Webroot SecureAnywhere Antivirus – Review
key review info
- Application: Webroot SecureAnywhere Antivirus 220.127.116.11
- Reviewed on:
- Cloud-based threat management loads in seconds and never slows down system performance
- (6 more, see all...)
This week, Webroot rolled out an update for their SecureAnywhere product line, changing the interface completely and making available better detection technology and increased support for unified protection for PCs, Macs, and Android and iOS devices.
Until November 27, 2013 the application is available with a 25% discount through Softpedia, at $29.99 (€22) for one year for a single device.
Running the installation routine per se takes very little time to complete, but only if you already have a serial number, required even for the trial (free to test for 14 days).
During this process, the application runs a set of operations to ensure the product’s best performance on the system. The list of tasks includes checking for compatibility with the operating system, scheduling a daily scan, and adapting itself to the current configuration.
The interface is quite different from the old revision and the developer explains the drastic change though the desire to offer a simplified and automated approach to configuring the product.
And, by the looks of it, they succeeded in providing a clean layout that makes available easy access to both the advanced configuration panel as well as the settings for the individual protection components.
The main screen displays the overall state of the system along with details about the time of the last scan and its duration, when the next verification is scheduled, total number of scans, amount of threats removed, and remaining subscription time.
To the right, there are the protection modules, which can be turned on or off. Webroot SecureAnywhere Antivirus features active protection combined with a firewall, a web shield, and identity protection.
However, additional functionality is available through a suite of tools aiming mostly at more advanced users.
The Utilities menu features a “System Control” section, which provides forensic tools for uncovering malware as well as utilities for removing threats manually. These can help reboot the system in safe mode, or reset the desktop wallpaper or screensaver.
More advanced ones allow checking the currently running processes and system functions or run suspicious programs isolated, in a sandbox.
Simply viewing the running processes may itself reveal threats on the system but SecureAnywhwere does a little more than this; it can also be set to allow, block, or monitor the entry for malicious activity.
Furthermore, it can list events for each entry, complete with time of access, process ID (PID), and thread ID (TID), as well as the persistent event details. All these are tracked down in real time.
Starting a process in the sandbox comes with a set of options that grant it various permissions: access to the Internet, to user resources, to administrative locations on the system, network shares, read/write access to the clipboard, etc. Moreover, a full list of events is provided.
Webroot SecureAnywhere Antivirus is capable of running multiple types of scans. The verification can be Quick (surface check of files in active memory), Full (covers all local hard drives), Deep (looks for rootkits, Trojans and other threats), and Custom.
The default action is Deep, which sweeps areas on the entire computer where malware could find shelter. Since the application is cloud-based, no definitions are downloaded and identification is done by matching threat definitions on Webroot’s servers.
During our tests on a sample database of 1,414 items, the application managed to remove most of them, leaving behind 168 threats. The result was achieved through repeated scans that the application ran automatically until threats were no longer detected.
The number is not encouraging, but SecureAnywhere relies on additional defenses that kick in when files are executed. Webroot Infrared leverages the knowledge about fresh applications and their behavior to dynamically adjust heuristics and background processing.
We were not able to run all the threat samples but the application raised the flag for most of those we executed on the test system (56 out of 64). On the other hand, it also alerted of a perfectly legitimate file, part of FileZilla FTP client.
Among the advantages offered by SecureAnywhere is access to a web console that shows all the systems protected by Webroot’s products (online account required).
Apart from viewing the security status of the system, you can also check scan results, consult a list of recently detected malicious files, and send remote commands to scan the protected device, lock/restart/shut it down or initiate a cleanup procedure (scan and quarantine detected threats).
The firewall present in the suite is one-way (outbound) and is designed to complement the solution in Windows, which monitors inbound traffic. It has few configuration options, which are for web filtering (detecting malicious websites, showing safety ratings in search engines, protecting the newly installed web browsers, and against phishing).
The component offers basic protection, and during our tests it allowed several leak tools to complete their actions unhindered.
Out of the three major search engines on the market, Google, Yahoo, and Bing, safety ratings were displayed only for the last two. The reason is that Google adopted secure search (https://) by default, while the other services didn’t.
As far as protection against phishing is concerned, it managed to stop access to risky websites but we recorded better results with Firefox.
That’s because SecureAnywhere waits for the page to load first and then performs the check, while the browser relies on lists of reported phishing and malware sites, updated at least every 30 minutes.
In browsers that allowed the risky page to load, the anti-phishing component did not kick in as often as we wanted.
The application installs in a jiffy and it does not rely entirely on locally-stored signatures to detect threats. It is properly configured by default and impact on system resources is noticeable only during scans.
Advanced users have plenty of components to help them detect suspicious activity, such as Control Active Processes and sandboxing. Scanning is lightning fast and runs automatically until threats are no longer detected.
During our tests it raised the flag on a legitimate file, part of the FileZilla FTP client. Anti-phishing detection is far beyond what Firefox can do on its own. The firewall allowed plenty of leaking to get by.
Webroot SecureAnywhere Antivirus is extremely light on system resources and showed that it is a reliable tool when it comes to detecting and eliminating threats on the system.
It is properly configured so that beginner users don’t have much to set up; advanced features are incorporated too, to give more seasoned users the possibility to detect more elaborate malicious code.