» Webroot - Roger's Information Security Blog

Posts tagged ‘Webroot’

Webroot Trumpets Spyware Bakeoff Results

March 28, 2006, 11:36 pm

Webroot has sent out a press release annoucing the results of a four month VeriTest bakeoff between Webroot Spysweeper Enterprise 2.5.1, McAfee Antivirus Enterprise with AntiSpyware Module 8.0 and Sunbelt Counterspy Enterprise version 1.5.268. Webroot was more than three times as effective as Sunbelt and nearly twice as effective as McAfee at cleaning all types of spyware.

The rigorous testing methodology included a test bed of two hundred randomly selected spies, divided into the following categories: adware, system monitor, and Trojans. Each product was judged on its ability to “fully clean” each piece of spyware — a comprehensive term for detecting and removing — from multiple machines. The results of a product’s effectiveness against each of the 200 spies was measured against an extremely sophisticated set of criteria that required each to be met in order to gain a “clean” rating.

Tags: AntiSpyware, Antivirus, Google, McAfee, Webroot
Category: Spyware | Comment

Eschelbeck new Webroot CTO

January 10, 2006, 6:56 pm

http://www.scmagazine.com/uk/news/article/534613/eschelbeck-new-webroot-cto/
It was quite a surprise when I heard that Gerhard Eschelbeck had quit Qualys. Now I hear today that he is taking the same position at Webroot where he will be CTO and VP. Good news for Webroot, bad news for Qualys.

Tags: Webroot
Category: General | Comment

Symantec to buy IMLOGIC

January 3, 2006, 6:46 pm

Well shit. Suddenly that decision to purchase IMLogic (the product not the company) is not looking so good. Symantec has just purchased them.
When Symantec purchases something, its almost as bad as when Computer Associates purchases something. First I would suspect all development will go in the crapper while Symantec figures out what they bought and what they want to do with it. Good by quarterly updates. Goodbye support for AIM Triton, Google Talk and AIM file transfers. I know you were on the roadmap, but the roadmap is now burned.
Next, support will suck. I suspect my support team will now be replaced slowly by the “Gold” level drones that Symantec hires.
Third, I wonder what will happen with the Sybari integration? Will it disappear now that two corporate giants the two companies.
Will my product completely disappear they way L0phtcrack has since the @stake purchase? Will it reappear later as Symantec IM Manager.
I really expected Webroot to be picked off (as Pestpatrol was). I didn’t think about the possibility of IMLogic being bought.
IMLogic is still a better product that Facetime or Akonix. We’ll have to hope for the best.

Tags: AIM, CA, Google, Symantec, Webroot
Category: Antivirus | 5 Comments

Rootkits and spyware, a nasty combination

December 8, 2005, 8:16 pm

The term rootkit entered more people’s lexicon as it was used to describe the Sony Digital Rights Management software. Spyware vendors have been using rootkits to prevent the uninstallation of their malware. Increased usage of antispyware products and their incorporation in antivirus products have caused them to use less obvious and more lasting methods.
Gregg Keizer of techweb reports:

Richard Stiennon, director of threat research for anti-spyware vendor Webroot, agrees that rootkits are being used by spyware and adware vendors.
“In the first half of the year, all we really saw was proof-of-concept code rootkits in spyware,” says Stiennon. “Once they got that to work, though, since May really, we’ve seen several different rootkits in use.”
There are dozens of simple ways to hide from the Windows file system, some enough to defeat elementary defenses, notes Stiennon, but the more sophisticated spyware suppliers have turned to rootkits. “It’s still a minority of the spyware and adware that’s using rootkits,” he says. “But it’s the cutting edge for them. All the new stuff we’re seeing uses rootkit techniques.
“It’s more important to hide if you rely on revenue-generating software that most people want to uninstall,” he adds.

Its more important now than ever to make sure your antivirus and and antispyware products are able to detect rootkits as this problem is only going to get worse.

Tags: AntiSpyware, Antivirus, Webroot
Category: Spyware | Comment

Webroot Spysweeper 2.51

November 9, 2005, 7:02 pm

I finally have Webroot Spysweeper 2.5 in my hands. I’ve been waiting for this since August. The admin console now has some good reports available. I’m happy about that.

Tags: Webroot
Category: Spyware | Comment

Webroot Phileas

October 10, 2005, 8:33 pm

I was perusing the Webroot website when I found the Phileas page. It sounds like the Microsoft Research Honeymonkeys project.

Phileas is a ground-breaking online spyware research system developed by Webroot. Using patent-pending technology that scours the entire Web, Phileas discovers spyware on the Internet faster and more efficiently than any other research method. More importantly, it does so before home computer users or corporations unwittingly become infected.

Tags: AntiSpyware, Microsoft, Webroot
Category: Spyware | Comment

Symantec False Positive

September 16, 2005, 5:01 pm

If you’ve got Symantec Antivirus and you’ve got Webroot Spysweeper, than you probably have seen a Backdoor.Graybird detection today. This is a false positive. The files typically detected are in the temp director and named mc21.tmp or mc22.tmp in my experience.
I have called Symantec support, the next set of virus defs released should solve this problem. The current set of Rapid Release defs do fix this but I’d rather wait for “certified” definitions.

Tags: Antivirus, Symantec, Webroot
Category: Antivirus | 7 Comments

Webroot 2.5 update part 2

August 31, 2005, 10:31 pm

I called support yesterday to check in on any possible interactions between Symantec Antivirus Corporate Edition version 10 and Webroot Spysweeper Enterprise. SAV 10 now has realtime spyware protections and I wanted to see if there would be any issues. Symantec warns about using the antispyware parts with other realtime antispyware programs. Support says there should be no issues. Just make sure you dont have the install block turned on when you try to upgrade (duh). Also they say I might want to have SAV exclude the webroot directories for performance reasons.
I also asked them when Webroot 2.5 will be available for existing customers. The support tech reports that will be available after Labor day. So I can push Webroot down my list of things to do until next week.

Tags: AntiSpyware, Antivirus, Symantec, Webroot
Category: Spyware | Comments Off

Webroot 2.5 update notes

August 23, 2005, 8:56 pm

Spy Sweeper Enterprise 2.5 is currenntly available for new installations only. They say they will be releasing an upgrade package for current customers “shortly.”
Just as well, I’ve got some other things to be working on anyway.

Tags: Webroot
Category: Spyware | Comments Off

Earthlink acquires assets of aluria

August 22, 2005, 9:21 pm

Another bit of news from Donna’s security flash. Earthlink has picked up the assets of Aluria software.
Aluria is a small company from Lake Mary Florida. That’s just north of Orlando, so I know the area a bit from my time down there. Although Aluria’s consumere product has been highly rated, I was never high on them. I seem to recall some controversy about them whitelisting whenu.
Doesn’t Aluria currently provide the antispyware functionality in the AOL Security Edition? Also I believe that Webroot had been providing Earthlink’s antispyware capability. Interesting changes, hmmm.
I figured after Pestpatrol got bought by CA that two things would happen: 1) Pestpatrol would no longer be highly rated. 2) There would be more consolidation as the major companies try to buy into the antispyware market.

Tags: AntiSpyware, AOL, Webroot
Category: Spyware | Comments Off

Roger's Information Security Blog