One might question how those users of other AVs know they're infected if their chosen AV doesn't tell them they are? I guess secondary opinion from the likes of MBAM may help here, but not everyone knows of these, especially those not as knowledgeable as us. I think using Sandboxie as an example is flawed as technically you can get infected with Sandboxie installed; the difference is it's contained and therefore any infection can be removed when the process is terminated. As far as Wilders is concerned, one reason why it's quiet about possible Webroot infections is users new to here may not realise the Prevx forum is now also for Webroot product support. Also, time and again, users are advised to contact Support directly so more requests for help will/should go through that channel instead. Webroot certainly do have a hard task convincing people their methodology works, and there's no easy way to demonstrate than real-world usage i.e. trying it out on one's system. Because of the journaling and monitoring processes, if an unknown is later deemed to be malicious, a rollback routine is supposed to be actioned; I do think this will also explain to some extent why it's quiet in both forums as there's nothing for a user to see in the interim period between journaling and rollback. In other words, it looks like you don't know you've been infected until the said actions take place. (Obviously, Webroot does have alerts for known infections, and I've seen those; I'm talking about newer, unknown malware at the point of entry.) It is this journaling and rollback which is proving hard for people, and some testing organisations, to accept and understand. If they accept it is different then there has to be a way to test the product with the given parameters.