Will whitlisting a site WSA flags allow all malware on that site to run?

Hello garlicwebroot :D

As far as I know, no. WSA will not whitelist all things coming from that website, and will still protect you if you visit the website anyway.

Regarding your second question, that depends. The website may still try to perform a drive by download and drop, execute, and install a malicious payload onto your system. However, if it does try this, Webroot will block the payload and if it is an unknown payload, Webroot will begin journaling it's every action and when deemed malicious will roll back and undo all changes done. Also you are still protected by the identity shield so that while it is being monitored if not blocked by a signature, it won't be able to capture anything from your browsers.

Hope this helps,
Shran 😃

thanks!

Happy to help 😃

So once you're at a web site, does webroot do its usual thing regardless of whether it was flagged?  Or does it take extra measures if you overrode the block?
 
Ken
 

tech support informed me that when you disable protection for a site WSA no longer scans that site and no longer protects you against key loggers on the site. It does however, still protect you from any virus the site may try to install on your OS.

Is unblocking the same as disabling protection?
 
I'm asking about a site for which webroot gives the "This website has been reported as unsafe" screen and I proceed anyway.
 
Ken
 

As far as malicious code embedded within the site, yes.  If you over-ride the block, any malicious code or key logger on that site might possibly execute unchecked.  Any component that requires a file to be downloaded onto your computer will still be protected against though.

Sorry if I'm still confused.  Does that mean that if a site that has not been reported as unsafe has malicious code, webroot will protect against it?  But if it's been reported and I go there anyway it won't?
 
Ken
 

The rest of WSA's Shields will still protect you from malware such as the Identity Shield even infected still protects from all online attacks seen here: http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C6_IDProtection/CH6a_ManagingID.htm so WSA has many layers of defence to all malware!
 
TH

your question blew my mind!
 
ya i see what you mean. In theory i should be able to go to these sites and not be concerned because WSA is keeping me safe, and all the more so if its a site known to be malicious.
 
So WSA can protect you from  a sites keylogers and malicious stuff but once WSA labels the site malicious and you decide to ignore that label, all of a sudden you are stripped of some protection?
 

Thank you!  Never looked at the full list before - pretty impressive.  I've got all of the protections on.  I don't randomly blast past warnings, but every now and then I'll continue on to a site that I have reason to believe is safe despite a warning.  I feel more comfortable now.
 
Ken
 
 
 

Okay, now I'm a bit confused myself! 😳. How can malicious code steal anything or even attempt to without downloading? Does that mean that once you leave the webpage if it did have a keylogger that ran without downloading it would be gone as soon as you left the webpage?
Also like grishnakh asked does that mean if the web filter doesn't block a webpage and the page does have malicious code like that that doesn't download then it would be allowed to run as long as it didn't download?

😳

mind blown again

If it downloaded!! Even an active unknown keylogger can't steal anything from your browser sessions with the yellow padlock on the Tray Icon showing you that Identity Shield is protecting you!! WSA has many Shields to protect it's users see the Video's in my last post.
 
HTH,
 
TH

Okay thanks my friendly Helix! 😃

But it's best to keep all Shields running as they work as the Perfect Team in a 744kb downloaded client! Sorry garlicwebroot. I can't agree with your signature Idea.
 
TH

 

no problem, i dont know how to use this thing. working on it

Tell me what you would like to know?
 
Daniel

Here is my setup from a clean install! It's not for everyone as it could cause False Positives and that's it! The first picture is because I want to know what's happening at all times and I decide what to do! And the last picture make sure all Browsers are listed and under Protect! Happy Surfing!
 
Daniel :D
 

 

 

 

would you add Sumatra PDF to application protection ?

@ wrote:
would you add Sumatra PDF to application protection ?

You can and if it doesn't work right then remove it. That's a good one I'm going to add Adobe Reader as it does open in the Browser! ;)
 
Thanks,
 
Daniel

check out EMET 4.1 as well if you havnt yet. It further hardens a system. Basically i added anything that reaches the net to it.
 
http://support.microsoft.com/kb/2458544

would you add java.exe, javacpl.exe, jave-rmi.exe, javaw.exe and javaws.exe to application protection?

@ wrote:
check out EMET 4.1 as well if you havnt yet. It further hardens a system. Basically i added anything that reaches the net to it.
 
http://support.microsoft.com/kb/2458544

You can use EMET but it's not really needed with WSA but that is your choice! I don't use EMET and I don't see a need for it myself. You don't want to harden it to much then you lose the pleasure of using your PC as it was intended for. Did you look at the link I posted to the 3 video's if not it's a great information tool.
 
Daniel 😉