I am currently conducting a trial of Webroot installed at a remote office in Malaysia, from Australia. Yesterday I received an email that one of the PC's there had been "Attacked", and checking the console this morning I see the message :
Alert 1 Endpoint needs attention We recommend you check whether this endpoint has automatic remediation enabled on the assigned policy.
The endpoint shows as "Infected" by Malware called "W32.Rogue.32". The PC was last seen yesterday afternoon, a few minutes after the Malware was detected. There is no clean scan recorded.
My question is : How do I know what action was taken by Webroot, or do I have to assume the file was quarantined ? There does not seem to be any way to see a log of the actions performed either successfully or not.
I find the message "Infected" rather alarming as it implies there is still an infection .....
Best answer by ShawnView original