Today, Spysweeper checked for updates and it said an update was available, so I accepted it. BAD IDEA, because now Webroot Spysweeper INCLUDES antivirus protection (SecureAnywhere). It is not a good idea to have multiple antivirus products running on the same PC. I removed Webroot and reinstalled Spysweeper. Unfortunately the antivirus part is included. HOW do I get JUST Spysweeper Antispyware WITHOUT the antivirus protection of SecureAnywhere? (Or do I have to forget about using Webroot's Spysweeper in the future entirely?)
Best answer by KitView original
Although many antivirus programs work against each other and are not compatible, Webroot SecureAnywhere effectively works in tandem with other antivirus and antispyware programs. We understand that you liked the functionality of Spy Sweeper and we offer increased functionality with Webroot SecureAnywhere. Your support and questions are greatly appreciated! We understand that the upgrade to Webroot SecureAnywhere may be an adjustment, at first. However, we assure you that the changes in this version are in the interest of providing the highest level of security with the least intrusion possible into your computing experience. In contrast with previous versions, this new product will scan your entire PC in about two minutes* and doesn't require you to download updates.
For more details about what’s new in Webroot SecureAnywhere, please see the PDF document to see Whats New in SecureAnywhere! We also have video tutorials for Best Practices Videos. Webroot SecureAnywhere has been receiving excellent reviews.
*After the initial scan of your PC, full system scans will typically take two minutes or less.
Feel free contact us at any time, if you have additional questions or concerns.
The Webroot Support Team
We actually have discontinued Spysweeper because we have made a revolutionary antivirus product that is now cloud based and will work along side any other antivirus/firewall application out there just as Spysweeper did.
Unlike the 2011 version of Webroot AntiVirus, Webroot SecureAnywhere 2012 version does not rely on traditional antivirus definitions, is smaller, runs scans more quickly, and is designed to co-exist with other security software installed on the same system. This new program represents a revolutionary new method for protecting your information and privacy and we are very excited to offer it to our customers.
To learn more about Webroot SecureAnywhere, we recommend you view the video tutorial at the link below.
Cloud antivirus protection vs. traditional antivirus protection
Let us know if you have any questions and welcome to the community!
Tom in Dallas
SecureAnywhere is able to run alongside other security software by both its advanced heuristic detection as well as the connection with the Webroot Intelligence Network.
Because SecureAnywhere communicates with the Webroot Intelligence Network, we are aware of other good files, no matter what access they have to your machine. As I'm sure you are aware, security software requires a very high level of permission on the computer to perform its job correctly. Many times, the conflict between antivirus software occurs because of this access to the computer.
Also, with our heuristics detection, we are able to monitor the behavior of other software and deem this malicious or not. Because the behavior of other security software is not found as malicious, we will not detect another security software as a threat.
You mention that you are using some endpoint software and if this is in regards to business software, we have recently released Webroot® SecureAnywhere Endpoint Protection here: http://www.webroot.com/En_US/business-products-secureanywhere-endpoint.html
If you are managing a network, this software will return control to the user and allow you to truly have freedom over network management.
If you have any questions, just let us know.
We understand that IT managers are a "believe when I see it" type group and thats why we offer a complete 30 day trial for you to use. Even better, it can install over your existing endpoint software.
Wanna try it? Click here: http://www.webroot.com/customerSupport/trialRegistration.php?trpd=WSAB&loc=USA
I've also attached a PDF file with the comparison of Webroot SecureAnywhere Business Endpoint to other manufactures so that you can continue your research.
If detection and removal is your primary concern, you will be happy to know that Webroot SecureAnywhere received the first and only perfect malware blocking score http://www.pcmag.com/article2/0,2817,2393683,00.asp
This is not to say that there is no chance that malicious software could make its way onto a machine as no software is 100% effective. If it does occur however, we will be more than happy to assist you with the removal of this, free of charge.
We are off subject and the point is that some of us bought webroot under one consideration and now it has changes. I will go to the Symantec forums and see what they have to say about conflicts.
