Av-comparatives April results

Discussion in 'Prevx Releases' started by darts, May 15, 2012.

Thread Status:
Not open for further replies.
  1. Tsast42

    Tsast42 Registered Member

    Joined:
    May 7, 2012
    Posts:
    137
    Location:
    United Kingdom
    My suggestion for improving performance is to release a free version with limited functionality. Similar to Prevx 3 but with Webroot's marketing power. Revenues wouldn't suffer as present customers aren't going to stop paying for the Prevx/Webroot guarantee to remove malware; WSA Free would be run by new users attracted by the option of running a super-lightweight real-time complement to their existing anti-virus to improve their detection. The benefit to Webroot of the ensuing wider user base - aside from getting a foot in the door - would be an improved real-world database which would improve detection rates, hence increasing the value of the product and encouraging more customers. Win win all round :)
     
  2. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    Correction: Mongol didn't make the SBitdefender statement...
     
    Last edited: May 24, 2012
  3. Muddy3

    Muddy3 Registered Member

    Joined:
    May 31, 2010
    Posts:
    415
    Location:
    Belgium
    (post 73)

    I'm no great computer expert, but one thing I've picked up here is that WSA is able to happily coexist with other AV's precisely because when another resident AV detects a malware, WSA quietly takes a back seat, that is, it sits back and lets the other AV go ahead and clean up the malware, rather than fighting with it for supremacy and so creating a conflict between 2 AV's.

    Have you tried setting up WSA as a standalone on another machine, and then let the same malware infiltrate that machine? See what happens. Chances are, WSA will react very differently in this situation.
     
  4. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    You got something most customers would be thrilled to get - a direct offer of help from one of Webroots top developers. you ignored it. He simply asked for a scan log and far as I can tell you refused it. You prefer to go on about countless attacks with mystery malware and how Webroot is crap. Have you asked for a refund?. I wash my hands...have yourself a good day...:rolleyes: :cautious:
     
    Last edited: May 24, 2012
  5. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Indeed was me, and it was SbitDefender but I also love the new name metioned by GrammatonCleric - SitDefender - LOL :D :D

    Btw, mine was not a post against that brand. I just didn't want to mention the commercial name of those programs. Since this is the typical approach of trolls; Brand X is crap just use Brand Y, it is the best.
     
  6. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    815
    Location:
    A Non-Sh*thole State
    I'm staying OUT of it......:cool:
     
  7. Music4Ever

    Music4Ever Registered Member

    Joined:
    Jan 17, 2012
    Posts:
    19
    Location:
    England
    Well after reading this thread I must be doing something wrong:

    I've used WSA for 6 months or so, I have 1600+ bookmarks & spend a fair bit of time on the net on many differant sites & recently (just over a week ago) gave Norton Internet Security a try, more out of interest than anything, it found nothing whatsoever & was a pain in the bum to be frank with widget after widget - i was quite very happy to see the back of it & imaged back to before it was installed so nothing left of it.

    I run full Mbam on all 3 PC's, Mbam never finds anything (maybe a couple of times in years). I also bought some time ago a lifetime licence of Trojan Remover that resides on my main PC that never finds anything either. I also have 3 lifetime licenses to SuperAntiSpyware, I can run that in real time or scan occasionally. SAS never finds anything either.

    I have a 100MegBit fibre connection that’s on 24/7 - BTW: I'm also no angel.

    I'm very happy with Webroot and OK in the review this thread is about Webroot didn't do so well but you don't throw the baby out with the bathwater because of a single review or indeed more than one. Most people on here seems pleased with WSA & I still feel it's a good AV (and I've tried most) & tell others of my opinion.

    I also run once a month the free TDSSKiller, that I update as & when required, that has never found anything either. In almost 17 years of using the net 'I believe' I have had just one infection which was a worm that wasn't stopped by AV's.

    Two thoughts occur to me: I'm either lying totally (I'm not) or my PC's have been 100% taken over by the Devil himself & any anti-malware scans I do have been removed & replaced by animated screen-shots that show clean PC's.
    These who format & reinstall often, why not use imaging software then if things get really messed up just image back, it works well - (that's my ten pence worth anyway) Edited for grammar.
     
    Last edited: May 25, 2012
  8. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    Same here, I ran Prevx 3 for a few years then moved to WSA after the change. I've had a few false positives which were fixed within a few hours. None of my other on hand scanners find anything. A pretty darn good product I have to say and always moving forward...:thumb:
     
  9. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,254
    Location:
    Texas
    For those wanting to hang Webroot, remember PC Magazine gave Editor's Choice top Internet Security Suites for 2012 to Webroot and Norton (one month ago). I doubt that they have regressed since then. :thumb:
     
  10. No_script

    No_script Registered Member

    Joined:
    May 12, 2012
    Posts:
    97

    You do know tha PCmag is a pile of crap, you pay them to write positive reviews.

    Some constructive criticism. Please enable these features.

