New Update Webroot Releases New Product With a New UI

[Trident]

It finally happens, on this forum we will discuss Webroot.

Webroot is on the path of releasing a new product called Total Protection globally from what it looks like, or at least in major regions.

There is a simpler product called Webroot Essentials. The old portfolio will be phased out.

• Virus Protection: Allows you to scan your device for malware. You can adjust the settings and scheduling of scans. For more details, please see the Helpful Links section at the bottom of this article.
• VPN: On Windows, the Webroot Secure VPN will be installed automatically. On Mac, you will directed to your online account to download the VPN app.
• Performance: Only available on Windows. Allows you to check your device's overall performance. You can adjust the settings and scheduling of performance scans. For more details, please see the Helpful Links section at the bottom of this article.
• Vulnerability: Only available on Windows. Allows you to check for outdated applications that may create a vulnerability for your system. You can adjust the settings and scheduling of performance scans. For more details, please see the Helpful Links section at the bottom of this article.

1. The toolbar provides access to several sub-menus.
   • Overview: Lists the overview panel and scanning options.
   • Settings:
     • Scanner:
       • Realtime Shield toggle: This allows you to disable the Realtime Shield. We do not recommend disabling the shield without direction from Webroot Support.
       • Web Threat Shield: This allows you to disable the Realtime Shield. We do not recommend disabling the shield without direction from Webroot Support.
       • Scan Options: This controls the level of scan protection; it is set to Recommended by default. Custom allows you to define if Webroot can automatically remove threats or only report their detection.
     • Allow/Block Files: Allows you to add files excluded from Webroot scans.
     • Web Threat Shield:
       • Webroot Malware Scanner: Toggles if the Web Threat Shield is enabled or disabled; it is enabled by default.
         • Manage Exclusions: Similar to the Allow/Block Files tab, you can set sites excluded from being blocked by the Web Threat Shield.
       • Windows Firewall Zones: Toggles allow Webroot to monitor the different network types Windows supports. We recommend all zones to be enabled.
   • Reports: Provides reports for threats found by On-Demand and Realtime scans, and threats found on the site you have visited.
   • Quarantine: Threats removed by Webroot will be listed. We do not recommend deleting quarantined files.
   • Schedule:
     • Scheduled Scan: Provides settings to define when a Fullscan will occur.
       • Run the scheduled scan: This allows you to set whether the Full scan progress window is visible or hidden.
     • Summary Report: Provides settings to define when an automated report is generated for you.
2. The overview panel indicates the status of your device and if a "Full scan" has been completed.
3. Options for the different types of scans you can perform.
   • Quick Scan: Scans system files, files loaded into memory, queued to load into memory, may load into memory, and any actively running on your system.
   • System Scan: Scans system files only.
   • Full Scan: Scan all files on your system. Depending on the amount of hard drive space and how much of it has been used, the scan can take over an hour to complete.
   • Custom Scan: This allows you to scan specific folders and files.

1. The toolbar provides access to several sub-menus.
   • Overview: Lists the overview panel and the On-Demand Scan button.
   • Settings: Provides an option to adjust the scan level for the Performance scan; it is set to Recommended by default.
   • Reports: Provides a report of performance issues reported by a Tune-up scan and how many issues were addressed by a Tune-up.
   • Schedule: Provides settings to define when a Performance scan will occur.
2. The overview panel indicates the status of your device and if a "Performance scan" has been completed.
3. The Scanbutton allows you to initiate an On-Demand Performance scan.
   • The speed, stability, and performance of your system are measured during the scan.
   • The number of performance issues will be listed at the end of the scan for you to review.
   • Clicking the Tune-up button will instruct Webroot to address the found issues. If you did not click the Tune-up button, running the scan will provide the option again.

1. The toolbar provides access to several sub-menus.
   • Overview: Lists the overview panel and scanning options.
   • Settings: Allows you to determine if a preview of outdated applications before Webroot performs any fixes; this is enabled by default.
   • Reports: Provides a report of vulnerable apps and fixed apps.
   • Schedule: Provides settings to define when a Vulnerability scan will occur.
2. The overview panel indicates the status of your device and if a "Vulnerability scan" has been completed.
3. Scan: Run an On-Demand scan to check if outdated applications are installed on your system.
4. View Support Apps: Provides a list of supported apps. Apps not listed are not scanned for vulnerabilities due to being outdated.

Webroot total protection appears to drop their firewall in favour of Windows Firewall, revamps notification by using Windows standard toaster popups and drops majority of settings in favour of a solution that is easier to configure.

