App Review Webroot SecureAnywhere Complete 2025

[Shadowra]

Content source

https://odysee.com/@Shadowra:f/Webroot-SecureAnywhere-Complete-2025:1

Webroot is an American anti-malware company, formerly known for its anti-spyware software, SpySweeper.
In the past, Webroot developed its anti-spyware to combat adware, rogue software, spyware, etc.
A few years ago, the company acquired one of its competitors, PrevX, one of the few anti-malware programs based on a cloud-based threat emulation approach.
This gave rise to SecureAnywhere, an ultra-lightweight antivirus that is 100% cloud-based.
Unfortunately, in my tests, Webroot has always been in the shadows, failing every time.
Let's hope it can turn the situation around!



Interface :

Webroot has kept the same interface for several years.
Although I still love its minimalist design, I would have liked to see some changes.
I think Webroot leaves it as it is so as not to confuse new users, which I can understand.
The antivirus is still very lightweight, but I'm surprised that it doesn't install its extension on Edge automatically, which I've now done myself.

Web protection: 9/9
Webroot blocks all malicious links.
A URL that is not functional.

Fake crack : 1/1
Blocked by Webroot's Anti-Malware engine

Malware Pack : Remaining 34 threats out of 75
Catastrophic result.
Despite some blockages and signs of resistance from Webroot, the machine fell victim to FileLocker Razrusheniye ransomware.
All files were encrypted, making it impossible to continue the test and verify infections...

Final scan : PC encrypted

Final opinion:

Webroot offers uneven protection: Excellent on the web but disastrous locally, leaving the machine at the mercy of ransomware.
Webroot tries to defend itself, but its anti-malware database and advanced protections are still too weak.
More effort is needed; still not recommended.

 

[Khushal]

Webroot is an American anti-malware company, formerly known for its anti-spyware software, SpySweeper.
In the past, Webroot developed its anti-spyware to combat adware, rogue software, spyware, etc.
A few years ago, the company acquired one of its competitors, PrevX, one of the few anti-malware programs based on a cloud-based threat emulation approach.
This gave rise to SecureAnywhere, an ultra-lightweight antivirus that is 100% cloud-based.
Unfortunately, in my tests, Webroot has always been in the shadows, failing every time.
Let's hope it can turn the situation around!



Interface :

Webroot has kept the same interface for several years.
Although I still love its minimalist design, I would have liked to see some changes.
I think Webroot leaves it as it is so as not to confuse new users, which I can understand.
The antivirus is still very lightweight, but I'm surprised that it doesn't install its extension on Edge automatically, which I've now done myself.

Web protection: 9/9
Webroot blocks all malicious links.
A URL that is not functional.

Fake crack : 1/1
Blocked by Webroot's Anti-Malware engine

Malware Pack : Remaining 34 threats out of 75
Catastrophic result.
Despite some blockages and signs of resistance from Webroot, the machine fell victim to FileLocker Razrusheniye ransomware.
All files were encrypted, making it impossible to continue the test and verify infections...

Final scan : PC encrypted

Final opinion:

Webroot offers uneven protection: Excellent on the web but disastrous locally, leaving the machine at the mercy of ransomware.
Webroot tries to defend itself, but its anti-malware database and advanced protections are still too weak.
More effort is needed; still not recommended.

Thank You for the test!
Results on expected lines and in accordance with my own results.

 

[DDE_Server]

Thanks for the test @Shadowra Much appreciated

 

[Digmor Crusher]

Thanks as always for this.

 

[stonjean633]

The only pro for me with WR is being lightweight. Detection,Pricing wise will make you look for other AV.

 

[Divergent]

I wonder how this product would fare in a more realistic test. For instance, what if all samples were delivered through a true infection route, and AutoPlay for external devices was disabled? Obviously, if it failed to protect the system under those conditions, my question would be answered. But until it's tested that way, I remain curious about its real-world performance.

 

[Shadowra]

I wonder how this product would fare in a more realistic test. For instance, what if all samples were delivered through a true infection route, and AutoPlay for external devices was disabled? Obviously, if it failed to protect the system under those conditions, my question would be answered. But until it's tested that way, I remain curious about its real-world performance.

