Webroot, the only small AV left.

Alexhousek

Level 2
Verified
Aug 19, 2017
95
He wasn't "employed" by Webroot and therefore couldn't have been "canned". However, he is no longer providing support for Webroot. However, he continues to use it and still believes it to be a good AV. (Summarizing what he wrote on a different forum.)
 
  • Like
Reactions: Nevi
F

ForgottenSeer 58943

LOL

So he's literally just a huge fan-boy? :unsure::ROFLMAO:

Pied Piper more like it, on the kool-aid express dragging along fellow kool-aid drinkers. I seriously think he damaged Webroot's reputation for a lot of people, deleting system files thing aside..

The Pied Piper of Hamelin (1842) by Robert Browning. 2. (sometimes lowercase) a person who induces others to follow or imitate him or her, especially by means of false or extravagant promises.
 
P

plat1098

I was a deliberately silly provocateur sometimes (and often, genuinely stupid) at another forum but it brought out some of the fire ants and now I'm good. If an antique fixture malfunctions, you remove it.

Now then, let me see about this circa 2015 Webroot install CD I'd like to finally try. It may be pushing it but it's possible I might even be capable of getting it out of the package first. :love: Good job, Webroot administrators.
 

Alexhousek

Level 2
Verified
Aug 19, 2017
95
You are certainly entitled to your opinion but I think calling people who use Webroot "kool-aid drinkers" is quite harsh and unprofessional. Personally, I use Webroot and have done so for almost 3 years. I've never had an ounce of issues with Webroot and I've never been infected in those 3 years either. I think it's sad that you have to bash someone who was trying to provide support to others, then you have to bash the people who choose to use Webroot and then you have to bash the software. I proudly use Webroot.
 

Nevi

Level 12
Verified
Top Poster
Well-known
Apr 7, 2016
568
I have used WSA now over 8 years, and it has kept the fortress clean.I used Emsi 3-4 months, and I would probably jump on Emsi again if WSA disappeared. I understand many has been paranoid because there was so few good tests from WSA, but I think it's safe to say they have done real good over a long period of time. Up against Window Defender, I would choose WSA any day, also after Microsofts updates, but okay WD is no .50 caliber but some seem to swear by it. I stay with Webroot, that's for sure.
 
I

illumination

my testings with webroot has been very disappointing and short. it might be light but it's too weak for my taste.
2 days old samples have no signatures..
Did you test the monitoring and rollback portion of it, that can be a lengthy test, as it can take up to 4 hours or so for the product to determine it needs to rollback. Webroot does not rely strictly on signatures. Also, you can "if tested at default settings" adjust settings such as outbound connections changing it to "warn if any process connects to the internet unless explicitly allowed.You can change Heuristics in advanced settings to warn when any new application tries to execute that is not already whitelisted ect.
 

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
Did you test the monitoring and rollback portion of it, that can be a lengthy test, as it can take up to 4 hours or so for the product to determine it needs to rollback. Webroot does not rely strictly on signatures. Also, you can "if tested at default settings" adjust settings such as outbound connections changing it to "warn if any process connects to the internet unless explicitly allowed.You can change Heuristics in advanced settings to warn when any new application tries to execute that is not already whitelisted ect.
tested it with heuristics on default and maximum, made no difference
yes i can see it doesn't rely on signatures, but there were multiple malware in memory and let wscripts upon wscripts drop payloads all over the place.
you can't rely on a firewall telling you there is an outbound connection, cause that means nothing, it does not tell you it's malicious.

i admit i wasn't thoroughly testing it but my first impressions made me stop really fast. bare in mind i was through 10 other AVs by that time, and compared to most, it was the worst performance from all.

if what you're saying is true, that sometimes it takes 4 hours for the AV to act on something, by that time everything on your computer was stolen, hijacked or exploited.
 
I

illumination

tested it with heuristics on default and maximum, made no difference
One Max, it should act as a anti exe, what is not specifically whitelisted should not be allowed to execute.

let wscripts upon wscripts drop payloads all over the place.
you can't rely on a firewall telling you there is an outbound connection, cause that means nothing, it does not tell you it's malicious.
This underlined is exactly why outbound notifications/control is useful. It can not call out to the C&C to drop a payload if blocked from connecting.

if what you're saying is true, that sometimes it takes 4 hours for the AV to act on something, by that time everything on your computer was stolen, hijacked or exploited.
As it has been some time since i tested Webroot, im recalling from memory, and if it serves me well, im pretty sure applications that end up being monitored for possible rollback are also restricted on what they can and can not do.

It is always good to have places like MT to ask users that are on a daily basis experiencing these products, but to find deeper answers to a product, its best to visit their forum and talk to some Devs that have their hands deep into the code and how the application is designed to work.
 
F

ForgottenSeer 58943

my testings with webroot has been very disappointing and short. it might be light but it's too weak for my taste.
2 days old samples have no signatures..

Webroot has ALWAYS disappointed.. My inlaws used to swear by it, then I kept removing malware from their systems. Webroot support always came back saying 'it wasn't true malware, more like riskware and that's why we don't detect it'. Despite the fact that I demonstrated it performed malware type activity on the system. This endless amount of infections, hidden WRDATA directory filling up SSD's, I never really seriously considered Webroot. Even worse was the recent fiasco where they bricked systems.. My buddy's firm is an MSP with thousands of systems and they use Webroot, they spent weeks cleaning up the mess and immediately dropped Webroot. I think there are far better alternatives.
 
I

illumination

Webroot has ALWAYS disappointed.. My inlaws used to swear by it, then I kept removing malware from their systems. Webroot support always came back saying 'it wasn't true malware, more like riskware and that's why we don't detect it'. Despite the fact that I demonstrated it performed malware type activity on the system. This endless amount of infections, hidden WRDATA directory filling up SSD's, I never really seriously considered Webroot. Even worse was the recent fiasco where they bricked systems.. My buddy's firm is an MSP with thousands of systems and they use Webroot, they spent weeks cleaning up the mess and immediately dropped Webroot. I think there are far better alternatives.
Webroot certainly is not the only product to mess some machines up.

As for infections, coming from another that has in the past, spent much time disinfecting systems, I have found a good deal of those machines had one common factor that led up to infection... "user error", and a lot of these machines were running top named suites and Av's. It is simply not enough to slap something on a system, and continue to proceed with bad choices/habits, and blame the software.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top