While Webroot still includes the equivalent of System Optimizer, System Analyzer is no longer present. If you’re a longtime Webroot user, you may notice the absence of some other features. Or you may not, as the dropped features were mostly aimed at users with tech expertise way beyond the norm.

The Utilities page used to let you manually fix some problems that might be left over after malware cleanup. You could restore the screen saver, set system policies to default, or boot into Safe Mode. The Utilities page also offered the option to manually remove a program and its traces or run a removal script. These items are gone, and they won’t be missed by most.

A live list of active processes gave insight into which ones were trusted and which were still on probation, monitored pending completion of Webroot’s in-cloud analysis. You could even manually move a file from monitored status to fully blocked, forcing Webroot to roll back the program’s activities. That ability was useful for me in testing, but the average user would never do it. Likewise, the sandbox system, which would let you run a suspicious app safely, has departed.

Webroot’s firewall relies on Windows to defend against outside attacks, limiting its activity to ensuring local programs don’t abuse their network connection. It was wholly invisible unless you dug in and changed settings, which virtually no users would do. The firewall no longer appears as a separate component.

The Secure Erase component could wipe out sensitive files beyond the possibility of recovery, even with forensic software or hardware. It wasn’t fully enabled out of the box, though, and few users really need this industrial-spy level of protection. Secure Erase is gone.

 

[stonjean633]

Seems Webroot heard all the jokes about them here in MWT. It' about time. It's been more than a decade old GUI.

 

[Trident]

Well folks, I was really excited that maybe something is happening... maybe they are improving.

There are no patents as of 2023, OpenText seems to be receiving many, not related to Webroot in any way. I can't seem to find proper documentation/release notes, Webroot has not updated their website to accommodate the new portfolio. I don't think there is anything new protection-wise.

It's the same old, just redressed.

 

[Behold Eck]

Is there any zero day protection via HIPS/ BB or is this just a gui make over?

Regards Eck

 

[Trident]

Is there any zero day protection via HIPS/ BB or is this just a gui make over?

Regards Eck

Behavioural Blocking has always been there, but on my tests, I waited and waited (as some people suggest), I never saw it blocking anything...
HIPS, they seem to be moving to an even more automated approach, no chance.
The settings which processes to monitor are all gone... I would assume now by default and always, it monitors just the untrusted processes... more alarmingly (seems like), the ability to block untrusted applications from running (which was their biggest power) is also gone...

Webroot is also probably the only AV right now that doesn't offer system-wide web blocking... it's available in their business Endpoint Protection and off by default.

 

[ForgottenSeer 114717]

It finally happens, on this forum we will discuss Webroot.

Webroot is on the path of releasing a new product called Total Protection globally from what it looks like, or at least in major regions.

There is a simpler product called Webroot Essentials. The old portfolio will be phased out.

Well that is a surprise. Really. Webroot was frozen in time.

 

[Trident]

Well that is a surprise. Really. Webroot was frozen in time.

They mentioned years ago working on a new UI, so that UI must've been created by writing 10 lines of HTML/CSS/JS daily. There is a Network Scanner Service, correct me if I am wrong, but I think it wasn't there before? Should be related to the streaming malware detection? You are a bit better acquainted with them than me.
It still blocks websites solely through the extension so it doesn't block malware's C2 communications.

The Webroot WRYES service appears to have disappeared, perhaps the Yara rules matching now is merged with the main service...?

from the web:

 

[annaegorov]

Well folks, I was really excited that maybe something is happening... maybe they are improving.

There are no patents as of 2023, OpenText seems to be receiving many, not related to Webroot in any way. I can't seem to find proper documentation/release notes, Webroot has not updated their website to accommodate the new portfolio. I don't think there is anything new protection-wise.

It's the same old, just redressed.

Oh man Please don't go the way of Comodo...

I saw that new UI and I was like "Dang that looks nice, clean, and simple"

 

[Shadowra]

Yes it will be tested by me

 

[annaegorov]

For what it is worth, here is what Google says:

Webroot released its new consumer security product, Total Protection, globally on February 5, 2025. The suite provides comprehensive, multi-layered digital security and replaces the previous top-tier offering, SecureAnywhere Complete.
Key features of Total Protection
This all-in-one suite is designed to safeguard individuals and families with a wide array of security tools.

• Device security: Protects PCs, Macs, smartphones, and Chromebooks against threats like viruses, malware, phishing, and ransomware.
• Identity protection: Monitors for identity fraud, including dark web monitoring and up to $1 million in fraud expense reimbursement. The identity protection service is provided through a partnership with Allstate.
• Secure VPN: Creates an encrypted connection to ensure privacy when using public Wi-Fi.
• Unlimited cloud backup: Safely stores and protects critical files and personal data for one PC or Mac.
• Parental controls: Allows parents to manage content access and screen time for children.
• New user interface: Features a simpler, updated design compared to older Webroot products.

