Solved

Second Anti Virus?

  • 22 November 2013
  • 32 replies
  • 234 views

Userlevel 2
HI
I was wondering since WSA doesn't scan emails if it would be all right to add a second anti Virus,,I'm thinking Cryptlocker and other infected attachments
 
Tom
icon

Best answer by RetiredTripleHelix 19 December 2013, 00:55

View original

32 replies

Userlevel 7
It is your choice but you don't need to install another AV solution. All mail attachments and links are checked on fly by WSA when executed and if they're bad they will be blocked.
 
I use WSA alone with only Vista firewall enabled and never had malware issue.
Userlevel 3
With that there really is no need for another a/v. In fact, the simplest way to protect you from getting something through an email is to know who it is from and call them before opening to confirm that they sent it.
Userlevel 7
Badge +7
Pegas is correct and it happens in a flash.  I have at times caught glimpses of the scanner in action in Chrome/Gmail at lower left of display.  Don't worry...be happy...you have the best of the best...trust it !
Userlevel 6
I'll drink to that! Especially on a cold day like this!
Userlevel 7
Badge +56
I have 10 AV's running at the same time. 😃 Can't do much else with my system I wonder why?
 
Daniel

Userlevel 7
Badge
You are right that Webroot doesn't scan email. However, it does scan and monitor any attachments you run. Webroot's approach to antivirus is probably the best in the world when it comes to ransomware threats like Cryptolocker thanks to its journaling technology. I'll dicuss the question in a broader context.
 
More detail:
It is true Webroot does not proactively scan the content of email. In fact it doesn't scan a lot of things traditional antivirus does - that's why it's so fast. In the case of not scanning email, Webroot's approach mostly only provides less protection in the case of an attacker leveraging an exploit against your email reader. Say someone discovers a way to make Outlook run a virus when you open their email. Webroot would never stop you from opening the email and reading it, but it would kick in once the virus is launched.
 
Other modern antivirus products scan the email for signs of something not right - maybe it notices the display code is really weird or it recognizes a known attack. The antivirus would then block the email. If it doesn't notice anything wrong the virus will be launched. This is the point where Webroot's protection starts, if we were using it instead.
 
The non-Webroot approach where emails are scanned gives a performance hit and adds a troubleshooting step when something in Outlook goes wrong. It does grant more protection on the front-end since it can stop the virus from even attempting to launch in the first place, which is the best protection of all when it works. Webroot's claim is that it's detection technology and other ways of protecting the system against harm that other products can't do make up for this. It's a valid point. However, there are some who see that first line of scanning as crucial and not something they can do without. Everyone's environment and requirements are different so that is something only they can decide for themselves.
 
For most users I would say that just Webroot SecureAnywhere is fine. I wouldn't want to own a system without it since it adds methods of protection nothing else has. But if you have the money, don't care about the performance hit and want an additional layer of protection you can run a second antivirus. There are concerns about antivirus products conflicting, but improvements in Windows have made me worry about that less. In fact, SecureAnywhere's technology was originally built to compliment an existing antivirus rather than outright replacing it. The product and tech has advanced significantly since then but its original philosophy of compatible design is largely intact.
 
Keep in mind that when users of Webroot talk about running multiple antivirus products it's not because they feel they have to. It's because of Webroot's design that its users are free to add additional protection as they see fit without any real drawback. This is not something so easily chosen when you're already running a traditional antivirus suite. It's not a question of replacing Webroot's technology because it isn't good, it's about adding on top of it because you can.
 
Personally, I constantly flirt with running another antivirus alongside WSA and have tried several. I go back and forth on it. However, I have multiple other layers of protection (firewall rules, multiple anti-exploit, anti-logger, sandboxing, virtualization, browser extensions, other custom hardening, etc) that make me safer than just doubling up on antivirus so it's not as much of a concern to me security-wise.
 
Disclaimer: Discussing or debating Webroot's approach to system protection and antivirus compared to the traditional megasuite quickly gets extremely complex and into gray areas. There are simplifications and omissions regarding both sides of the debate to limit length and the scope of the post. I could write pages and pages pursuing every facet of this question.
Userlevel 7
Badge +7
Very informative.  I am corrected.  Always enjoy your posts !
Userlevel 7
@ wrote:
"You are right that Webroot doesn't scan email. However, ..........."  (Quote massively shortened)
Explanoit, 
 
WOW what a great post!  (Bookmarked)
Userlevel 7
Badge
@ @ 
:cathappy:
Thanks and you're welcome!
Userlevel 2
Very Helpful..thank you!!!
Userlevel 7
Badge
@ You're welcome ttomm46
Userlevel 2
Better yet in todays world everyone should be using web based email. Yahoo, Google and AOL all scan your emial for viruses. POP email like Outlook is a thing of the past for home users. I myself have been using Gmail for years. 
Userlevel 7
Badge +56
My ISP uses Yahoo mail and I use Outlook 2013 and you should see how much Spam attachments I get and who does Yahoo use for Protection? They should be stopped even before they get into my inbox. Also how about the enterprise users I'm sure they don't use web mail?
 
Daniel
Userlevel 2
Yahoo is a joke. AT&T uses Yahoo. Within 6 months I had 100-200 spams a day. Yes they went into spam but holy crap. 4 years with Gmail and ZERP spam,. 
Userlevel 5
Lol @ Yahoo.
 
Yahoo doesn't even use Yahoo: http://www.pcpro.co.uk/news/385597/only-25-of-yahoo-staff-eat-their-own-dog-food
Userlevel 7
Badge +56
That's sad Johan, but when your ISP only serve's up Yahoo mail well you take it or leave it as for me I take it and Outlook 2013 Spam filter picks up 80% of the Spam and the others I report to Microsoft as they add new updates to the filter every month on Patch Tuesday.
 
Daniel
Userlevel 5
Luckily I live in a country where I'm not stuck with having only one ISP option.
 
I do use Yahoo Mail (for a long time even), but only as a place to collect disposable emails.
Userlevel 7
Badge +56
I have many ISP's to choose from also but I got an all 4 in one package at a better deal and I have no issues with Yahoo mail.
 
Daniel 😉
Userlevel 2
@ Daniel..................Just cause your ISP uses Yahoo doesnt mean your force to use it. I do not use mine at all. My cousin has Comcast and doesnt use his. We both use Gmail. 
Userlevel 7
Badge +56
And I don't like Gmail I have an outlook.com one but everything is linked to my addresses in my Outlook 2013 I have 6 via my ISP of the last 10+ years. Even if I left them I can still get them via Yahoo address.
 
Daniel
Userlevel 2
Tried Outlook.com. Way too buggy. Emails taking hours to be pushed to my phone. But I also use Google Docs, Google Drive (25GB for free), and Google Calendar. 
Userlevel 7
@ explanoit, thanks for your awesome post:D
Userlevel 6
Badge +23
Hi,  would 'Microsoft Security Essentials' be OK to run with WSA Antivirus? 
Userlevel 7
Badge +56
You could but it's not very good if you have any issues that you think is malware related the first thing you should do in contact the Webroot Support Inbox as they are the one's that can deal with such things and it's free of Charge!
 
Daniel
Userlevel 2
MSE has the worst detection rates out of any antivirus on the market. Its is constantly scoring low and even failing tests. 

Reply