Solved

Test Webroot....drenched

  • 30 April 2012
  • 4 replies
  • 56 views

Here is the link to the test, Webroot can not cope too well, you may need to draw any conclusions from this? But the fact is that it shows the program settings.
 
http://malwareresearchgroup.com/2011/12/12/latest-version-of-webroot-secure-anywhere-bypassed-by-mrg-effitas-fm-simulator/
icon

Best answer by JimM 30 April 2012, 18:11

View original

4 replies

Userlevel 6
I believe that was late 2011...a lot of changes since then. The recent tests back that up as the changes are coming quickly.
Userlevel 7
Badge +56
@ wrote:
I believe that was late 2011...a lot of changes since then. The recent tests back that up as the changes are coming quickly.
I agree with RompinRaider that was back then and now WSA's Identity Shield does past this Simulator without issues now! :D
 
TH
Userlevel 7
The failed result achieved by the test was last applicable in December.  Since then, Webroot SecureAnywhere (WSA) passes the test.  If you look at the comments on the YouTube video itself here, you can see that the group which posted the video even said in January, "That is what is being tested here. The latest version of WSA blocks this? simulator."  This would clearly indicate Webroot now passes their test.  They've also stated elsewhere that WSA passes the test now.  This isn't something to worry about anymore.
 
It's also worth noting that WSA generally doesn't care about simulators anyway.  A simulator doesn't always mimic behaviors of actual viruses closely enough to merit being picked up by heuristics.  We had a similar issue with Eicar in the past.  The files themselves don't actually pose any harm, and until you get to the point that what you're testing against actually creates a problem (which would be actual malware), it's like blaming the heuristics for doing too good of a job making a determination as to what truly constitutes a threat.  WSA now catches Eicar as well though, and these sort of hurdles are overcome as needed.
Thanks for the reply. This dispelled my doubts.

Reply