AVLab.pl Advanced In-The-Wild Malware Test results for March 2025

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

simmerskool

simmerskool

Level 41
Verified
Top Poster
Well-known
Apr 16, 2017
3,094
cartaphilus said:
I do apologize ahead of my upcoming comment but it does have to be made: I question validity of any test and it's method that scores Webroot at 100%; 100% of the time it's tested.

I know I am a single datapoint but come on my own personal experience with the product was not so great. The only time within the last 15 years that I came across an infection that I had to remedy from my system was when that system was running webroot.
Click to expand...
you are not alone! see my short macOS comment above, I could elaborate but won't -- just know BAD! I cannot comment re webroot on windows -- I ran it on win for awhile but then no more.
 
  • Like
Reactions: piquiteco, Dave Russo and Andy Ful
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,919
simmerskool said:
Maybe @Shadowra needs to re-test Webroot??
Click to expand...

I do not think Webroot can do better than in this test (without WHHLight):
malwaretips.com

App Review - Webroot SecureAnywhere 2024 (With WHHLight & Wihout WHHLight)

Webroot is an American security solutions provider. Formerly SpySweeper, the company acquired PrevX several years ago to create its SecureAnywhere solution. For several years now, Webroot has set itself apart from the competition with 100% Cloud protection. Webroot has made some improvements to...
malwaretips.com malwaretips.com

Against evasive threats, Webroot needs additional protection (like WHHLight, CyberLock, etc.). The result could probably be OK, even when WHHLight was used without WDAC (only SimpleWindowsHardening restrictions for non-EXE threats).

If Shadowra wants to make another test, it would be interesting to test EXE files separately. Unfortunately, the rollback feature can be triggered after some minutes. So, after the test, it would be necessary to wait an hour or more (depending on the number of executed samples) and restart the system before checking for possible infections.:(

The "wait-and-see approach" of Webroot is hard to test when the samples are executed one after the other. Many samples are actually executed in the system and are allowed to make many suspicious changes. So, the samples executed later are more evasive as compared to the test when each sample is executed on a clean machine, like in AVLab and SE Labs tests. This issue is not so important to other AVs, which have much better malware signatures (local and in the cloud) and pre-execution detection.
 
Last edited:
  • +Reputation
  • Like
Reactions: piquiteco, Dave Russo, Shadowra and 1 other person
simmerskool

simmerskool

Level 41
Verified
Top Poster
Well-known
Apr 16, 2017
3,094
Andy Ful said:
I do not think Webroot can do better than in this test (without WHHLight):
malwaretips.com

App Review - Webroot SecureAnywhere 2024 (With WHHLight & Wihout WHHLight)

Webroot is an American security solutions provider. Formerly SpySweeper, the company acquired PrevX several years ago to create its SecureAnywhere solution. For several years now, Webroot has set itself apart from the competition with 100% Cloud protection. Webroot has made some improvements to...
malwaretips.com malwaretips.com

Against evasive threats, Webroot needs additional protection (like WHHLight, CyberLock, etc.). The result could probably be OK, even when WHHLight was used without WDAC (only SimpleWindowsHardening restrictions for non-EXE threats).

If Shadowra wants to make another test, it would be interesting to test EXE files separately. Unfortunately, the rollback feature can be triggered after some minutes. So, after the test, it would be necessary to wait an hour or more (depending on the number of executed samples) and restart the system before checking for possible infections.:(

The "wait-and-see approach" of Webroot is hard to test when the samples are executed one after the other. Many samples are actually executed in the system and are allowed to make many suspicious changes. So, the samples executed later are more evasive as compared to the test when each sample is executed on a clean machine, like in AVLab and SE Labs tests. This issue is not so important to other AVs, which have much better malware signatures (local and in the cloud) and pre-execution detection.
Click to expand...
@Andy Ful & @Shadowra IIRC Prevx was ok to run with MS Defender & any other 3d-party AV, that was years ago, so is Webroot still compatible with 3d-party AV or with MS Defender. I can visualize that Webroot with Defender & Cyberlock might be a good combo with no slowdowns if compatible. IIRC @danb said Webroot was good with VS/CL but that was also in times past.
 
  • Like
Reactions: piquiteco, Jonny Quest and Shadowra
simmerskool

simmerskool

Level 41
Verified
Top Poster
Well-known
Apr 16, 2017
3,094
Webroot reply was minimally responsive imo: "Yes, You can install Webroot if Windows Defender is already on your computer. Just make sure to turn off the periodic scanning if you have issues installing Webroot." Most likely I'll take a pass...
 