Product tiers and pricing
Total Protection is available in individual and family subscription plans.

• Total Protection (Individual): Covers up to five devices and one identity.
• Total Protection Family: Covers up to ten devices and ten identities.

 

[piquiteco]

There are no patents as of 2023, OpenText seems to be receiving many, not related to Webroot in any way. I can't seem to find proper documentation/release notes, Webroot has not updated their website to accommodate the new portfolio. I don't think there is anything new protection-wise.

Although Webroot is not a very effective AV, its web protection, such as phishing detection, is reasonably good. Why is that, @Trident? Could it be that they receive feeds from other AVs?

 

[ForgottenSeer 114717]

There is a Network Scanner Service, correct me if I am wrong, but I think it wasn't there before? Should be related to the streaming malware detection? You are a bit better acquainted with them than me.

View attachment 290465

Seems new to me although I've not touched Webroot in probably 10 years.

 

[Trident]

Although Webroot is not a very effective AV, its web protection, such as phishing detection, is reasonably good. Why is that, @Trident? Could it be that they receive feeds from other AVs?

Real time analysis is the key... they don't just rely on blacklists.

Seems new to me although I've not touched Webroot in probably 10 years.

It carries the new icon, whilst the main process is the old icon so yeah, seems new but not sure what it scans exactly....

Webroot BrightCloud® Streaming Malware Detection inspects files, packet by packet, as they stream through a network device. Making determinations about polymorphic malware, zero-day and other malicious files, this service can detect malware before it infiltrates a network, enabling partner devices to block the files or route for further investigation.

I could only attribute it to this...

 

[ForgottenSeer 114717]

TripleHelix and Baldrick did un-told decades of damage to the Webroot brand on its community forum and other forums like Wilders. Those two did more to alienate users than anything else.

They, and a few others, were just straight-up thugs. A mob of thugs that were closed to any criticism or negative commentary. I remember that Webroot had firewall notifications. Then it removed that feature but yet kept advertising that it had them. When I accused Webroot of false advertising one would have thought I was The Devil.

Ultimately, the Webroot legal team agreed with me and the feature was resurrected.

 

[Trident]

TripleHelix and Baldrick did un-told decades of damage to the Webroot brand on its community forum and other forums like Wilders. Those two did more to alienate users than anything else.

They, and a few others, were just straight-up thugs. A mob of thugs that were closed to any criticism or negative commentary. I remember that Webroot had firewall notifications. Then it removed that feature but yet kept advertising that it had them. When I accused Webroot of false advertising one would have thought I was The Devil.

Ultimately, the Webroot legal team agreed with me and the feature was resurrected.

I got banned out of their forum because I said they need new UI as the old one resembles TuneUp Utilities 2010. This sort of gradient circles and checkmarks designed on CorelDraw were modern 15 years ago. Next day, my account was deleted.

TripleHelix and Baldrick, are these people in any way related to Webroot or just fans?

 

[ForgottenSeer 114717]

I got banned out of their forum because I said they need new UI as the old one resembles TuneUp Utilities 2010. This sort of gradient circles and checkmarks designed on CorelDraw were modern 15 years ago. Next day, my account was deleted.

Fits the Webroot Community pattern. Very much like the Comodo forum. Zero tolerance for anything other than "positive, non-critical" comments policy.

TripleHelix and Baldrick, are these people in any way related to Webroot or just fans?

They were the biggest Webroot Community participants and "defenders" of all things Webroot. Where TripleHelix went, Baldrick followed. They are probably still over at Wilders in the Webroot threads there. TripleHelix certainly. Baldrick not so sure.

TripleHelix was such a huge fanbois that he was invited to Webroot HQ.

Eventually, a number of years back. someone at Webroot decided to ban TripleHelix because of his behaviors.

That shite was crazy. Webroot Community forum was way worse than the Comodo forum.

 

[Trident]

I researched online, this seems to be the guy.
Their non-critical comment policy explains the state of the product. They named a conference room after him.

 

[oldschool]

TripleHelix certainly. Baldrick not so sure.

Indeed, both are still there, and proud of their OG status.

 

[simmerskool]

I researched online, this seems to be the guy.

which one of those 2 is TH, right or left?

 

[Adrian Ścibor]

Is there any zero day protection via HIPS/ BB or is this just a gui make over?

Regards Eck

As far as I know, you won't see a special message from AV there. Take a look at the *.ace and *.db file-logs in C:\ProgramData\WRData\, which grow as something suspicious is analyzed. They are probably encrypted—I don't remember at this point.