Skip to main content
We welcome the Webroot scanner to VirusTotal. This is a machine learning engine from the US. In the words of the company:

 

"Webroot SecureAnywhere Business Endpoint Protection is a cloud-driven anti-malware solution and was the first next generation solution to offer a full replacement to conventional AV when launched in 2011.

Rather than rely on static signatures to identify malicious files and process, Webroot uses real-time monitoring and analysis of the events occurring within a device. Then, by using the extensive resources of cloud-based computing, threat and behavioral intelligence, Webroot is able to predict with negligible false positives any signs of malicious behavior. Windows PE files submitted to VirusTotal will be processed by the Webroot PE Scanner, non-PE files will not be scanned.”



Webroot has expressed its commitment to follow the recommendations of AMTSO and, in compliance with our policy, facilitates this review by MRG Effitas, an AMTSO-member tester.

 

http://blog.virustotal.com/2017/02/virustotal-webroot.html
@ wrote:

Thanks Paul for explaining the Webroot PE Scanner on Virus Total. One question though, what exactly does PE stand for?

 

The Portable Executable (PE) format is a file format for executables, object code, DLLs, FON Font files,[1] and others used in 32-bit and 64-bit versions of Windows operating systems. The PE format is a data structure that encapsulates the information necessary for the Windows OS loader to manage the wrapped executable code. This includes dynamic library references for linking, API export and import tables, resource management data and thread-local storage (TLS) data. On NT operating systems, the PE format is used for EXE, DLL, SYS (device driver), and other file types. The Extensible Firmware Interface (EFI) specification states that PE is the standard executable format in EFI environments.

 

https://en.wikipedia.org/wiki/Portable_Executable

 

http://blog.virustotal.com/2017/02/virustotal-webroot.html
Thanks TH. 😃
Pigs fly and miracles do happen!   Must have been a cold day there for this to finally happen.

/me is picking his jaw up from the floor.  :mansurprised:

 

 

 

 
@ wrote:

Pigs fly and miracles do happen!   Must have been a cold day there for this to finally happen.

/me is picking his jaw up from the floor.  :mansurprised:

 

 

 

 

That's how I feel.....I thought it would never happen by some Webroot Staff I have talked to over the years. But I guess Times change.....
@ wrote:

It's a commandline scanner which is not publicly available.  It's leverages our cloud in a similar way to our SecureAnywhere product, but is missing many efficacy components seen in our production agent, which could lead to samples being potentially missed via VT vs. the public SecureAnywhere agent. Hence we have named the VT Scanner, Webroot PE Scanner, to ensure differentiation.

 

If in doubt, use our agent.

 

Paul

To add to what Paul said, all of the scanners on VT are commandline scanners and the results from any of the scanners on VT may differ from publicly available products. 

 

I highly recommend reading the About page on VirusTotal, particularly the "Important notes and remarks" section.

 

-Dan
FINALLY it has happened for webroot too! nice for this company for getting this kind of recognition after all these years of hard labour!!! 😛
@ wrote:

The antivirus result displays a green circle with a white tick mark, what does this mean?





VirusTotal makes use of the symbol to indicate that the given file was not detected in any way by the antivirus under consideration. We do not use the word "clean" or "innocuous" because antivirus solutions do not tell you whether a file is goodware, they just flag maliciousness.

https://www.virustotal.com/en/faq/

The new VirusTotal website is available here. Google says the new interface is still under testing and it might change prior to its official launch.

Will we see BrightCloud URL determinations available on VT?

Reply


Terms & Conditions