Solved

WSA Complete For The Family?

  • 4 February 2012
  • 30 replies
  • 151 views

Userlevel 6
Just a question and I think I know the answer...my wife and both sons (college age) have internet security programs that are about to expire. I am considering WSA Complete...they basically need  "set up and forget protection". They all have MBAM-Pro (real time) and I would think that combination would be enough. The wife does some banking on line, not a lot. Since I have only been using WSA Complete 2 days, and like what I see, just considering the move. Thanks in advance for any input.
icon

Best answer by HowardR 27 February 2012, 23:46

View original

30 replies

Userlevel 7
We don't block or restrict access to the registry.  If every unknown file was blocked access to the registry, not much could get done, especially since every file starts out as unknown first.  Blocking, or "Protecting" the registry in the way those outdated and old-theory tests expect, just breaks things. 
 
Instead of blocking access, SecureAnywhere monitors access and changes and journals them.  If the unknown item is determined to be malicious, all the changes it made are rolled back verbatim.
 
I think the main thing to remember as well:
Those tests really exist for one purpose.  They exist to say "Look at how great our product is!" for the company that made the test.  The comapny can claim that the tests use "real attacks", but how does a user, know this?  Have they seen a threat use those specific attacks? I assure you that if we come out with a special testing tool like other security companies have, it will go around them very effectively and claim we are perfect, so no worries there. ;)
 
Webroot is a security company, so I hope we have a general idea about what things threats are and can do, as well as the feasibility of such. ;)
 
Take the background window protection, for example:  A threat is going to want to get the data it wants (steal your stuff) without getting a lot of junk.  It can take a screenshot when it knows that something important is highly likely to be on the screen, such as when your browser is the foreground window and you are on https, or it can just take a picture, say, every minute.  1440 minutes a day, 10,000 machines infected... so who is going to go through those 14 million screenshots every day to see if some are useful to a thief?
 
We really are working to take the old concept of security and turn it on its ear.  Stop wasting computer resources and your time doing unnecessary things and do things in a different way that in the long run has the best balance for security versus inconvenience and cost. 
 
Anyway, that's enough from me here.  I've worked in compuer security industry since years before Webroot was even a tiny company in a garage.  Knowing as much about it as I do, I'm perfectly comfortable using SecureAnywhere (eat your own dog food, amirite?) and very happy with the results and capabilities.
Userlevel 7
Badge +56
Thank you sir! And I work for free as I like helping others that's why I joined ASAP! But donations are welcomed!  :D
 
Best Regards,
 
Daniel
Userlevel 7
Badge +56
You don't need SpyShelter with WSA-E or WSA-C as they already have Identity Shield and is much better than SpyShelter but you can use it with WSA Anti-Virus as it does not have Identity Shield.
 
TH   😃
Userlevel 7
Badge +56
@ wrote:
http://s1.bild.me/bilder/060112/8548141Przechwytywanie.jpgLike you see, I have: HTTPS site and padlock on the Tray Icon 
Like I said the Test can't be in the foreground as you have, it has to behind the Browser window to pass! But then you wouldn't be able to press the Button on the test! Also like I said that these Tests tools don't show the true effectiveness of WSA Identity Shield! Also if you have the test as you have it a go a press the Test Button then the Lock will disappear have a look again!
 
TH
Userlevel 7
Badge +56
I tried my best to explain to you how it works and that WSA passes the Test! I will let one of the Webroot Staff look after you from here in!
 
TH
Userlevel 4
Hi asg,
 
I wanted to provide you with some more information that will hopefully help you to understand what specifically is being tested for and how.
 
The first test shown in the screenshots is SpyShelter's screenshot test.  As TripleHelix has pointed out the reason that WSA fails this test is due to the fact that in order to execute the test (ie clicking on the Test1a button) the protected browser will by default be in the background, it is not the active window.  If the browser is not the active window the Identity Shield does not (cannot) protect it for a number of reasons.  First it is infeasible for the Identity Shield to detect the position of the browser in the background.  Is it minimized?  Is it on a second screen, open but not active?  Is it partially obscured?  All of these things would be difficult if not impossible to detect.  Secondly screen-grabbers are designed to only try to screen-grab when the browser (or another program that could potentially be displaying sensitive information) are the active window.  If they were designed to randomly, or systematically take screen shots of the system when those programs are running but not necessarily in the foreground the malware programmer would have a mountain of screen shots to parse for any potentially useful information.  This is very impractical and as a result malware in the wild simply does not try to pull information from browsers that are not active.  If you were to run a screenshot test where the screenshots are taken with the browser active (Zemana's test is much more realistic for this reason) you would find that the Identity Shield blocked the screen-grab and therefore passed the test.
 
