Just got Webroot. Run Scan & it scans for MALWARE in less than 2 minutes. What about viruses?
Just got Webroot. Run Scan & it scans for MALWARE in less than 2 minutes. What about viruses?
New to this software. When I run Scan it scans for MALWARE in less than 2 minutes. What about viruses?
EDIT; <Threads merged as duplicates>; Baldrick
EDIT; <Threads merged as duplicates>; Baldrick
Hi NickB27
Welcome to the Community Forums.
This is an oftern asked question and the reason that you are not seeing the same reaction on your system as with other AV/IS apps is because WSA works in a couple of very different & unique ways:
(i) firstly, WSA takes the approach that an inactive threat, i.e., something that is not running is/cannot be an issue or danger to your system, therefore it only scans & deals with active files/apps...BUT then moment and app/File attempts to/activates it springs into action to determine if it is a threat to your system...so not massive scanning of the system and reacting to any threats or suspicious items, and
(ii) secondly, when checking way that unknown or ‘undetermined’ malware is handled, and the automatic remediation that is provided, is different. If a new program is introduced to the machine protected by Webroot SecureAnywhere, and it has no existing relationship to anything else on that machine, then local heuristics and other defences are automatically applied to make a good or bad determination.
For example, if a suspicious or undetermined program has passed the several layers of local and Webroot Intelligence Network checks, it is monitored extremely closely, and watched to see which files, registry keys and memory locations it alters.
If a monitored program is later found to be behaving maliciously, Webroot SecureAnywhere can step-in to block and quarantine it, alert the user and administrator, and proceed to automatically clean-up the threat. The journaling function has recorded and remembered the before and after state of each change made (including changes made to local files). So in the rare case that a threat does get through the heuristics, sandbox, and other defences, the journaling and monitoring of behaviour ensures it cannot do any permanent damage to a user’s machine.
For an example of this at work please view this Knowledge Base article that consists of a short demonstration.
The other major component to identification & protection is that Webroot maintains a global listing of good files in addition to bad ones and unknown ones. Third-party antivirus software is included in this list. It takes less time for WSA to ask the cloud if the software in question is good, bad, or unknown than it does for you to manually tell it to flag all of those files as good. Additionally, the third-party software is probably going to update a lot, being that it's antivirus software (most-likely old-school definitions based stuff too). When it updates, those files change, and for all real purposes they are new files. The original whitelisting action you would have taken would have whitelisted a certain set of files locally, but it wouldn't account for updates. However, our cloud-based whitelisting does that automatically, which is why you notice no ill effects. Please view the below diagram:
I hope that helps in some way to explain what you are seeing as 'different'...it is due to what makes WSA different/better.
Regards, Baldrick
Welcome to the Community Forums.
This is an oftern asked question and the reason that you are not seeing the same reaction on your system as with other AV/IS apps is because WSA works in a couple of very different & unique ways:
(i) firstly, WSA takes the approach that an inactive threat, i.e., something that is not running is/cannot be an issue or danger to your system, therefore it only scans & deals with active files/apps...BUT then moment and app/File attempts to/activates it springs into action to determine if it is a threat to your system...so not massive scanning of the system and reacting to any threats or suspicious items, and
(ii) secondly, when checking way that unknown or ‘undetermined’ malware is handled, and the automatic remediation that is provided, is different. If a new program is introduced to the machine protected by Webroot SecureAnywhere, and it has no existing relationship to anything else on that machine, then local heuristics and other defences are automatically applied to make a good or bad determination.
For example, if a suspicious or undetermined program has passed the several layers of local and Webroot Intelligence Network checks, it is monitored extremely closely, and watched to see which files, registry keys and memory locations it alters.
If a monitored program is later found to be behaving maliciously, Webroot SecureAnywhere can step-in to block and quarantine it, alert the user and administrator, and proceed to automatically clean-up the threat. The journaling function has recorded and remembered the before and after state of each change made (including changes made to local files). So in the rare case that a threat does get through the heuristics, sandbox, and other defences, the journaling and monitoring of behaviour ensures it cannot do any permanent damage to a user’s machine.
For an example of this at work please view this Knowledge Base article that consists of a short demonstration.
The other major component to identification & protection is that Webroot maintains a global listing of good files in addition to bad ones and unknown ones. Third-party antivirus software is included in this list. It takes less time for WSA to ask the cloud if the software in question is good, bad, or unknown than it does for you to manually tell it to flag all of those files as good. Additionally, the third-party software is probably going to update a lot, being that it's antivirus software (most-likely old-school definitions based stuff too). When it updates, those files change, and for all real purposes they are new files. The original whitelisting action you would have taken would have whitelisted a certain set of files locally, but it wouldn't account for updates. However, our cloud-based whitelisting does that automatically, which is why you notice no ill effects. Please view the below diagram:
I hope that helps in some way to explain what you are seeing as 'different'...it is due to what makes WSA different/better.
Regards, Baldrick
Thanks. This time I read your reply. Makes sense. Still unnerving since I'm used to standard antis.
Hi NickB27
I completely understand...and I was much the same when I first started using WSA (and in fact its direct forerunner, Prevx) a long time ago.
It does take some getting used to but you will get it in the end, as do all Community members, and you will be pleased to be running the lightest antimalware app on the market.
As and when you have the time you may find this previous post of interest in terms of more information on the subject and some further interesting videos to check out.
Just post back with any questions you have and we will be pleased to try to assist, etc.
Regards, Baldrick
I completely understand...and I was much the same when I first started using WSA (and in fact its direct forerunner, Prevx) a long time ago.
It does take some getting used to but you will get it in the end, as do all Community members, and you will be pleased to be running the lightest antimalware app on the market.
As and when you have the time you may find this previous post of interest in terms of more information on the subject and some further interesting videos to check out.
Just post back with any questions you have and we will be pleased to try to assist, etc.
Regards, Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.