Webroot SecureAnywhere Antivirus Review

Discussion in ''Personal' Software Reviews' started by Gdant, Aug 3, 2016.

  1. Gdant

    Gdant Senior Member Known Member

    Webroot SecureAnywhere Antivirus
    download.jpg
    WSA Antivirus is a cloud-based antivirus suite which is known for its minimal impact on the system resources and providing the same powerful protection. Due to its different approach than other traditional antivirus suites, it is very less in size and scans the file system more quickly than what others do. WSA can be used as primary antivirus or as a companion security product as it is compatible with most of the AV suite.

    Advantages:
    Very small installer size and light on system
    Scan is approx. 15x faster than the average scan time of competitor product tested.
    Don’t need to download daily a heap of Virus-Database Updates.


    Disadvantages:

    Required Internet (but now-a-days it is not major problem).

    Features Summary:
    Advanced threat protection for PCs and Macs
    Always-on security for your data and identity (Identity Theft Protection)
    Protection that stops ransomware
    Real-time anti-phishing blocks harmful sites
    Firewall and network connection monitor
    Webcam Protection


    Company Website: www.webroot.com

    Product Website: Webroot SecureAnywhere Product Page

    Download URL: Click to download latest WSA Antivirus

    Download Size: 875KB

    Price: $39.99/year but now discounted price is $25.99/year.
    Buy it for more years to save more.

    If you already have setup for WSA, then make sure that it is the latest version

    Latest Released Version: 9.0.10.21 (released on 19th July 2016)


    Requirements:

    Minimum System Requirements:

    Intel® Pentium®/Celeron® family, or AMD®K6/Athlon™/Duron™family, or other compatible processor
    128 MB RAM (minimum)
    10 MB Hard Disk Space
    Microsoft Internet Explorer 7.0 and higher, Mozilla Firefox 3.6 and higher (32-bit only), Google Chrome™10.0 or higher
    Internet access


    OS Requirements:

    Windows: Windows XP SP2, SP3; Windows Vista; Windows 7; Windows 8; Windows 8.1; Windows 10 (All 32-bit and 64-bit version of windows are supported)

    Mac: OS X 10.7.3 “Lion” or newer


    Review:

    Webroot setup package size is less than 1 MB which makes the installation finish in couple of seconds and in a couple of clicks. Since the installer has no embedded key even for trial version so either get trial key for 14 days (get from here) or full version key to start.
    a1.png
    To manually customize the installation, just go to the options and configure it. Webroot has one unique feature of “Randomizing the installation filename” so that some malware infection can’t modify or disrupt the installation process. The last feature option which is

    Protect the SecureAnywhere files, processes, and memory from modification – Enabling this feature will protect Webroot process from tamper and prompts CAPTCHA before changing the critical features in Webroot.

    a2.png

    At the end of installation, it ask for the email-id for support and security news updates.
    a5.png
    After finish of installation, WSA antivirus do a optimization scan to ensure that the no threats are active or running in the system, mapping network, files optimisation for faster scanning in further scans.
    a5_init_scan.png
    The WSA main dashboard is quiet intuitive, have important settings just a click away and provides System Security status for any actions required to stay protected. On the right side of dashboard, there are different security modules to access and switch main settings.

    Though the main colour theme of WSA is Green but it changes according to the system security status to notify user than some action is required to make your system protected. For example, WSA colour theme changes to blue if some attention is required like scan is needed and it changes to brown/red if some action is required like user action related to active threat or some real-time shield is turned off. Don’t get confused with the word “Active Threats”, it doesn’t mean only that threats are active and running in memory, even if threat is there on the hard-disk then also it is considered as active.


    a7.png

    a7_1_color_change potential risks.png

    a7_2_Dashboard_unresolvedThreats.png

    Normal Webroot system tray icon when all shields are active and PC is completely secure then

    a7_3.png
    When any shield is turned off its system tray icon fades as grey
    a7_4.png

    Now, let’s walkthrough the settings in each module one by one.

