out. :@
 
Thanks,
 
Daniel
Userlevel 2
Please people. I am not talking about the "new" web shield. I am talking about a web shield in general. Notice the topic of my thread. It clearly says "no web filtering". It does not say "no new 2014 web filtering". Thanks. 
Userlevel 2
Dear Daniel...............................................I AM NOT TALKING ABOUT A NEW WEB SHIELD. I AM TALKING ABOUT NO WEBSHIELD. Gezzzz.
Userlevel 7
Badge +56
@ wrote:
Please people. I am not talking about the "new" web shield. I am talking about a web shield in general. Notice the topic of my thread. It clearly says "no web filtering". It does not say "no new 2014 web filtering". Thanks. 
Ok here is the final version! Everyone has the 2014 product most still use the 2013 Web Shield and the new Web Shield they are rolling it out slowly to keep an eye on it as it's all new tech so you lose nothing but have patience in the waiting for the new Web Shield it's been said from an inside source that approx 1/6th of the Home users have it now with further roll outs until complete and there is no time table when it will be completed.
 
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
So what part don't you understand?
Userlevel 7
Badge +56
@ wrote:
Dear Daniel...............................................I AM NOT TALKING ABOUT A NEW WEB SHIELD. I AM TALKING ABOUT NO WEBSHIELD. Gezzzz.
If you feel that you have no Web Shield I would suggest you Submit a Support Ticket and have them look into it then it can ease you're mind!
 
Daniel
Userlevel 2
I dont feel its not there. I know its not there cause it is not listed in Program Data. Is not suppose to be there? 
Userlevel 7
Badge +56
The 2013 Web Filter does not show up in the WRData folder you will see the extra folders when you get the new Web Filter. Again if you feel you don't have any Web Filter contact the support inbox. Try this http://www.yahoo.com and see if you see any greens check marks when doing a search for Webroot? Try IE, FF and or Chrome.
 
Daniel
Userlevel 7
Badge +56
Also see this https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/Getting-a-warning-box-upper-LH-side-of-screen/m-p/64111#M3361 and the whole thread is a good read.
 
Daniel
Userlevel 2
I did that. No green check marks. Got home and re-installed WSA. Same results. Just downloaded the first malware link from malc0de. Not detected at all. Right click scan nothing. WSA is not working what so ever. 
 
https://www.virustotal.com/en/file/e1c4604375f6d2d0babcf1d9c2c1cfd16c599533c6fd6224f7ae686f972588b6/analysis/1384986823/
Userlevel 7
Badge +56
PM sent!
Userlevel 2
What PM? Nothing in my inbox.
 
Another missed sample.
 
https://www.virustotal.com/en/file/f0aafc029ce0ab9dbb87b0ad2f320a776f07371778f198cb5eda3f8da4786fdb/analysis/1384987320/
Userlevel 7
Badge +56
That's nothing to do with the Web Shield and the PM is there now.
Userlevel 7
Badge +6
Are you saying the right-click scan is not showing any GUI menu, or that it's not detecting anything?
 
Static virus scans are not very effective, especially since the WSA technology stack does not have a heavy local analysis component. This is why WSA is the fastest on the market.
 
In order to test WSA effectiveness you need an isolated network and VM since it will require actually triggering execution and monitoring progression. At that point it will be detected, or sandboxed until it's detected. For this reason it's not possible for someone without a specialized setup to actually test functionality except by using EICAR test file. Ultimately, right click scans are artificial scenarios that can not be used to judge any company's antivirus suite's level of effectiveness. It just so happens that WSA is especially weak in this area because of it's different approach. What matters is the end result.
 
VirusTotal themselves have taken a position on this issue, which I've pasted below:
 
BAD IDEA: VirusTotal for antivirus/URL scannertestingAt VirusTotal we are tired of repeating that the service was not designed as a tool to perform antivirus comparative analyses, but as a tool that checks suspicious samples with several antivirus solutions and helps antivirus labs by forwarding them the malware they fail to detect. Those who use VirusTotal to perform antivirus comparative analyses should know that they are making many implicit errors in their methodology, the most obvious being:
  • VirusTotal's antivirus engines are commandline versions, so depending on the product, they will not behave exactly the same as the desktop versions: for instance, desktop solutions may use techniques based on behavioural analysis and count with personal firewalls that may decrease entry points and mitigate propagation, etc.
  • In VirusTotal desktop-oriented solutions coexist with perimeter-oriented solutions; heuristics in this latter group may be more aggressive and paranoid, since the impact of false positives is less visible in the perimeter. It is simply not fair to compare both groups.
  • Some of the solutions included in VirusTotal are parametrized (in coherence with the developer company's desire) with a different heuristic/agressiveness level than the official end-user default configuration.
These are just three examples illustrating why using VirusTotal for antivirus testing is a bad idea. The Prevx team also made an entry in their blog discussing the matter.
Userlevel 2
Lol...............You dont need a VM when you have a clean system image handy you can mount. So how is anyone suppose to know WSA is actually working if you dont test it? I have tried just about every av out there and never an issue as seen with WSA. Even running a full scan yeidls nothing on that file. 
Userlevel 7
Badge +6
Hi GTR707,
As I stated in my previous post, static scans of executables sitting on a disk are not something you can judge an antivirus based on. Antivirus can only be truly measured in real-world conditions where a malicious executable is launched on physical hardware. This is the position of every major antivirus vendor, including Symantec, and even VirusTotal which provides the results of static scans. The antivirus testing organizations recognize this as well, and one is even redesigning their testing protocols to take into account the way that WSA works compared to other products.
 
Malware is such a complex problem with such complex solutions that it can not be tested simply. In fact, malware is designed to not do anything if it detects a testing scenario, further complicating issues.
 
In the nineties a method was developed to safely test if an antivirus is actually engaged in protecting a machine. It is called the EICAR test file and you can find it here. http://www.eicar.org/86-0-Intended-use.html
Userlevel 2
LOL.........................explanoit................Please DO NOT reply unless you have read the entire thread. Do you honestly think I do not know what the eicar test is? And in my eyes WSA fails it. CIS,AIS,NIS,KIS,AVG,Avira,Panda and Qhioo all detect the eicar test. Either by blocking the download entirely or when it is finished. WSA does nothing. 
Userlevel 2
I downloaded the eicar.com file. Chrome gives a warning. I allow it and it downloads. I right click on the eicar.com file and WSA detects and removes it. 
Userlevel 7
Badge +6
In the end, I care about malware's ability to infiltrate a machine after execution and stay in it.
 
If you care about deep local inspection of files and are not interested in other facets of the Webroot solution or approach, then I concede that this is definitely not a product for you. I completely respect that approach and I have in fact questioned Webroot directly about their static executable analysis and detection rates.
Userlevel 2
WSA is a cloud based scanner. So is Panda. But yet Panda works like a charm and achieved 100% detection in the latest AV-C test. 
Userlevel 7
Badge +6
You are correct @ in that WSA does fall down when it comes to instant/static detection rates and that it's not a good thing.
My position is that their other innovations, user experience benefits, buttressing and final outcomes outweigh those negatives. But if that is a metric that you cannot compromise on then your opinion is perfectly reasonable.

Reply