  • Like
Reactions: piquiteco, Andy Ful and Dave Russo
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,919
simmerskool said:
Webroot reply was minimally responsive imo: "Yes, You can install Webroot if Windows Defender is already on your computer. Just make sure to turn off the periodic scanning if you have issues installing Webroot." Most likely I'll take a pass...
Click to expand...

When Webroot is installed, Defender works in passive mode (like in the case of any AV accepted by Microsoft):

1745660270771.png


1745660331640.png


Webroot Firewall works with Windows Firewall.
 
  • +Reputation
  • Like
Reactions: piquiteco, ErzCrz and roger_m
R

roger_m

Level 44
Verified
Top Poster
Content Creator
Dec 4, 2014
3,326
Webroot still state their antivirus can be used alongside another antivirus. While it is generally not recommend to have two antiviruses installed, it can be done when one of the products has been designed to work alongside other antiviruses. For example, I've run 360 Total Security with other antiviruses with zero issues. In the case of 360 TS, they don't advertise the fact it is compatible with other antiviruses, on their website. However, if you run its uninstaller, it tells you that if you switch the protection to Performance mode, it can be used with another product too.
Is Webroot SecureAnywhere compatible with other antivirus software?

The short answer:
Yes!

The long answer:
Although security software companies have, traditionally, advised against running multiple antivirus programs on the same computer, this rule does not hold true for Webroot SecureAnywhere. The reason for such recommendations involved the way traditional antivirus programs run. SecureAnywhere is different.

Most antivirus software is very aggressive. When an antivirus program scans a file, it accesses that file and locks it until the scan is complete, so other programs can’t access it. If multiple real-time antivirus scanners are installed on the same system, the secondary system will attempt to scan the file the moment it is accessed by the first scan. Now, both programs are competing to scan the file. Depending on the aggressiveness of each program, one may detect the conflict as an “attack” and attempt to block the offending process. Now, the two antivirus programs are not only competing for the same file, but are actively working against one another. This causes a strong struggle for resources on your computer that can drastically impact system performance, and can leave your system more vulnerable to malware attacks.

Antispyware software, on the other hand, is non-aggressive toward antivirus software. While it may try to lock files being actively scanned, it will not compete with an antivirus program when the latter attempts to block or take control of a file. This is why antispyware applications can run alongside most antivirus protection without issue.

As mentioned above, Webroot SecureAnywhere works differently from other virus protection. SecureAnywhere does not rely on the customary system of definition sets to make determinations. Instead, this new program examines file behavior and system interaction closely to determine if files are malicious or not. Only files that present risk are examined.

Using the same advanced behavioral detection that determines which files are malicious, SecureAnywhere is able to recognize other virus protection software on your computer as one of “the good guys.” This means SecureAnywhere won’t block with on-access scanning or try to break through legitimate lockouts. In this way, potential software conflicts, and the resulting system slowness and vulnerability, can be avoided. You can run SecureAnywhere alongside another antivirus program safely.
Click to expand...

Webroot Support

answers.webroot.com answers.webroot.com
 
  • Like
Reactions: Andy Ful
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,919
I am not sure.
With all due respect to the guy from Webroot support, he/she missed some important possible issues. Although Webroot can be friendly to other AVs, there is no proof that other AVs must be friendly to Webroot. Furthermore, malware behavior can be unusual when another AV is installed, which may impair Webroot behavioral protection. Finally, another AV can impair Webroot's rollback feature. (y)
 
Last edited:
  • Like
Reactions: piquiteco

Similar threads

Gandalf_The_Grey
    • Like
    • Hundred Points
    • Love
AVLab.pl Advanced In-The-Wild Malware Test – January 2025
Replies
3
Views
1,487
Security Statistics and Reports
oldschool
oldschool
Adrian Ścibor
    • Like
    • Thanks
    • +Reputation
AVLab.pl Product Of The Year 2025 – Summary of Advanced In-The-Wild Malware Test
Replies
16
Views
1,964
Security Statistics and Reports
mlnevese
mlnevese
Gandalf_The_Grey
    • Like
    • Applause
    • Thanks
AVLab.pl Advanced In-The-Wild Malware Test – November 2024
Replies
37
Views
3,706
Security Statistics and Reports
mlnevese
mlnevese

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top