Webroot will just give their customary reply: "Oh, you just don't know how Webroot Secure Anywhere works..."
Ask Webroot: "Well, please explain how WSA works."
Webroot\fanboy reply: "Oh, we can't tell you that... it will give malc0ders ideas."
If Webroot participated in AV lab tests more often, then nobody would buy it. Webroot is smart with their sales agreement with Geek Squad - Best Buy.
In Webroot's defense I can say it actually works. How? I can not say because I don't know the big picture on how it protects. Why it works? Let me give an example.
I have this relative of mine who was always in fight with the PUPs. It was once every two months or so that I had to go and clean his computer from junkware. I tried different products - first Avast, then ESET and I think Panda Free "did time" there too. All result on some sort of stuff getting thru.
Now, after installing Webroot (been installed for 8 or so months now), I did not have high hopes. It's a beta product (I'm part of beta testing group) that has Web Filtering driver, so you don't need any web plugins or additions to be added to your browser.
So far, the machine has been as clean as ever. No traces of anything suspicious as I just checked it recently to confirm.
Of course since it's beta, it has this Web Filtering driver. But I believe that's one of the most crucial things that it has - it has blocked lots of websites and it's quite aggressive on PUP infested sites (that may come thru downloaders or ads etc).
So all in all, what matters is whole product performance. Yes, you can get malware file and execute it locally, but what if the malware was actually downloaded from web? Maybe it would have been caught before it even reaches PC.
On a sidenote, my malware testing with Webroot does not bring good results in detection, but I've seen in numerous cases that Webroot acts as some sort of mini-sandbox. It seems that while monitoring unknown files, Webroot does not grant those file full "freedom". Thus, it has avoided the infection to some level (even whilst file itself was able to run). I've confirmed it many times over and I think it's better than nothing or letting the files loose. Of course it should detect the files initially (in ideal case).
Moreover, I've seen it detect files that got past initially, about ~5 minutes later. Not all of them, but some. It really varies. So it confirms that their work methodology is actually quite good. Add Identity Shield and cleanup engine (that works after files get detected inside cloud) and you should be rock solid against all info stealers and malware (to some extent).
I like Webroot and I use it myself (mostly because of their Identity Shield)
Just my 2 cents
