Please click here to see the most recent update.
UPDATE 4/28/17 11:45 a.m. MNT: We have 0 calls in queue on our phone line, and are working through about 80 tickets related to the False Positive repair utility. A good portion of those are simply awaiting customer verification.
Please note, the utility was built to address only this specific false positive issue. It will be deactivated in the future.
If applications are operating normally on your systems, you do not need to implement the utility.
If you haven’t yet submitted a support ticket and you need the repair utility, please do so here. Include your phone number as well with the support ticket.
Best answer by freydrewView original
Respectfully, circutbreakers are not adequate safeguards.
A safeguard is having a client that can authenticode verify files as being from Microsoft and whitelisting them. It's completely, utterly unacceptable that in 2017 you could quarantine a file signed by Microsoft's root authority. This is a glaring issue.
In fact, I submitted product feedback about this omission last year, warning that this would happen without enforced system file whitelisting. I was seemingly ignored.
You can read that feedback here: https:///t5/Webroot-SecureAnywhere-Antivirus/Product-defect-Critical-oversight-in-file-signing-via-catalog/m-p/259299#M26248
(EDIT for clarification: Note this specific recommendation would have only prevented the issues with Windows 10 Insider Preview)
Webroot's product team needs to go back to the basics of the product and review fundemental protections other vendors implement.
I tell people in my professional circles that I mostly approve of your product and quality control. This is not okay. And this isn't one person's fault, or just human error. Humans make mistakes. I make stupid mistakes and have bad judgement. But systems are supposed to be designed so those mistakes are mitigated.
Haven't gotten a release from quarantine or restore file via MD5 to work at all .
I sure hope the Webroot general restore from quaratine back to clients fixes the multiple of other clients we are seeing.
edit1: 1 hour 1:53 minutes.
edit2: 2 hours 19 minutes
Our agent is set to a 15 minute polling time but commands from the console are not being executed for well over 2 hours now.
The agent suggested uninstalling Webroot and then restoring or reinstalling the affected program. This was a laughable suggestion to be sure - except we didn't find it very humorous.
Seems like we found a major flaw in the underlying program. If the cloud console is having issues - then nothing can be done on the local agent in case of emergency. This is definitely something that will need to be reviewed and addressed moving forward.
We have found that sometimes you can refresh the agent, reboot the endpoint, and it will get the restore done.
then on the client rigth click the taskbar icon and refresh the config , click ok on pop up then open locally