    PC Security module has following tabs:

    Scan & Shields: “Scan My Computer” performs a quick scan to ensure that system is clean while if user want to do a custom scan like specific folder scan, deep clean scan, full scan can be performed by going in “Custom Scan” button. Moreover, user can also see the active connections that are connected to internet using “View Active Connections” button.

    b1.png
    b1_1.png

    b1_2.png

    Quarantine:
    Here you will get the list of detected threats to view and manage them. Here, detected threats can be either permanently removed or restored in case of false detection.

    b2.png

    Block/Allow Files:
    If you feel any file to be suspicious and want to monitor or block it then WSA give you the feature to do so. These three modes are available in Allow/Block Files Tab:

    Allow: Ignores the file in scans and shielding
    Block: Stop a file being executed or written to the system
    Monitor: Watch all the program activities to decide it as legitimate or some threat.

    b3.png

    Here note that all threats detected by WSA also lists in this pane and by default set to block mode.


    Identity Protection Module:

    Identity Protection module protect the users from identity theft and financial losses by shield your application when you do financial transactions or so and blocking phishing scams. It ensures that your sensitive data is protected, while safe-guarding you from key-loggers, screen-grabbers, phishing schemes, and other information-stealing techniques.

    Identity protection prevents from accessing personal data with the following engines:

    Protect Cookies and Website Data
    Prevent Man-in-the-middle and man-in-the browser attacks
    Protect Webcam, Keystrokes and Clipboard data
    Protect against URL and screen grabbing attacks
    Protect Browsers process from tamper and external access
    Isolate untrusted browser add-ons from data

    c1.png

    User can provide an extra layer of security to applications that may contain sensitive data like IM clients, Browsers, Outlook, etc. By adding application, you ensure that all added applications are now protected with all Identity protection threats.

    Just add any application to the Protected Application list pane and assign them any of the following protection levels:

    Protect – Listed application are secured from any type of identity theft from malwares, but also have full access to data on the system. When a protected application is run, Webroot system tray icon shows a Padlock.
    c1_1.png
    Allow – Allowed applications are not secured from stealing malwares, but also have full access to data on the system. It is always advised to allow only trusted applications.

    Deny – Some applications unintentionally access protected data with/without malicious intention. Denied Applications can’t view protected data but can run normally.
    c2.png
    WSA automatically detects browser processes and other trusted application to automatically, by default, make them protected to ensure maximum protection. WSA shows this notification while automatically adding new process to protected mode.
    c3.png
    .............to be continued......


     
  2. Google Adsense

  3. Gdant

    Gdant Senior Member Known Member

    Backup & Sync: This feature is only available in WSA Complete.

    Password Manager: This feature is available in WSA Internet Security Plus and Complete.
    It is a password manager to store your passwords and being managed from account’s web interface.


    Utilities Module:
    Here comes the Anti-Malware Tools tab which is basically made for users to manually remove the threats.

    In the tools pane, user can reset wallpaper, screensaver, system policies and can perform custom boot mode.
    If you feel something suspicious get installed, then you can manually select the file to remove it along with its traces. It is like rollback the tasks performed by threat so to eliminate it completely.
    And the last option is to manually select the script which will perform the requested task. This feature is for advance user unless guided by someone expert.

    d1.png

    In Reports tab,

    d2.png


    Report pane allows user to have access to features like saving the previous scan logs for diagnostics purposes and also the log of all threats removed since installation.

    Event Viewers
    Protection Statistics: Gives the statistics report of the background processes or events that the Webroot is monitoring. Double clicking on each line gives more detailed view of the events.

    d2_1.png

    Execution History: It gives the log of all executable that are executed on the system along with their Process ID and time of execution. It also allows you to check when a virus entered the system.

    d2_2.png

    Double-click on any event to know more details about that process.
    Here is an instance of file name Protection.exe (Covert PRO execution file)


    d2_2_1.png

    In SYSTEM CONTROL tab,
    d3.png

    Control Active Processes: Using this features, user can tweak the threat-detection capabilities of Webroot for all programs and processes running on the system. It also includes a function for terminating any untrusted processes, which might be necessary if a regular scan did not remove all traces of a malware program.
    d3_1.png

    Run SafeStart Sandbox: If you are an advanced user and want to check a program you believe is malware, you can first test the program in a protected area called the SafeStart Sandbox. This sandbox allows you to isolate the actions of the malware program and observe its behaviour. This feature is generally intended for malware testing, not for legitimate programs.

    d3_2.png

    My Account:

    It has basic info about the program like key code and program version installed.

    e1.png

    e2.png

    Now coming to the Advance Settings tab that resides on the Top Right side of main interface UI.