The bigger question is then, will other antivirus programs work properly when SecureAnywhere is installed? I can just see Webroot hoping other antivirus programs that are installed, choke when it see another antivirus program like SecureAnywhere running. Perfect opportunity to get us to blame the "other guy" and get rid of the other guy's antivirus program when it crashes!
Actually our software has been tested along side all the other antivirus companies out there and they all work perfectly with our software. We do not conflict with them and they like us, so there is no issues on either side. However this is not the case with other antivirus programs, so you could not do something like Norton and Trend Micro at the same time because they are still using features like virus definitions. Our software is the first of its kind which is why a lot of customers are going to need to get used to a program like ours. It really is as good as it sounds 😃
"Don't run two AV programs at the same time." is specifically due to the fact that normally an AV program has to be hyper-aggressive. Scan everything in a blocking manner, scan disk access, interdict access, and several other aspects that cannot work well together. In non-tech speak, the best description is two cartoon cops bonking heads trying to apprehend the criminal. Let's get down to the tech parts of it though...
Antispyware software is non-aggressive or subservient to Antivirus software. While it will try to lock and interdict if allowed, it will not attempt to bypass locks or interdictions. Blocking scans may still occur, but have a VERY tight timeout if they do, otherwise scans are non-blocking. Even with patern-based scans, the substantially-smaller pattern set takes much less to compare against, and the patterns are made in such a way as to be lighter on CPU resources than Antivirus products.
The Bad of two AV products...
Let's just call them AV1 and AV2. First you start with blocking on-access scanning (this is a type of interdiction).
When there is an attempt to access the file, either one allone will block that process for the time it takes to scan the file against its pattern or definition set. This is -usually- a trivial amount of time in human terms, for example, 60ms. It's a relatively long amount of time in computer terms. Of course, if it wants to scan and it gets blocked itself, it becomes more aggressive because it assumes that something is wrong.
When you have two AV products trying to do an on-access scan at the same time, one will block the original requesting process, then start its own request, at which point it will be blocked by the second one. The second one will try to do its scan first, while the first one gets upset about being blocked, so tries to break that block, which slows down or interferes with the second one. The end result is horrible system performance for simple file I/O and possibly very bad conflicts.
Scanning + Realtime Blocking Scanning
So then you start a scan with one of them. The other promptly determines that the file it is scanning is being accessed, so it scans it, in a blocking manner, then lets the first one scan it as part of the normal scan process. This means that every file either one scans is being scanned by both of them at the same time. One via on-access and one via the scan.
Interdiction, Lockout, and Remediation
Then you get an infection. Both of them see it, of course. So both of them demand to remove it. They both try to lock the file and prevent anything else at all from touching it. They both try to take it, copy the data into the appropriate quarantine, and then remove whatever necessary traces they need to, from the files, to folders, to registry entries. When you have two of them doing this at the same time, it gets ugly. When removing an infection, they don't want ANYTHING else touching it, but they -HAVE- to touch it and remove it. So they literally battle for access, both trying to block each other and access the file. Depending on their aggression levels, they may try to terminate each other due to the interference. It's... Not good to say the least.
So why does Antispyware and Antivirus not have this issue?
Antispyware is submissive. If it is locked out, it will not try to break that lock. If its lock is broken, it won't try to force it back or take retribution against the process that broke the lock. The scan and realtime scan both happening will always be the same thing, but without locking the files for scanning or trying to break locks, the impact is substantially lower.
SecureAnywhere literally takes the whole Antivirus concept and turns it on its head. In non-tech terms, it goes from being the knight in platemail trudging along and taking blows and swinging a huge sword to being a ninja assassin, sneaking around, using the enemy's energy against it, and staying out of sight. But enough about fantasy PR-type speak.
SecureAnywhere is able to be an effective security platform without needing to be aggressive. Development very specifically works to overcome any compatibiltiy issues with other antimalware platforms. That's something that no other antivirus program can say. If you look at it from an industry viewpoint, they really don't want to. Since no protection is 100%, there will always be something they miss. If another product on the same machine catches it, they "look bad" to the average person. So if they are all running, whoever catches it first "wins" and nobody realizes that next week the other will catch something the previous "winner" didn't.
