App Review Webroot SecureAnywhere Antivirus 2015 Test and Review

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
M

MalwareT

Thread author
Good:
-Nice UI
-Light on system
-Good web blocking until smartscreen was enabled by Webroot
-After executing malware all items were found and removed by Webroot
Bad:
-Bad detection on 342 items (0 to 3 days old) 76%

Not recommended. Overall rating 4/5. Watch video here:

 
S

Sr. Normal

Thread author
Hi amigo

Great review again .

That was my antivirus two years ago, on a computer with little RAM. I was impressed by the speed of the scan , but the computer was infected .
With Comodo firewall formed a good team, but there are better combinations ... and free .

Thanks again for keeping us so well informed .

Kind regards
 
M

MalwareT

Thread author
Hi amigo

Great review again .

That was my antivirus two years ago, on a computer with little RAM. I was impressed by the speed of the scan , but the computer was infected .
With Comodo firewall formed a good team, but there are better combinations ... and free .

Thanks again for keeping us so well informed .

Kind regards

No problem friend ;)
 

tonibalas

Level 40
Verified
Honorary Member
Top Poster
Well-known
Sep 26, 2014
2,973
I used Webroot for 6 months and in my opinion is a good program,it has very good PUP detection and it's light on system.
Where i want to see improvement on Webroot is their signatures and their rollback feature. Rollback feature must work a lot faster because if i get infected i can't wait a whole day for webroot to clean my pc ;)
Malware Test a great review and continue your hard work;):)
p.s.: I like the new wallpaper;)
 

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
I disagree with your conclusion, Right click scan like you did doesnt show Webroot protection abilities, there is more than signature detection in it.
In my experience Webroot shines in real life scenario usage.
 

FleischmannTV

Level 7
Verified
Honorary Member
Well-known
Jun 12, 2014
314
The registry entries which EEK found are probably not from malware. I had these found bei EEK on my system as well and there is definitely no malware on it, never has been in fact. There is a probability they could have been made by Webroot itself or some other security program as a measure of self defense or something like that.

Further I don't agree with your conclusion. Webroot has kept the system clean, excellent result imho. There is no malware running at the end of the test. The only active detected process is a false positive of HMP, detecting CBAD as a trojan. The other findings are not running and thus no risk. Dead droppers which were unable to download an install their payload. Finally I don't understand why you give it an 80% rating (4/5 = 80%) and then don't recommend it. Doesn't make sense to me.

However I really appreciate your efforts and thank you for your review.
 

woodrowbone

Level 10
Verified
Dec 24, 2011
480
WSA seems to be a App that is hard to understand for people, this is were they should improve more, inform how WSA really works.
I agree fully with the two posters above, a better understanding on how WSA works is needed.
Like tonibalas who does not know that he is still protected by WSA even if he is "infected", the "infection" is monitored and the Identity shield feature kicks in, and no private or sensitive information is allowed to "leak" out from the PC.
WSA is hard to test, you need to have it up and online all the time if you test the Monitored feature for example, and this can take weeks even before WSA deems the file good or bad. (But you are still protected)
The only scenario I see were WSA could have problems is if you get a ransom virus blocking your screen, even if that file is monitored you cannot use your PC until the cloud decides that the file is bad.

EDIT! No disrespect to the tester/testers, but we need to brainstorm without prestige around how tests are conducted. Just to get as close to real life experience as possible.
Or else the so called "youtube testers" will remain in the shadows, not taken seriously by others (see Wilders forums for example).

/W
 
Last edited:

Behold Eck

Level 15
Verified
Top Poster
Well-known
Jun 22, 2014
717
Interesting as it seems that webroots detection has actually improved compared with previous tests,although this could be because of the 3 day old samples ?

I agree wih Sr.Normal when he mentions maybe running it with CFW(or maybe just run CFW by itself ?) but I for one don`t totally trust Webroot`s detection rates or rollback abilities yet.

Good review as usual MT,thanks.

Regards Eck:)
 

Cch123

Level 7
Verified
May 6, 2014
335
I think someone should really do an in depth test of webroot. Its behavioural detection is one of the best in the field, but it takes time for it to work and by then damage could have been done. It would be good to see if its firewall managed to block all data transfer from the malware to its C&C servers and whether the rollback was completely effective.
 
S

Sr. Normal

Thread author
I think someone should really do an in depth test of webroot. Its behavioural detection is one of the best in the field, but it takes time for it to work and by then damage could have been done. It would be good to see if its firewall managed to block all data transfer from the malware to its C&C servers and whether the rollback was completely effective.

WSA before using the windows firewall with added , has changed that now?

I remember 2 years ago were already asking to change the way in which the test was performed for being little clarifying your antivirus.
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
I think someone should really do an in depth test of webroot. Its behavioural detection is one of the best in the field, but it takes time for it to work and by then damage could have been done. It would be good to see if its firewall managed to block all data transfer from the malware to its C&C servers and whether the rollback was completely effective.

Here is one good Webroot test with rollback feature after couple of days:

Webroot Secure Anywhere (Rollback Test Day 0)


Webroot Secure Anywhere (Rollback Test Day 5)


Webroot Secure Anywhere (Rollback Test Day 12)
 
  • Like
Reactions: Sr. Normal

Cch123

Level 7
Verified
May 6, 2014
335
WSA before using the windows firewall with added , has changed that now?

I remember 2 years ago were already asking to change the way in which the test was performed for being little clarifying your antivirus.

WSA is still using Windows firewall with its own program monitor. Basically, windows firewall is used to stealth ports and prevent external attacks. Its own firewall controls outbound connections from programs in the PC.
 
  • Like
Reactions: Sr. Normal

Cch123

Level 7
Verified
May 6, 2014
335
Here is one good Webroot test with rollback feature after couple of days:

Webroot Secure Anywhere (Rollback Test Day 0)


Webroot Secure Anywhere (Rollback Test Day 5)


Webroot Secure Anywhere (Rollback Test Day 12)


While I respect him for the effort that he has put in, his methodology is very wrong. Webroot's rollback feature does not care if 1 day or 30 days have passed. It simply needs time to analyse and evaluate suspicious applications. By switching off the virtual machine, he has essentially deprived webroot of this ability. He does not need so many days in fact. All he needs to do is to leave the virtual machine running for a day with all the malware running. That way we will truly see how effective is webroot at analysing and detecting malware through its behaviour threat analysis module.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top