    The “Install Settings” enable user to tweak basic
    a8.png


    In “Scheduler” setting tab you can customize the automatic scan schedules of Webroot scan module and also change the checklist of Webroot that it should target while scanning.

    a9.png

    In "Scan Settings" tab, user can tweak the scan behaviour like rootkit detection, PUP detection, etc.

    a10.png

    All the shield protection management can be done in “shields” settings tab. The most interesting setting is marked as “a”. If user somehow disconnected by internet, then also Webroot monitors the processes and notifies user if some untrusted program wants to make core system changes like tampering OS core files (Like system files, hosts files, etc.). It suppresses the Webroot disadvantages of internet requirement to an extent.


    a11.png

    These settings below enable you to be protected from online threats. After Webroot is installed, if you open browser then you will be prompted to install Webroot extension for being protected from web based threats like phishing, adware, etc.
    So, to change browser extension settings, just goto “Firewall/ Web Shield”.


    a12.png

    It enables you to enable captcha request every time user changes configuration options or critical features and protection against process termination. This ensures that no threat can compromise the Webroot security modules in any way.

    a13.png

    If you access the internet through some proxy then you can specify all details to ensure that Webroot is always connected to its cloud server database.
    a14.png

    It is one of the most important feature that every security software must have “Heuristics”.
    Since everyday a plethora of new malwares came into existence and but may have some behaviour of known threats. To detect all these type of threats, Webroot performs heuristics analysis of each application so to catch and record the patterns for any match.
    These settings are for advanced users so change with caution keeping in mind that scan time will dramatically increases if you choose more advanced heuristic option.

    Standard Heuristics is only basic analysis patterns.

    Enhanced Heuristics is basically based on the behaviour, origin, age and popularity of files. This is the recommended settings.

    Maximum Heuristics: This check for more complex patterns and use it with caution as it may prevent the use/installation of lesser known application or rarely used program.

    Last option notifies the user whenever a new program is executed.

    Webroot Infrared: If there is an unauthorised access to your computer even if you are working somewhere else on the system. In some cases, Webroot auto-decides the decision but in most Webroot prompts the user to take decision for the given file or program. To make a determination about what level of warning to display, SecureAnywhere uses a technology called Infrared. Infrared is a multi-layer defence that blocks threats very early in their lifecycle. This is done by sophisticated analysis and considering some factors:

    The safety level of websites.
    The reputation and behaviour of newly introduced applications.
    By interpreting user behaviour with an overall assessment of the safety level of the system.


    a15.png

    Whenever user raise a query on search engines like Google, Bing, etc. Webroot puts a symbol against each url to notify user about the website ratings

    icon_risk_level_dark_green_38.png These sites are trusted and known sites with strong security practices. There is very very low that these sites will exposed your data to risks.
    icon_risk_level_light_green_38.png These are known sites and generally do not poses with security threats and there is low risks of exposed data.
    icon_risk_level_yellow_38.png These sites are good but it is not passed on all parameter and may exhibit some security risks. There may be user data can be exposed to risk.
    icon_risk_level_orange_38.png Suspicious sites and probability of being exposed to risks
    icon_risk_level_red_38.png High risks sites and are not recommended to visit
    icon_gray_circle_38.png
     

    Attached Files:

    • a16.png
      a16.png
      File size:
      17.5 KB
      Views:
      1
  4. Gdant

    Gdant Senior Member Known Member

    Now coming to scanning GUI and features, the scan window has all basic info needed to know by user like files scanned, process scanned, etc. As already told, Webroot changes its UI colour theme from Green to Red/Brown when threat is detected
    f1.png
    After the scan is completed, it gives the detail summary of detected threats with their category and that too in the red action required color UI.

    f2.png
    If you chose to continue, WSA notifies you to take certain actions before threat removal to avoid data loss and sometimes threat removal required to restart the system to eliminate the risks completely.
    f3.png
    Finally, it gives the current scan results on Right Hand pane.


    f5.png

    If a threat is detected and removed by realtime protection then it gives the popup for threat details as below:


    x1.png

    And if the threat is identified by WSA before (pre-existing threats) but not removed (either by user interruption or was there before WSA installed) and in current scan it is removed then it notify users about that too.

    f4.png
    How does Webroot Works?