SecureAnywhere knows what other antivirus programs are. It is aware of what they do, and it tracks what they do. It does not block with on-access scanning, nor does it try to break the lockouts. It has one specific feature that they don't have: It knows who the good guys are.
The other AV programs need to lock down and rip out and prevent all other interference because they only have a list of what is bad. Everything else is unknown. So even if it's potentially good, they need to block it in case it might be bad and trying to kill them or prevent them from cleaning your system.
SecureAnywhere tracks Good, Bad, and Unknown. If it sees a threat on the system, it will try to lock it. If the SEP process then tries to break the lock because it also sees the threat and wants to handle it, SecureAnywhere is informed enough to recognize the SEP process as a Good process and allows it to do so, while also covering its back if it knows more about the threat than Symantec does.
"Knowing more about the threat?" SecureAnywhere journals what unknown processes do. If the process drops random registry entries, random polymorphic files, and other such things before it's removed by SEP, SEP has no way of catching its droppings. SecureAnywhere can. So while is allows SEPto handle the main problem (which it would handle effectively on its own if SEP were not present), it cleans up everything else that SEP is unaware of.
AntiSpyware can be alongside AntiVirus because it is submissive. Traditional Antivirus cannot be submissive because it only knows "Bad" or "Unknown", so when handling a threat, it has to treat all unknowns that try to interfere as potentially bad and take action against them. Therefore, AntiSpyware cannot play an AntiVirus role in the traditional sense.
SecureAnywhere is as submissive as AntiSpyware in the sense of not locking, and not conflicting. However it is as aggressive as AntiVirus when it needs to be because it has the information it needs to decide that another Antivirus is a good process. So we literally put a full-capabiltiy Antivirus system into a package that reacts with other Antivirus like it was Antispyware just because it is aware of the other Antivirus.
Finally, if all else fails, look at it from a this standpoint:
If you ask Symantec directly about SecureAnywhere, they will say "No, you cannot run that! Us only, no matter what! If you don't like this, don't useus, because if you have them, we won't support you."
If you ask us directly about SEP, we will say "Yes, you absolutely can run that as well if you like. We think you will like us better and will decide you don't need them, but we will not take your freedom of choice away from you. If you encounter a problem with the combination, we will help work around it and develop around it so that you may continue to use both, and we will support you fully with both."
Am I saying that Symantec is a despotic, controlling jerk? Maaaaybe. ;) But we have won millions over with our honey, our speed, our efficiency, our effectiveness, and our support.
When it gets to the point where I personally can say that I have gone onto our back-end system, do a search, and find 5,000 systems infected with unique copies of a polymorphic threat that released into the wild twenty minutes ago and -NOBODY- detects, not even SecureAnywhere... then made a change on our end to determine not only those individual items, but also the entire family of infection, thus catching the next 97,000 that come out in the following two days... Well, that's why I work for this company now. The technology is amazing, the system is amazing, and I can put 17 years of security industry experience behind that statement. Even better, I installed our Enterprise Endpoint on my parents' computer in Oregon (I'm in Colorado). When they got an infection that was brand new (again, nothing at all detected it), I was able to remove it remotely via the SecureAnywere web console rather than having to use ComboFix or any other big group of stuff, which is both a pain in the tail and also historically has a good chance of nuking the system (ever wondered why they insist you install the recovery console?).
So really, when we are saying "Try it, you can use it with other things", we really do mean it. We mean that we are offering the same compatibility that SpySweeper had, plus much more capability and flexibility, and full support just as if you were using SpySweeper with McAffee instead of SecureAnywhere with McAfee. Plus a heck of a lot more, honestly.
For example, it also comes down to whether you know the answer to "Why does SpySweeper work with SEP?" After all, they both use definitions and patterns to detect stuff, and they can even detect many of the same things. So if SpySweeper was given the definition information for detecting more stuff that SEP detects, would it suddenly stop working because it can find more? Not at all, since the ability to coexist is in the way it's built for the most part. But the main AntiSpyware thing, to avoid system slowdown, is the simplicity of the scanning engine and lower number of definitions
I can really only give a general semi-tech overview because I cannot read minds and know all of your potential questions or concerns. This addresses "Antispyware vs Antivirus" and "Two AntiVirus products".