The second test shown is the clipboard test.  In this test it does not matter whether or not the browser is the active window when the test is initiated because it doesn't really start until text is entered and then copied.  The Identity Shield is not designed to pass this test because it is not intended to protect the clipboard.  The information that was entered is not pulled by the test until you copy it (if it was pulled before the text was copied the program would fail the keylogging test which it does not).  Once you have copied the text it has left the protected browser and is entered into a application that is not being protected by the shield (clipboard) which is where it is pulled from.  If you frequently copy and paste passwords and other sensitive information like credit cards we suggest the use of our password management feature which enters the sensitive information without copying and pasting it, thus defeating this type of attack.
I hope this information explains things a little better. Let me know if you have any further questions.
 
Thanks,
 
Howard
 
Userlevel 7
WSA  Essentials and MBAM Pro are a great combo. I'm using it now on one of my computers. Complete & MBAM Pro = Excellent Combo.
Userlevel 7
Hi bobsimport, welcome to the Webroot Forum,
I've ran the old Webroot software for a long time. Still have the first software box and CD "Spy Sweeper 2" from 2004. I remember all those cookies that Webroot use to find. The new WSA does not have that. You may want to read:
http://community.webroot.com/t5/Webroot-SecureAnywhere/Why-doesn-t-SecureAnywhere-find-cookies-anymore-like-the/ta-p/380
 
If you want to remove cookies try CCleaner or SAS (free).
What is MBAM Pro?  What does this stand for?  Just curious..  Thanks. 
Userlevel 7
Badge +56
Hi 5201man,
 
MBAM is short for Malwarebytes Anti-Malware http://www.malwarebytes.org/ a very good product to run with WSA as a Layered approach if you feel you need to as MBAM is a 1 time purchase! They also have a free version and you can do On-Demand scans weekly!
 
Cheers,
 
TH
Userlevel 7
Badge +7
@ wrote:
Hi bobsimport, welcome to the Webroot Forum,
I've ran the old Webroot software for a long time. Still have the first software box and CD "Spy Sweeper 2" from 2004. I remember all those cookies that Webroot use to find. The new WSA does not have that. You may want to read:
http://community.webroot.com/t5/Webroot-SecureAnywhere/Why-doesn-t-SecureAnywhere-find-cookies-anymore-like-the/ta-p/380
 
If you want to remove cookies try CCleaner or SAS (free).
Great information ProTruckDriver! 
 
In addition Internet Explorer cookies can also be removed using SecureAnywhere Complete's system cleaner function.  Click here to learn how!
 
Sophia
Userlevel 7
Badge +56
Yes I'm sure as I did some of my own testing here: http://www.wilderssecurity.com/showthread.php?t=318059
 
TH
Userlevel 7
Badge +56
If you read it carefully they both passed you have to understand how the test tools actually works that's all!
 
TH
Userlevel 7
Badge +56
The test has to run in the background and you have to be on a HTTPS site like https://www.paypal.com/  and have the padlock on the Tray Icon for it to work properly! If you don't understand maybe one of the Webroot team members here can explain better!
 
HTH,
 
TH
Userlevel 4
Thanks for your help TH.
 
Hi,
 
This is Howard R from Webroot responding back here.  I wanted to let you know that I have someone checking into the issue you are having and I will reply back to this thread as soon as I have some more information.
 
Thanks,
 
Howard
Userlevel 6
Thanks Pro TruckDriver...that's what I'm using and I would think that would be adequate without any other layers....looks like Webroot can handle the load! 
I've been using WSA complete since it automatically upgraded from the previous Webroot Internet Security Complete program a few months ago. I've had a couple issues that were resolved, but I've noticed that the new program almost always never detects any type of malware, and the old program always detected and removed several items on almost every scan. It just seems to me that there must be some sort of spyware or cookies or something to remove? Other than that the program requires very minimal input and runs trouble free
Userlevel 7
Badge +56
I agree with ProTruckDriver as to cookies, cookies are harmless and if you need to clean them out you can use the tools he suggested!
 
TH
Thanks for the update...I appreciate it...
Userlevel 6
It's a nice security package that you can keep from now on. The Pro version is just the real time version...updates and protects automatically   (not expensive) and the free version is good as well...just manually update and scan. 
Userlevel 6
TH...you are the hardest working guy I have seen in a long time...you are covering so many forums with information! I'll bet that explains the "$-big bucks-$"! Keep up the good work!:D
Userlevel 3
@ wrote:
... The wife does some banking on line...
I suggest SpyShelter (free or paid) http://www.spyshelter.com/ - its anti keylogger
and HitmanPro (only paid) http://www.surfright.nl/en/home/ - its scanner on demand (like MBAM) You can setup that "run on startup"?
 
Userlevel 3
@ wrote:
You don't need SpyShelter with WSA-E or WSA-C as they already have Identity Shield and is much better than SpyShelter ...
Its a great news, but are you sure?
Try this:
http://www.spyshelter.com/download/AntiTest.exe
My WSAC (8.0.1.95) not passed this test tool
Userlevel 3
Zemana Test - passed
SpyShelter AntiTest - fail :(
(Win7 prof 64 bit)
Userlevel 3
I wrote you on PM: on your PC - tests passed, on my PC - only Zemana. I don't know why.

Reply