    Rather maintain a local database of threats on hard-disk, Webroot keep a large database of legitimate programs, known threats, good or bad programs on its cloud-based servers. If the program is from known list, then it will do the required action by itself.

    Now if some unknown program is detected it will send the telemetry data to the servers for detailed analysis and till that time it starts monitoring that program for possible rollbacks, if possible. Sometimes, correlation rules let the server checks the unknown file fingerprints pattern being matched to known threat. Once the status of the unknown app is known, the servers notify user Webroot AV. If detected as threat, then it deletes it and rollback all possible changes by the threat. Now that file status is now stored in its servers for future detection and if same file encountered by someone else, then the result is available in just a little time.


    Final Verdict:

    Webroot is a good cloud based AV for faster scans and being very light on system impact. Though the major disadvantage is its cloud-based signatures rather than offline signatures which make it not useful for not always internet connected systems. I tried it as both primary AV and companion AV and have no issues in compatibility and no unresolved/undetected threats resides in the system.
     
  5. Petrovic

    Petrovic Forum Addict Silver Member

    https://community.webroot.com/t5/Webroot-for-Business/Offline-signature-database/m-p/38736#M253
    +
    https://community.webroot.com/t5/We...ivirus/Fast-Scans-When-Offline-How/ta-p/20328

    Thanks for the review
    &
    welcome to https://community.webroot.com , if you have any questions
    Cheers
    Petrovic | Webroot Bronze VIP
     
    Der.Reisende, revC0de, Gdant and 6 others like this.
  6. dinosaur07

    dinosaur07 Senior Member

    Very good & professional review. Thanks, Gdant. I enjoyed reading it. :)
     
    Der.Reisende, revC0de, Gdant and 3 others like this.
  7. jasonX

    jasonX Giveaways Moderator Staff Member

    Thanks for the review Gdant!! Heheheh you jive in the new reviews format huh :)

    This review is in line with our upcoming official giveaway for Webroot WSA here at Tweakbytes so stay tuned guys ;)
     
    Der.Reisende, revC0de, Gdant and 4 others like this.
  8. guardian

    guardian Administrator Staff Member

    nice work indeed Gdant... informative review
     
    Der.Reisende, revC0de, Gdant and 3 others like this.
  9. BC2Tweak

    BC2Tweak Reviews Moderator Staff Member

    Good job, -Gdant-!!

    Excellent job of presenting information about the program!! :D
     
  10. revC0de

    revC0de MTAC Moderator Staff Member

    Great review Gdant, from a long time WSA's user! ;)
     
    Der.Reisende, Gdant and RGiskardR like this.
  11. hakah

    hakah Junior Member

    Very good review made by you, Gdant. Nice to meet you here as I have seen your name in most of Forum giveaways. I have been using this software long time ago and later changed to Avira, AVG and now KIS as it is not so good and secure compared with other security softwares in the market. After reading your review, I would like to have a trial on it sometime later.
     
    Der.Reisende, revC0de, jasonX and 2 others like this.
  12. hakah

    hakah Junior Member

    May be there is a chance to win it here in later giveaway!
     
    Der.Reisende likes this.
  13. Endracion

    Endracion Initiat3

    I used to do online marketing for them - they often sort of give it away for free themselves at newegg, where the mail in rebate is the total amount of the software.
    If you're interested in getting webroot, just keep and eye out there!
     
    RGiskardR likes this.
  14. jat_forcee

    jat_forcee Initiat3

    I got my 3 year Webroot deal from there some time ago! With some help from a friend. Apart from AV & vpns I've hardly ever paid for other softwares. I like webroot, next to no system resource impact.
     
    RGiskardR likes this.

Share This Page