You're also concerned about efficacy. I'll be honest, given the new detection and remediation scheme, in official tests, we missed "remnants". That is, "SecureAnywhere didn't remove log files created by this threat that are text and not a threat, but we count that against them. Oh, and they didn't detect these broken downloads that the virus got that are not able to actually RUN or do anything, but the virus tried to download them so must be bad."
You point out that you don't want to call for support when working with 10,000 machines. Understandable. Especially since waiting for MEP support can be a bit of time. My response to that is simple: Without even going to the machine, a minimally-knowledgable person can see exactly what is on it, . If SEP misses something (go ahead and tell me it never has), you run ComboFix. If SecureAnywhere misses something, you look at the handful of unknown items on the machine, from the central console, say "huh, that's not one of ours.", mark it bad, and it's taken care of. Taken care of to the point where everything it did and everything that caused it is corrected as well. Not sure about it? We answer the Enterprise lines very fast, have 24/7 threat research who are able to make a central determination simply based on knowing what machine(s) is/are having the problem and the issue is taken care of in a few minutes. SecureAnywhere also provides advanced cleanup tools for manual correction that allows for a more surgical approach than the broad-spectrum-antibiotics-but-hope-it-doesn't-kill-the-patient approach ComboFix takes (Sometime take a look at what's inside ComboFix. ;) It's a great program, but scary really).
If you have specific questions that I have not addressed, please feel free to ask. Feel free to get the free SME trial. It's 100% fully featured, supported, and set, doesn't require payment credentials, and the worst that'll happen is you get a followup email from us afterward. Test it with SEP. See what happens or doesn't happen. Check our enterprise support team out. Don't take anybody's word for it. Get your own knowledge and be free of any FUD at all.
"The bigger question is then, will other antivirus programs work properly when SecureAnywhere is installed? I can just see Webroot hoping other antivirus programs that are installed, choke when it see another antivirus program like SecureAnywhere running. Perfect opportunity to get us to blame the "other guy" and get rid of the other guy's antivirus program when it crashes!"
Perhaps see my comparison above. If you look at it from a business standpoint, it's in their interest to choke when we're installed. Then it's just a matter of convincing the user it's our fault and use them alone. After all, many people don't understand layered security and have the mistaken thought that if we catch something RandomAV doesn't, then they will blame RandomAV for it and get rid of them. Bad idea, since it also work the other way around, and they can ctach stuff we won't. It's the security versus usability tradeoff of course. Similar efficacy, different sets missed, but size and cost differences that are dramatic.
So, then, also... "RandomAV and Webroot SecureAnywhere work together. Then RAV gets an update and stops working, and they blame WSA. WSA changes to allow RAV's new thing to work again. Then RAV gets another new thing and stops working again." Yes, obviously WSA's fault, it was our plan all along. (A bit of sarcasm there. 😉 )
If they really don't work, but we do, and when you mix multiple AV's, usually BOTH of them don't work, who is actually having the problem? We give you choice. They try to give you no choice. And honestly, we'd rather have them work. We literally develop constantly to fix any issues that crop up with compatibility. We're more interested in having your computer be protected and giving you, the user, a choice, than in holding the top of the hill, so to speak. We -KNOW- for a fact that we detect things they don't, so we provide a substantial benefit. That doesn't mean they won't end up detecting some things we don't, but we tend to keep that side of the overlap gap narrow and provide top notch manual capability and support for -when- something gets by (not if... there is no if in those cases with anything, as all highly-skilled technicians know).
Anyway, if they broke just because we're there, couldn't a virus do the same thing we do to break them and gt by them? ;)
It does. Even though Complete has a firewall (which should ring alarms for most people about having two firewalls), the firewall is specifically made as a Firewall Extender. It works alongside any other firewall, the Windows Firewall included, to provide intelligent egress filtering. Since the Windows firewall finally got mature enough to properly deal with inbound filtering and fully stealth the system as neeeded, this ended up beeing a good solution. Especially since choice of firewall is so important to many people.