I do not configure protections unless requested or if a setting should have been enabled (such as PUP scanning).
For Webroot, I don't think it would have reacted, as this ransomware came via malicious JS.

 

[Trident]

I do not configure protections unless requested or if a setting should have been enabled (such as PUP scanning).
For Webroot, I don't think it would have reacted, as this ransomware came via malicious JS.

The evasion shield reacts in the cases where the script uses obvious “garbage” (high ratio of non-alpha-numeric characters and so on), otherwise it doesn’t do much.

Also, the reputation-based security naturally sees wscript.exe (highly-trusted) and just lets it be and do whatever it wants. These are the limitations of relying too much on reputation (specially when you haven’t many other cards up your sleeve).

 

[Divergent]

I do not configure protections unless requested or if a setting should have been enabled (such as PUP scanning).
For Webroot, I don't think it would have reacted, as this ransomware came via malicious JS.

I can see the logic in your conclusion. However, from a procedural standpoint, we can't consider it confirmed without more rigorous testing. While the sample you mentioned is an interesting case, it's not representative enough to form the basis of a broad recommendation. I just want to make sure we're on solid ground with our evidence before we advise anyone.

 

[Divergent]

Just to be clear, I’m not knocking or attacking your test, @Shadowra. I know that Webroot is not up to par, I tested it repeatedly back in the day. Its rollback function failed almost every time. I saw malware walk right past the web filter into the machine. I also saw Webroot itself lock up with the message “please wait for the product to respond” due to an infection.

That said, as many of you know, I used to be the Malware Hub Moderator. I designed the testing methodology from what was originally just a right-click context scan. Because of the wide range of tester abilities, a blanket ruleset was established. True route-infection testing was deemed unsafe for many testers, so the static/dynamic testing methodology that was present was built upon this.

Many developers had issues with it, and for good reason, the tests did not properly represent real-world scenarios. They were, to be honest, more like special case study tests. Looking back now, I realize I made a major error by not establishing a stronger disclaimer on those tests to prevent them from being used for recommendations or as reflections on products. For this, I apologize to the vendors and followers of those tests and to the forum and guests in general.

This is why I now advocate that if testing is not done properly, even for safety reasons, clear disclaimers must be included, and recommendations should be worded carefully to address the limitations of such testing. The tests themselves still hold some value, and of course they are entertaining for forum users. But to be fair to the products, the companies’ reputations, and this forum’s reputation, we need to address this properly.

 

[bazang]

The funniest, or most ironic, part of the Webroot saga is the WhatAboutism with Comodo.

Webroot is gutter sewage runoff compared to Comodo, but any Comodo thread creates mayhem and ruin.

 

[annaegorov]

It's just time to say "NO"

 

[cartaphilus]

Webroot is an American anti-malware company, formerly known for its anti-spyware software, SpySweeper.
In the past, Webroot developed its anti-spyware to combat adware, rogue software, spyware, etc.
A few years ago, the company acquired one of its competitors, PrevX, one of the few anti-malware programs based on a cloud-based threat emulation approach.
This gave rise to SecureAnywhere, an ultra-lightweight antivirus that is 100% cloud-based.
Unfortunately, in my tests, Webroot has always been in the shadows, failing every time.
Let's hope it can turn the situation around!



Interface :

Webroot has kept the same interface for several years.
Although I still love its minimalist design, I would have liked to see some changes.
I think Webroot leaves it as it is so as not to confuse new users, which I can understand.
The antivirus is still very lightweight, but I'm surprised that it doesn't install its extension on Edge automatically, which I've now done myself.

Web protection: 9/9
Webroot blocks all malicious links.
A URL that is not functional.

Fake crack : 1/1
Blocked by Webroot's Anti-Malware engine

Malware Pack : Remaining 34 threats out of 75
Catastrophic result.
Despite some blockages and signs of resistance from Webroot, the machine fell victim to FileLocker Razrusheniye ransomware.
All files were encrypted, making it impossible to continue the test and verify infections...

