Solved

using another anti virus for offline protection


Badge +1
hi ,since sometimes i'm not in places with Internet access i'm going to install an antivirus(maybe nod32) along side the webroot for offline protection because offline protection in webroot is not as brilliant as online protection(when it can contact the cloud) what i' m asking is, is it fully compatible with other antivirus? i know that it is compatible but when i say fully i mean every layer of it's protection(specially rollback and journaling and behavior monitoring ) are working without any problem when an antivirus is along side secure anywhere with adding webroot to it's exclusions .
icon

Best answer by shorTcircuiT 30 May 2014, 13:43

View original

20 replies

Userlevel 7
The only things that are 100% are death and taxes! Joking aside generally speaking I havent seen WSA have any issue with other AV`s. The only time I have seen issues is where another AV has detected a infection and has locked the file but then again its quite rare (if it happens just set WSA to monitor the file).
 
I personally wouldnt bother with another AV even offline the client will journal any unknown and as soon as its gets online it will get the determination. If your offline realistically speaking your talking about getting new data from USB sticks and the clients settings are higher for connected devices. To be honest the infections that are passed from USB sticks are quite obvious to see (mostly fake AV`s/PDF`s etc). Its worth turning off the autorun function if your device is going to be offline a lot btw.
Userlevel 7
First: my opinion.  :-)   There isn't really a need for a backup AV: WSA stores the info as to what files should be monitored on the hard drive, and any new files encountered while offline are monitored by default until a connectioc to the Cloud is made to verify things.  WSA also will still detect any malicious activity while offline: that is built in and not a part of the Cloud.  The definitions are in the Cloud, but the actual monitoring for files doing bad things is all rifht on the computer and active when offline.  Anything that might still slip past can be reversed by the monitoring/journaling.
 
Second: YES.  WSA is built so that it is compatible with other AV solutions, and while I do not use a second there are quite a few here who do.  One tip is to install the other AV first: while WSA is compatible the other installer doesn't know that and it WILL complain.
 
A second tip is to 'over-ride' the WSA executable in the other AV, amd over-ride the other AV within WSA to keep them from flagging each other as a risk.
 
Give it a try and let is know if you have problems: chances are someone here can help work things out if you do encounter any kinks.
Badge +1
yes , i want a better protection from USB malwares because webroot is not so good at detecting them offline, and sometimes i use USB flash drives when i'm completely offline .
Userlevel 7
This is only my own opinion but I wouldnt be putting USB sticks in my PC from people I didnt trust (and even them I am always cautious). I would also be checking the contents before running any executable from one.  
Userlevel 7
Hi dante
 
All thenadvice already given is excellent but if you are determined to have additional USB protection then why go for a whole suite when there are a number of apps out there that have for a mission the protection of systems from USB sourced attacks.
 
I mean, why buy a whole new house just because you want an extra room...you would be better off adding an extension to what you have got...it would be cheaper, etc.
 
Same goes here.  You should be able to find reference to some suitable tools via Google.
 
Regards
 
 
 
Baldrick
Userlevel 7
@ wrote:
This is only my own opinion but I wouldnt be putting USB sticks in my PC from people I didnt trust (and even them I am always cautious). I would also be checking the contents before running any executable from one.  
ROFMAO!  :D  Thanks Roy!  I needed that today.  Sage advice! 😉
Userlevel 7
@ wrote:
This is only my own opinion but I wouldnt be putting USB sticks in my PC from people I didnt trust (and even them I am always cautious). I would also be checking the contents before running any executable from one.  
Awesome security tips :D
Thanks Roy! :D
Userlevel 7
Since I have installed Webroot, I don't need anythiing else. I'm runniing Windows Firewall and Webroot. IMHO Webroot takes care of it all, trust is a important aspect when installing security software and I trust Webroot......there is nothing better.
Userlevel 7
Hi Antus67
 
Completely understand where you are coming from re. what you say...but even the most hardened fans of WSA (and I am one of them) will tell you that nothing is 100% (altough WSA is pretty close IMHO).
 
Therefore, I supplement WSA with another app (with specific focus).  And I do use another app (MBAM, as it happens) for on-demand scan periodically and/or as a second opinion.  Whlst this does have real time protection features (I use the Pro version) I have these switched off.
 
In summary, all I would say is a layered defense, or at least a fall back position is always good to have to hand...just in case.  But I am certainly not advocating that you are not more than adequately protected with just WSA.
 