In more technical terms, the driver is monolithic and loads as an extremely early kernel boot driver. It is specifically designed to be aware of other firewall systems and aware of their modifications, yet still know about malicious locations so it can cut off locally-established network traffic in a few ticks if necessary.
On the lines of what you were upgraded to, automatic upgrades should be bringing you to SecureAnywhere Anttivirus. If it did bring you to complete, more reasearch with us might be a good idea, because none of the automatic upgrades should do that.
You can tell what it is upgraded to by the banner at the top.
SecureAnywhere -> Antivirus
SecureAnywhere Essentials -> Essentials
SecureAnywhere Complete -> Complete
Also, the number of option pages at the left helps indicate. AV has only three, while Essentials and Complete have Five.
Anytime you have any questions, or if you encounter any concerns or issues, please let us know. We're definitely aware that not only is the product new, but the entire concept behind it is a complete revisement of almost everything everybody knows about how security works for the past decade. But honestly, it's time for a change. While our Focus Group commercial on YouTube is silly, it's sadly also very true to a lot of people.
Does plain old SecureAnywhere have a "Clean my PC" option? That option started on it's own and wanted me to confirm the purging of temp files, cookies, cache, etc from IE and Firefox, along with other files I don't remember.
The SecureAnywhere program appeared AFTER Spy Sweeper did a second update. Spy Sweeper downloaded the file wsainstall.exe . I executed that file and now I have SecureAnywhere (nothing appended to it) in my Start Menu. It is NOT showing up in my system tray. I also still have Spy Sweeper's "Webroot AntiVirus with Spy Sweeper", which IS in my system tray. Under another topic, someone said I should remove Spy Sweeper, but I question, if Spy Sweeper did the update and installed SecureAnywhere, why didn't the update remove Spy Sweeper 2011?
If you've already made one, please PM me your email address so I know which ticket to look for. (Click my name and click "send this user a private message" on the right side of the page.)
Webroot Technical Support
Let me ask a couple of slightly different questions of the gurus here:
1) What happens if I continue to use SpySweeper without upgrading to SecureAnywhere (i.e., ignoring the upgrade notifications)?
2) How can I stop the upgrade notifications without disabling automatic checking for security definitions?
It's never too late to ask us a question or two! (wow! to, too and two in the same sentence!)
1) If you continue to use SpySweeper without upgrading you will eventually reach "End of Support" "End-of-Support" means the date on which Webroot stopped, or will stop, providing technical support for the applicable Webroot product.
You can learn more about our plans for SpySweeper and other software here: http://www5.nohold.net/Webroot/Loginr.aspx?pid=12&login=1&app=vw&solutionid=919
2) Currently, there is not a way to disable the prompts that I am aware of. SecureAnywhere is truly an amazing product and will upgrade your security immensely. Not to mention, it will run much smoother than SpySweeper or other older versions of Webroot software.
Let us know if you have any questions!
*edit to update link - admin
One more question, if you don't mind:
3) After upgrading to WSA, short of reverting to an earlier state of my system via an image backup application, is there an easy way to retrograde to Spy Sweeper?
Even performing a system restore or reverting to a previous image may not restore complete functionality to SpySweeper and is not recommended, at all.
If you are having a technical problem we would be more than happy to resolve the issue. If however you are a tad apprehensive about the upgrade, why? We really really like SecureAnywhere and know you will too after using it!
Thanks, again, for your fast and direct answers to my questions.
I'm more than a tad apprehensive when it comes to upgrading key components of my system, not the least of which would be security applications. Please consider the gravity of your comment:
Even performing a system restore or reverting to a previous image may not restore complete functionality to SpySweeper and is not recommended, at all.
You are recommending an upgrade procedure which cannot be reversed, according to you, under virtually any circumstance -- even an entire image restore! Your argument for my taking such a draconian step is, in effect, "trust me." You seem like a trustworthy guy, ready and willing to help, but surely you can appreciate my incertitude in the face of potentially crippling downsides -- imagined as they might be.
Suddenly, putting up with SpySweeper's daily upgrade reminder until the product's end of life seems like a minor annoyance, akin to having to kill SpySweeperUI.exe manually via the Task Manager when not needed.