Which wingman for Webroot?

[amico81]

i have installed a trial of webroot. Awesome lightness of my system.

But i kow that webroot is weak. so i'm searching for a second protection layer.

I have good experiences with both programs in the poll.

I dont wanna use comodo firewall ( too much respect and no training)
or voodooshield ( tried, but just in englisch...that's pity).

 

[illumination]

despite all tweaks, webroot still has many limitations where malwares can bypass
for example, when we get a fileless malwares or a password/banking stealer, if webroot can't protect us in the first place, we are finished
all the important information is stolen and this can't be rolled back, although the malware's actions can be rolled back. If users get a backdoor and the hacker takes over the machine, the first thing he does is stealing all the important data and may or may not uninstall the AV, this can't be rolled back too
furthermore, according to many tests I have seen, even after 24 hours, webroot still failed to rollback or protect against the malwares. If we get a ransomware and it locks our PC (wannacy for example), especially for businessmen, they can't wait 4-24 hrs for webroot to rollback because they need the machine to work immediately

You do realize that you can manually block a monitored process as well as trigger the rollback manually? While a novice will not know what process does what, or if they should allow or block, intermediate to advanced users should be able to do so. While webroot is not my personal first choice, it is good to make sure that users reading these threads know the many options to using a product. Good surfing/back up habits are a must, beyond that, learning the product you do chose for security so that you can utilize it to the fullest potential would be next on the list.

 

[Windows Defender Shill]

despite all tweaks, webroot still has many limitations where malwares can bypass
for example, when we get a fileless malwares or a password/banking stealer, if webroot can't protect us in the first place, we are finished
all the important information is stolen and this can't be rolled back, although the malware's actions can be rolled back. If users get a backdoor and the hacker takes over the machine, the first thing he does is stealing all the important data and may or may not uninstall the AV, this can't be rolled back too
furthermore, according to many tests I have seen, even after 24 hours, webroot still failed to rollback or protect against the malwares. If we get a ransomware and it locks our PC (wannacy for example), especially for businessmen, they can't wait 4-24 hrs for webroot to rollback because they need the machine to work immediately

regardless of the price, $7-8, I don't find it worth it for us if we are not advanced users
in the end, I think webroot is not worth the money for everything it has

about the lightness of other AVs, we have not tried to maximize the speed of them so we can't tell much
I'm using KFA now, and this is the first time I change the setting to scan on-execution. It's extremely light (except the memory usage). It's should be the same for avast

MRG Effitias -
We are delighted to announce that we were able to deliver the MRG Effitas Online Banking/Browser Security award to Kaspersky Lab and Webroot.

Our award is the result of our quarterly comparative quality assessment which evaluates the reliability and efficiency of security solutions against financial threats. It has become the de facto standard of the industry.

It is an achievement just to pass the MRG Effitas Banking Certification, so for these firms to win this award is a significant achievement.

The tests we use to determine the winners of this award replicate real world conditions: during the fourth quarter of the tests, we tested the solutions against in-the-wild financial malware, botnets running in our environment (SpyEye, modified Citadel, ZeusVM) and, in the simulator tests, developed new simulators targeting the following functionalities: Cookie stealer, In-memory Keylogger, SpyEye webinject, hook via not exported functions, hook via page exception, hook via debug register, remove hook protection and inline hooking.

The software we tested was:

• Kaspersky Internet Security
• Webroot SecureAnywhere

Our award signifies that the tested safe browsers can protect online banking transactions and e-shopping on a computer which is infected with active financial malware. The safe browsers will prevent the malware from stealing credit card data or modifying the online banking transaction."

* I've not seen any examination of how Webroot handles fileless malware. Fileless malware is exceptionally rare.

 

[mekelek]

MRG Effitias -
We are delighted to announce that we were able to deliver the MRG Effitas Online Banking/Browser Security award to Kaspersky Lab and Webroot.

Our award is the result of our quarterly comparative quality assessment which evaluates the reliability and efficiency of security solutions against financial threats. It has become the de facto standard of the industry.

It is an achievement just to pass the MRG Effitas Banking Certification, so for these firms to win this award is a significant achievement.

The tests we use to determine the winners of this award replicate real world conditions: during the fourth quarter of the tests, we tested the solutions against in-the-wild financial malware, botnets running in our environment (SpyEye, modified Citadel, ZeusVM) and, in the simulator tests, developed new simulators targeting the following functionalities: Cookie stealer, In-memory Keylogger, SpyEye webinject, hook via not exported functions, hook via page exception, hook via debug register, remove hook protection and inline hooking.