Just my thoughts on the subject (and this from someone who ran WSA with another security app also running realtime protection...for a long time). ;)
 
Regards
 
 
Baldrick
Userlevel 7
Layer Protection is a plus I must admit and you are correct nothing is 100% effective (but Webroot is close;)) I have to correct myself in one aspect I do have Trojan Remover (On Demand Scanner) sitting in the back, which I will run periodically.
Prior to installing Webroot this is what I had installed:
Antivirus Avast Internet Suite
SpyShelter Premium
MBAM
KeyScrambler
 
At that point in time I felt I had enough layered protection...............however saw the light with Webroot:D
Userlevel 7
Hi Antus67
 
Of what you have described as previously having I would retain MBAM as an on demand scanner.  Should not really discuss it here as it is a Webroot Forum...but I think that many here will concede that it is an excellent app and well worth having as a back up.  Ditching the rest...I agree with. ;)
 
Regards
 
 
 
Baldrick
Userlevel 7
Will do thanks for the advice
Userlevel 7
Entirely my pleasure, but please don't just take my advice...check it out with others, who will hopefully give their valued opinions @ @ @ (and there are many more I could tag but I do not want to be accused of spamming...LOL) on this subject :D
 
Regards
 
 
Baldrick
Userlevel 7
I  have not actually used MBAM in conjunction with WSA YET myself...   however I have come across a number of people at work who do, as well as here on the community, and it seems to work extremely well. 
 
While many other AV's can also work with WSA, many such as Norton, as so heavy on system resources that the effort falls flat. 
 
You should be in good shape with that pairing 🙂
Userlevel 7
Badge +62
Well I have to say I also use MBAM on 3 of my PC OSs with WSA and I'm comfortable with it and never have had an issue...I'm also not trying to SPAM...simply butting in so to speak? 😉
Userlevel 7
I have and still do use WSA in combination with MBAM and it works great. I can't guarantee that it works *flawlessly*, but that is the case with all programs ever made 😉. I also use VoodooShield which is whitelisting software that only allows what I permit to execute. You realistically don't need another A/V for offline protection, even if you don't run MBAM or VS. And this is coming from someone who was once a staunch supporter of running another A/V. Even when I first started using WSA I insisted on using it in conjunction with this other A/V, but now I don't. MBAM has bad website blocking below the browser at the network level, which helps block other malware too which is why I personally run it (the Pro version) along with WSA, and, to be honest, MBAM has blocked in realtime files that are marked as Unknown/Monitor to WSA. Layered protection is ALWAYS a plus - I would never, even if it was the best, most sophisticated, guaranteed-to-undo-all-malware-changes security product in the world; use only ONE line of defense. Granted, WSA does have multiple lines of defense within it's one program (Realtime shield, Identity Shield, Journaling and Rollback of unknowns). I do agree with our good Sir Baldrick in that you really don't need all those extra apps. From my personal experience (I do not claim to be an expert), WSA and MBAM are an excellent combination and will do a good job keeping you protected 😃.

Shran
Userlevel 7
I have tried Eset AV with WSA. They work fine and do not get in the way of each other. Conflict may still arise though. It's subjective to particular system configurations. But I have found WSA to be compatible with most other AVs. The trick is to install the other AV first and then install WSA.

There is no need to be worried about WSA in offline. WSA provides strong protection even when not connected to the cloud as described by Roy and David. I would suggest to apply a setting in WSA to make it stronger when in offline. Change the Heuristics in WSA to 'Warn when any new program executes that is not specifically whitelisted.'

One of the easiest ways to battle infections from USB flash drives is to turn off AutoPlay in the computer. The second measure to take is to avoid executing any program from the USB drive. I use USB drives all the time. I mostly use it to transfer files between computers. No need to execute any programs from within the USB drives. Just open the files. And if necessary, always check that the programs are safe. The third, last and the most important protection against infection from USB drives is of course WSA itself.

I have used MBAM for a long time. It work almost perfectly with WSA. But I don't use it now. The latest version 2 is so buggy and cheaply programmed, it almost unbearable.

Layered security approach is not using tons of apps and software or following vigorous measures. It's about covering all the weak areas of a security setup as simply and smoothly as possible. And WSA does it cleverly as mentioned by CommanderShran.
Userlevel 7
Im glad that I am not the only person that noticed they newer build of MBAM aint so great. It`s very flashy but looks to have taken a nose dive performance wise.
Userlevel 7
Strange as it is working a treat and as fast as ever on my system.  In fact I think that it is an improvement on the previous version...but it is still only going to be my back up, on demand scanner.  
 
WSA rules the roost for front line protection. ;)
 
 
Baldrick
Userlevel 7
I have Trojan Remover as a on demand scanner, I have been using this for years and find it to be a reliable security software

Reply