    Firewall - block port scanning, block ICMP ping, enable utility to view outgoing connections with the ability to close rouge ones, kill switch to cut of the net completley, option to block all ports windows has open by defult, block all appdata & temporary files from connecting to the internet no matter what.

    Improve your rootkit detection rates!!! This is a must, invest in detecting this type of malware.

    Monitor system processes by defult instead of allowing them to be free to do what they want. Improve your heuristics options more needs to be including down to specific file types like .exe & .sys.

    Improve the cleaner with the option to automatically clean browser history and temp files on exit.

    Thats all for now.
     
  11. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    You're definitely mistaken there - PC Mag is completely unbiased from the vendors. They test everyone and no one pays them anything except their subscribers.

    Most of these are already in place or can be configured very easily within WSA as it stands today. I recommend that you go through the help file or look at the UI a bit closer. In particular: PC Security - Firewall - View Network Applications. You can then double click on individual applications and watch for them to perform network events, and create custom rules based on those events (by right clicking on them).

    We always are, but I think we're doing pretty well as we are today with 98% from the just-released AV-test report.

    No process is every fully trusted, including system files, so this is already in place. Filetypes are irrelevant to what a program actually does. It can be named with any file extension. You can further configure exactly how you want WSA to respond through Settings - Heuristics.

    This is on the list for the next version of the system cleaner tool but in the meantime, most browsers support it as a built-in feature.

    I still haven't received a scan log from your system so if you do happen to have one, I'd appreciate it :)
     
  12. No_script

    No_script Registered Member

    Joined:
    May 12, 2012
    Posts:
    97

    Yes but you need to make it clear to people, tick this box to block portscanning, tick that box to blow ICMP. tick box to block open windows ports, You don't specifically have these settings easily available to set. + the settings are on a different page, you need to put them directly beneath the firewall option so people don't miss it.

    & by defult system process are allowed so to speak, not monitored I think that needs to change because malware obviously hijacks proccesses.
     
  13. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    6,552
    Location:
    New York City
    Any update on what caused the April results?
    Thanks.
     
  14. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    We have an answer for a sizable portion of it, and possibly all of it, but we have some work to finish to get the exact delta between the change and to fully scope out its impact. We're waiting on another round of internal testing to get the initial change in place to begin reteaching some of the more important rules to execute in environments where a high number of infections have been identified previously.

    We're treading very cautiously with this as it is directly tied to logic affecting FPs in outbreak scenarios (or scenarios to stop any FPs if there is an illogical rule created). As this logic has been unchanged for ~9 months, we need to put our customers first over our test results.

    It may end up being one more month of negative results in favor of less false positives across our userbase (I think AV-C's May testing is currently underway or nearly finished, but I'm not certain).

    We should have everything close to final next week, and I'll let everyone know as soon as we do.

    Thanks again for the patience with this!
     
  15. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    6,552
    Location:
    New York City
    Your detailed response is very much appreciated.
    Thank you!
     
  16. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372

    My apologies then. Sorry I misunderstood your statement but now it is all clear on the western front.
     
  17. darts

    darts Registered Member

    Joined:
    Feb 19, 2009
    Posts:
    456
    Location:
    Netherlands
    Great feedback , we will wait then this week for your anwser what costs this bad test results.

    Greats,

    darts
     
  18. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    I went to a psychic healer and got a reading and asked her if Webroot SecureAnywhere is going to become one of the top PC security products and STAY at the top for the rest of its product life cycle...

    ...she didn't even know what it was (or anything about computers) when she came out of the reading trance but when I asked her and she was under she started murmuring Advanced+ and she said she saw chart after chart after chart of Webroot SecureAnywhere getting an Advanced+ and getting 5's and 6's on another testing website. (I inferred that was AV-Test xD)

    But then she said she was connecting with a deceased security expert and he said that his biggest regret in life was not being able to be working at Webroot right now and revolutionizing the security world.




    Ok, I'm kidding...but could you imagine? :D
     
  19. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    :D This happens more often than you would think!
     
  20. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    o_O What does? Someone going to a psychic reader and asking if a security product is going to do well?
     
  21. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I was kidding ;) :D
     
  22. No_script

    No_script Registered Member

    Joined:
    May 12, 2012
    Posts:
    97
    Took Webroot for another spin and it missed these.

    NMC.INFOSTEALER.SCRAPKUT
    NMC.SAULTY.G

    Not good.
     
    Last edited: May 28, 2012
  23. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Could you please send me a scan log to the email address I gave you as I've now requested a half dozen times?
     
  24. No_script

    No_script Registered Member

    Joined:
    May 12, 2012
    Posts:
    97
    LOL this is stupid, re-installed from hard drive image and I get 60 hits. Either their false positives or I've got a uber worm/virus.

    Sent you logs.
     
  25. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Based on the log file, you manually added dozens of files to be detected and proceeded to clean them up manually.

    Could you uninstall WSA, reboot, reinstall, and not change any of the configuration options from their defaults, including the firewall options? You also blocked legitimate Windows services from connecting online which would definitely cause other system problems.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.