The software we tested was:

• Kaspersky Internet Security
• Webroot SecureAnywhere

Our award signifies that the tested safe browsers can protect online banking transactions and e-shopping on a computer which is infected with active financial malware. The safe browsers will prevent the malware from stealing credit card data or modifying the online banking transaction."

* I've not seen any examination of how Webroot handles fileless malware. Fileless malware is exceptionally rare.

does webroot have a special browser for all this? cause then it's irrelevant

 

[Windows Defender Shill]

are we at a point where its acceptable for an AV to take hours to determine if something running in your memory is doing malicious things?
every decent top tier AV has a similar feature as "Control Active Process", that is reacting fast and not taking a century....

Webroot SecureAnywhere What Happens if Webroot Misses a Virus?

 

[Windows Defender Shill]

does webroot have a special browser for all this? cause then it's irrelevant

Just Chrome and Firefox

 

[Deleted member 178]

does webroot have a special browser for all this? cause then it's irrelevant

No in-house browsers.

 

[mekelek]

Webroot SecureAnywhere What Happens if Webroot Misses a Virus?

that video shows a keylogger running free on your computer, logging everything, and then a sepratate keylogger feature working only on financial websites
then at the end it had to be manually blocked.

 

[Azure]

does webroot have a special browser for all this? cause then it's irrelevant

No. But it has a feature called identity shield. Which is supposed to protect your browser even if Webroot doesn't detect malware.

Identity Shield Deep Dive - Webroot Community

 

[Deleted Member 3a5v73x]

A paid AV should have at least 95% of protection rate, when other free AVs can deliver it and we can disable on-access scanning to make them extremely light

How regular user can determine protection rate of an chosen AV product, on hes particular production machine knowing that it has never been infected and not based on independent AV test lab results?

 

[Evjl's Rain]

How regular user can determine protection rate of an chosen AV product, on hes particular production machine knowing that it has never been infected and not based on independent AV test lab results?

AV test lab results are the baseline where users should have a look. However, there can be bias. MRG and VB100 are quite reliable, although there might be some bias, too
I have heard a lot of people who said they have never been infected for years. When I checked their PCs with a second opinion scanner, it found some active malwares, even looking at task manager was enough to tell. For them, no infection = their PCs are still usable without any annoying message
there is not really good way for average users to protect themselves because they don't know how to. The best solution is to let their security set up by a more knowledgeable person, who does do some researches about security softwares

 

[Deleted member 178]

How regular user can determine protection rate of an chosen AV product, on hes particular production machine knowing that it has never been infected and not based on independent AV test lab results?

They can't, they don't have the skillset.

 

[amico81]

ok we can close this thread. I have used Webroot with Zemana ( Realtime + Pandora Cloud),
but i dont know...i dont feel me protected!
I have redeemed my won Avast IS -license...used some tweaks from @Evjl's Rain and @Windows_Security
The result is a really light av with better protection layers than webroot
I'm happy now and thx to all thread members for the tips and doubts

 

[Sunshine-boy]

weak

Even if you use Kaspersky and throw 100 malware on your machine you will be infected.webroot has good web filtering and sometimes paranoid detections! but worth the money? not at all.

 

[mekelek]

Even if you use Kaspersky and throw 100 malware on your machine you will be infected.webroot has good web filtering and sometimes paranoid detections! but worth the money? not at all.

go through @harlan4096 's malware hub history, you don't see many infected posts
for the sake of making sure it's not just signatures, recently I have been throwing samples at KIS with the File AV / Web AV disabled to see Dynamic capabilities.
it doesn't disappoint.

 

[harlan4096]

There are always malwares that bypass obviously Kaspersky at 1st stage in defaults settings, all of them running on Low Restriction, that usually set a registry Key in Windows AutoRun sections and remain running, but most of the times is because "their actions are not enough malicious" to trigger System Watcher or heur and/or evade them, anyway in the last months I had to collect traces and sent some reports to KL of some samples that followed that behaviour...

 

[Sunshine-boy]

it doesn't disappoint.

I know but there is always smth that bypass your Av!

 

[Evjl's Rain]

I know but there is always smth that bypass your Av!

so it's better to have an AV with the least bypasses
nothing is perfect obviously

 

[212eta]

Which wingman for Webroot?

 

[Brie]

i had webroot. all the virus signatures are online. i clicked on a coupon link. i got a malware.

it did it's damage in 30 seconds. it took over my firefox. i rebooted. it deleted my internet connection.

i had to reset my internet connection. i would not take webroot if it were free. for money, i could get far better.