How WSA works

Umbra

Level 85
Content Creator
Trusted
Joined
May 16, 2011
Messages
17,961
OS
Windows 10
Antivirus
Default-Deny
#21
Does that mean that Webroot no longer has a file to monitor and all logging is discarded? If so, maybe it's a bad idea to have a secondary scanner when you're using Webroot.
the malware is indeed not monitored but the changes it did still journaled, i presume the rollback is still possible.
 

bjm_

Level 3
Joined
May 17, 2015
Messages
139
OS
Windows 10
Antivirus
Microsoft
#24
WICAR.org - Test Your Anti-Malware Solution!
Each test will open up a new browser window at http: //www. wicar. org/test-malware. html. You may wish to try each test systematically. Ideally, all tests should be blocked by your anti-malware defenses. If a blank window loads, then it likely was not detected/prevented.
Seems, I get blank windows...for all tests except EICAR anti-virus test file.

Why all the blank windows w/wo SSL Test Payloads.

If a blank window loads, then exploit was likely was not detected/prevented.

I was expecting successful "block" events where Webroot has detected and blocked sample exploits.

Are Wicar.org test-malware with no successful "block" events anything to be concerned about?

Thanks
 
Last edited:

bjm_

Level 3
Joined
May 17, 2015
Messages
139
OS
Windows 10
Antivirus
Microsoft
#25
Seems, I get blank windows...for all tests except EICAR anti-virus test file.

Why all the blank windows w/wo SSL Test Payloads.

If a blank window loads, then exploit was likely was not detected/prevented.

I was expecting successful "block" events where Webroot has detected and blocked sample exploits.

Are Wicar.org test-malware with no successful "block" events anything to be concerned about?

Thanks
answering my message #24
Webroot Support advised that Webroot blocks the test-malware domain, not the tests.
The core domain that launches the additional tab is successfully blocked and classified.
WSA is not an anti-exploit type tool, and as such provides blocking tech in the form of the BrightCloud reputation service. Webroot Support