Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Security Statistics and Reports
Advanced In-The-Wild Malware Test results for March 2025
Message
<blockquote data-quote="Andy Ful" data-source="post: 1123849" data-attributes="member: 32260"><p>I do not think Webroot can do better than in this test (without WHHLight):</p><p>[URL unfurl="true"]https://malwaretips.com/threads/webroot-secureanywhere-2024-with-whhlight-wihout-whhlight.132634/[/URL]</p><p></p><p>Against evasive threats, Webroot needs additional protection (like WHHLight, CyberLock, etc.). The result could probably be OK, even when WHHLight was used without WDAC (only SimpleWindowsHardening restrictions for non-EXE threats).</p><p></p><p>If Shadowra wants to make another test, it would be interesting to test EXE files separately. Unfortunately, the rollback feature can be triggered after some minutes. So, after the test, it would be necessary to wait an hour or more (depending on the number of executed samples) and restart the system before checking for possible infections.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite111" alt=":(" title="Frown :(" loading="lazy" data-shortname=":(" /></p><p></p><p>The "wait-and-see approach" of Webroot is hard to test when the samples are executed one after the other. Many samples are actually executed in the system and are allowed to make many suspicious changes. So, the samples executed later are more evasive as compared to the test when each sample is executed on a clean machine, like in AVLab and SE Labs tests. This issue is not so important to other AVs, which have much better malware signatures (local and in the cloud) and pre-execution detection.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 1123849, member: 32260"] I do not think Webroot can do better than in this test (without WHHLight): [URL unfurl="true"]https://malwaretips.com/threads/webroot-secureanywhere-2024-with-whhlight-wihout-whhlight.132634/[/URL] Against evasive threats, Webroot needs additional protection (like WHHLight, CyberLock, etc.). The result could probably be OK, even when WHHLight was used without WDAC (only SimpleWindowsHardening restrictions for non-EXE threats). If Shadowra wants to make another test, it would be interesting to test EXE files separately. Unfortunately, the rollback feature can be triggered after some minutes. So, after the test, it would be necessary to wait an hour or more (depending on the number of executed samples) and restart the system before checking for possible infections.:( The "wait-and-see approach" of Webroot is hard to test when the samples are executed one after the other. Many samples are actually executed in the system and are allowed to make many suspicious changes. So, the samples executed later are more evasive as compared to the test when each sample is executed on a clean machine, like in AVLab and SE Labs tests. This issue is not so important to other AVs, which have much better malware signatures (local and in the cloud) and pre-execution detection. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