Final scan : PC encrypted

Final opinion:

Webroot offers uneven protection: Excellent on the web but disastrous locally, leaving the machine at the mercy of ransomware.
Webroot tries to defend itself, but its anti-malware database and advanced protections are still too weak.
More effort is needed; still not recommended.

They were better managed when they were ran by spooks

 

[cartaphilus]

Webroot is an American anti-malware company, formerly known for its anti-spyware software, SpySweeper.
In the past, Webroot developed its anti-spyware to combat adware, rogue software, spyware, etc.
A few years ago, the company acquired one of its competitors, PrevX, one of the few anti-malware programs based on a cloud-based threat emulation approach.
This gave rise to SecureAnywhere, an ultra-lightweight antivirus that is 100% cloud-based.
Unfortunately, in my tests, Webroot has always been in the shadows, failing every time.
Let's hope it can turn the situation around!



Interface :

Webroot has kept the same interface for several years.
Although I still love its minimalist design, I would have liked to see some changes.
I think Webroot leaves it as it is so as not to confuse new users, which I can understand.
The antivirus is still very lightweight, but I'm surprised that it doesn't install its extension on Edge automatically, which I've now done myself.

Web protection: 9/9
Webroot blocks all malicious links.
A URL that is not functional.

Fake crack : 1/1
Blocked by Webroot's Anti-Malware engine

Malware Pack : Remaining 34 threats out of 75
Catastrophic result.
Despite some blockages and signs of resistance from Webroot, the machine fell victim to FileLocker Razrusheniye ransomware.
All files were encrypted, making it impossible to continue the test and verify infections...

Final scan : PC encrypted

Final opinion:

Webroot offers uneven protection: Excellent on the web but disastrous locally, leaving the machine at the mercy of ransomware.
Webroot tries to defend itself, but its anti-malware database and advanced protections are still too weak.
More effort is needed; still not recommended.

Something that I always wondered in those failed test; by "those" I don't mean only webroot but any well known AV that failed.

Would other major AV i.e ESET, bit defender, mcaffe, kav? Fair any differently when placed against those infections within that snapshot of time? Of course no civilian is allowed to time travel thus such questions are just gedankenexperiment.

 

[Shadowra]

Something that I always wondered in those failed test; by "those" I don't mean only webroot but any well known AV that failed.

Would other major AV i.e ESET, bit defender, mcaffe, kav? Fair any differently when placed against those infections within that snapshot of time? Of course no civilian is allowed to time travel thus such questions are just gedankenexperiment.

Some companies such as ESET, Bitdefender, and Kaspersky are quite responsive when it comes to adding undetected malware.
I always try to send the packs to the publishers I test—only those that the antivirus has not detected.
Webroot is quite slow to add them; I have seen several pieces of malware added several days later...

 

[cartaphilus]

Some companies such as ESET, Bitdefender, and Kaspersky are quite responsive when it comes to adding undetected malware.
I always try to send the packs to the publishers I test—only those that the antivirus has not detected.
Webroot is quite slow to add them; I have seen several pieces of malware added several days later...

Yeah hence the snapshot in time comment.

Today's solutions relay on active net connection some more than others. Thus one can not be 100% certain if one solution detected it perfectly because it was an unknown file that acted malicious in AV eyes? (Generic or .like detection before assigning it solid name) Or did it detect it because it was seen by solution B and thus allowing solution A to feed of that intelligence layer?

Only performing all tests at the same snapshot in time can provide a near 100% not detected by A but would have been detected by B statement. (Non of this is meant to be taken as criticism it's just something that is always in the back of my mind)

I am just rumbling here and most likely not making any sense.


Edit: oh wait, did you mean that you send the pack to all AVs while the test is being ran? Or do you provide the AVs with the malware pack after the test? Or do you test them all in VT prior to testing?

I apologize in advance for my stupidity; today is my mentally slow day. I told my brain to take a hike.

 

[Shadowra]

oh wait, did you mean that you send the pack to all AVs while the test is being ran? Or do you provide the AVs with the malware pack after the test? Or do you test them all in VT prior to testing?

I apologize in advance for my stupidity; today is my mentally slow day. I told my brain to take a hike.

Everything is sent after the test