AV-Comparatives June Test

[Atlas147]

Not very long a webroot paid customer, but i haven't experienced any bad support from them. Even if this article is 4 years old, it still applies to up-to-date WSA versions, and how it works (confirmed by Triple Helix) Webroot Bulletin Regarding AV-Comparatives Results - Webroot Threat Blog Not a fanboy, but i don't feel like they deserve such critique

Feels like they are taking the same approach as Comodo, sandbox everything so nothing can harm anything else. This could prove to be a disadvantage because certain legitimate applications won't be able to run in a sandboxed environment. Or in this case, can WRSA really reverse all changes made to the system? Even if the master boot record were to be completely wiped by ransomware? I believe there are certain limitations to WRSA's rollback protection system and they cannot complete rely on waiting for classification before killing the malware. Prevention is better than a cure.

 

[hjlbx]

"WSA will automatically remove the infection and restore the system perfectly to a pre-infection state."

"all system changes would have been reversed automatically."

Above is from linked WSA article.

Here is problem: The way Webroot markets their product, people expect WSA to behave in a certain way - whereas Webroot means something else. It is word-games.

What Webroot does not tell you is that the journaling & rollback will NOT remove every single folder\file created during an infection; some might be left on system - but albeit inactive unless user launches any executable remnants. It also cannot rollback certain types of infections.

WSA will not roll-back any brow.lock, for example... LOL. WSA doesn't journal these types of infections - but everyone thinks it will due to the way Webroot makes statements about their product.

"While detection is certainly very important, actually blocking the vectors of attack used by malware is what the goal of security software should really be."

Smart statement... but, then, why doesn't Webroot follow this statement ?

Any how, with Webroot any criticism is "unfair" to them and their product.

 

[NullByte]

BitDefender also has a "rollback" option but it's not working that well. From what I know it has to do with AVC or something like that.

 

[hjlbx]

BitDefender also has a "rollback" option but it's not working that well. From what I know it has to do with AVC or something like that.

So does COMODO (Viruscope) and Kaspersky (System Watcher) - and both of those don't meet user expectations because both vendors do not fully explain what those features can and cannot do...

Vendors are not always completely forthright with details and the end result is users are disappointed and their products get (justifiably in such cases) bashed.

 

[Evjl's Rain]

So does COMODO (Viruscope) and Kaspersky (System Watcher) - and both of those don't meet user expectations because both vendors do not fully explain what those features can and cannot do...

Vendors are not always completely forthright with details and the end result is users are disappointed and their products get (justifiably in such cases) bashed.

I feel like this feature breaks my pc more than what it can protect. After a few times clicking rollback from Kaspersky, I have some problem with my laptop even repairing from iso file, sfc and windows repair (app) can't fix. Moreover, it broke my google chrome and forced me to completely uninstall and reininstall it after a rollback

 

[jamescv7]

Regarding on FP's.

AV-Comparatives should release regular False-Alarm test follow by detailed files which are mistakenly flag (including prevalence rate), usually many AV's are confuse on Critical File systems and even installer of Microsoft.