To Customer Support To Customer Support
Solved

Got Ransomware

  • 6 March 2018
  • 7 replies
  • 290 views
R
Rank
I have webroot endpoint protecton installed on my company's server but still got Ransomware. Now I have to restore from a backup and lose yesterdays data. My employer is not happy at this time..I may be murdered by days end..
This is what we got:
https://www.removemalwarefrompc.com/get-rid-crypted_zerwixairmail_cc-virus-remove-ransomware-recover-files#Phase 1
I need to know why this happened..I thought Webroot was supposed to protect against this stuff..
Edit: I can see that the last scan was done on Mar 3rd even though I have it set to run each day at 2:00AM"When resources are available"..I dont know if the "when resources are available" have anything to do with it but it needs to run every night regardless...
icon

Best answer by TripleHelix 6 March 2018, 16:47

View original

7 replies

TripleHelix
Rank
Userlevel 7
Badge +63
With any type of Infection and even Ransomware you should Contact support as in most cases they can help you as WSA has Monitoring with Rollback feature: Webroot Customer Service 
 
See these Video's: https://www.youtube.com/watch?v=4Wm1K4FmWqU
 
https://www.youtube.com/watch?v=qy5o2wIwUDk
 
Thanks,
 
Daniel
Daniel - Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station"
S
Why is this post marked as "solved"?????
Once again this proves Webroot inefficiencies in fighting ransomware.
Ssherjj
Rank
Userlevel 7
Badge +62
@ wrote:
Why is this post marked as "solved"?????
Once again this proves Webroot inefficiencies in fighting ransomware.
Hello solved,
 
Welcome to the Webroot Community,
 
There isn't a AntiVirus that protects us 100% of the time. Webroot does have a Rollback Feature  and the Webroot Support Team can handle this. New Ransomeware comes out everyday...
 
The key...however good one's defences are, is to make sure, that one has a backup or, better still, a recent full image of one's disk(s)...so that if disaster does strike then at least one can revert to a pre-infection state.
 
Webroot uses the journaled data to undo every action by the program, including encrypting files. The company does warn that the journal database isn't unlimited in size, and advises keeping all important files backed up.
 
Kind regards,
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
R
Rank
It looks like the attack may have been through RDP. A weak password on a user may have been hacked.
Ssherjj
Rank
Userlevel 7
Badge +62
@ wrote:
It looks like the attack may have been through RDP. A weak password on a user may have been hacked.
Thank you rich33584 for your input! 😃 Much appreciated!
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
TripleHelix
Rank
Userlevel 7
Badge +63
@wrote:
Why is this post marked as "solved"?????
Once again this proves Webroot inefficiencies in fighting ransomware.
If you notice what I said "you should Contact support as in most cases they can help you" as Sherry said no AV is perfect but there is always a chance with Webroot SecureAnywhere.
 
Thanks,
 
Daniel
Daniel - Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station"
S
"... installed on my company's server "
 
Do you really expect that the OP will give access to the company server????
 
If "WSA has Monitoring with Rollback feature" is not a fake thing, should work without customer service intervention.
 

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.