Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,128 Topics
- 3,621 Replies
Malware name policy
Hi, I've been looking for a description of the naming policy for malwares detected by Webroot. I figured out that ".gen" means generic and have been blocked using heuristics. I also understand "pua" as "Potential unwanted application". There's a number of prefixes I could guess but it would be great to have a written description of post- and pre-fixes in the malware names. Is this avalible somewhere?
Alert/centrally audit on logon events
Can we alert or centrally audit on logon events? As the console login is not tied to our AD (or AzureAD or federated) we have to manually audit logons to the console. As anything manual becomes forgotten, can we alert on logons or pass the event to our logging system? The same goes for policy changes. Thanks, martin
Webroot gives a "moderate" warning on my site, I am wondering if there is a way to find out why.
Here is a screencast: [url=https://i.gyazo.com/4396ba386f273c72b4639b930d8dd1ea.gif]https://i.gyazo.com/4396ba386f273c72b4639b930d8dd1ea.gif[/url] Just wondering if there is a resource we can use to find out why this is happening. It is clear on all other validations that I know of other than this. The site is [url=http://www.pureorganicvapors.com]www.pureorganicvapors.com[/url] , Thanks!
Clients can't be queried by SBS2008
When viewing network computers in the SBS console all webroot secureanywhere clients show up as critical under the security status column. Scans are occurring fine and all clients show up nicely in the Webroot console but when I go to the Security tab in SBS Console I see under Virus protection for file system: - Client computers that cannot be queried. All clients are Win7 x64 and have the the default windows firewall policy applied. All DNS entries are solid and all other columns show up accurately in the SBS console. Any suggestions? Thanks
create an override for _all_ unknown files?
We have several files on our saystems which are unknown to WSA - Unknown processes are monitored so changes can be reversed. Main question: a) Is it advised to have really _all_ unknown files marked either as bad or good? additionla questions b) is the monitoring based on login session and will initial start on every reboot ? c) the list with unknown files in the webconsole is showing only the first "arriving" on the unknown file. what happens when webroot trusts that file - will this file then be also trusted in the reports? d) how can I aggregate the list of unknown files so i see how many times a unknown file is stored on our WSA protected systems? maybe some of the experts can give me some explanations. newmy
Hi, Is it possible to make scanexceptions for specific drives? This is very important for us, because all drives with driveletters G-Z are shared directory's on the server. For example drive G: on a workstation is a shared directory C:Data$ on the server, so its unnecessary that on all workstations the driveletter G: is scanning. That will save a lot of systemusage. Thanks in advance! Regards, Tim
Is anyone else having trouble loading the Gradecam plugin while Webroot is installed? We've whitelisted the .msi, the.dll and the .exe yet we still cannot run Gradecam with Webroot in the background. Once we pull the client off a workstation Gradecam works just fine. I'm open to suggestions.
False reports of trojans
gday again people, i have been having issues with a few nodes that keep reporting some files as being malware/trojans. All it says is. Determination:Bad Malware Group:W32.Trojan.Gen Global Popularity:14 Console Popularity:1 Determined:Feb 3 2015, 3:55 Filename:PDFVIEWER.EXE MD5:680BFAFC0B1019296B6915A149AAD64D Pathname:%cache% File Size:245.6 KB Product:WMI SNMP Provider Version:5.1.2600.5512 (xpsp.080413-2108) Can i ask where %cache% is as a relative file path? I also had one user have a file called SEX.exe but he denies all accountability and doesnt know what it is.
Unlabeled Checkbox Setting - SecureAnywhere for Mac OS X
Within Advanced Settings > Scan Settings > Scan Options, there are four checkboxes, one of which is not labeled. What does the blank/unlabeled checkbox do? The options listed are: [list] [*]Scan mounted drives [*]Scan for Windows threats[list] [*]Scan only Windows file extensions[/list] [*](No Label)[/list] [img]https://dl.dropboxusercontent.com/u/5536412/unlabeled-checkbox.png[/img] [ [i][url=https://dl.dropboxusercontent.com/u/5536412/unlabeled-checkbox.png]Link to full-sized screenshot[/url] [/i]] [u][b]OS/Software Information[/b][/u] [b]OS X Yosemite[/b] 10.10.2 [b]SecureAnywhere[/b] Version 18.104.22.168: 263 Web Filtering Version: 22.214.171.124 Password Manager Version: 126.96.36.199 Backup & Sync Version: 188.8.131.52
Hi, I am currently using Webroot secure anywhere. Today suddenly i found one malware on my USB drive, which shows my folders in it as short cuts and becomes inaccessible. I tried scanning it with webroot but didn't detect anything. Now any USB drive plugging to my lap top shows the same problem. Please Help. I plugged the same drive to another PC with Casperesky anti virus, then it reported infections detected and removed. Why Webroot is not detecting anything. I am really feel unsecure with webroot.
wrsa.exe and Win Server
Good Morning One of our customer tested WSA on Win Server and noticed that Webroot after logging out from 'Win Server Terminal Session' is not shutting down properly. The process wrsa.exe need to be killed manually. It is rather unwanted effect - maybe you guys know something about this?
SD card not being recognised
I put an SD card containing pictures into both my Windows basaed computers running Business Endpoint Protection - neither computer recongises the SD card - is this due to Webroot ? - if so can i disable the feature - i alreeadty disapble the USB Protect function to no avail
"The Device authorization requirement is not met on this device
[img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/18608i6F530ED14EB0ACFF.jpg[/img]This device has now been "deactivated." I re-sent a "Invite Code" but, the device displays "Deactivated." How can I re-activate this product? Thanks
Webroot Scans Over a Slow Link
Hi! We have a nbr of sites connected to the main company network via wireless broadband links that are often (very) slow/saturated or even down. There are between 2-40 staff at these sites. We are concerned that Webroot SecurityAnywhere Endpoint Protection scanning "back to the cloud" is slowing down the WAN at these remote sites even more. Can you please explain how Webroot works over a slow/down WAN link and also how we can configure it to reduce WAN bandwidth utilisation? Thanx Glenn
Howto handle W32.Malware.Gen due to "unusual compression method"
Hi Expert, we have several FalsePositive due to the fact that softwarevendors using "unusual comression methods" also used by many Malware. So most of our reported infections as W32.Malware.Gen are FP. That sucks. Sure we can try to ask the vendor not to use these methods but we are not willing to do that for every software vendor our employees uses software from. Sure we can report that as FP due to the webroot Support - but this is not implemented in the Console (I have to manual c&p). Sure we can do an override (but thats not what is suggested from webroot to do) so how do you handle your W32.Malware.Gen FP?
BYOD with Webroot SecureAnywhere Mobile Protection
Hi, I see that among the setting of business mobile protection there is a Device Attribute called "Ownership" and you can set this to "Employee owned" or "Company owned". Firstly, I just cannot find this setting explanation in the online help, so you may add explanation there. Secondly and most importantly, I got to this setting because my client is looking for a possiblitiy to enable the user of the device to set enything they like on Employee owned devices for the mobile protection, but wants to disable any setting changes on Company owned devices in the name of BYOD. (Something simliar to "Unmanaged" group in the business endpoint protection.) Can this setting do this for them? Or what is this setting really for? If this cannot do it today, this is a feature request and will you develop it and when? Best regards, Gyozo
The Growth of Tablets in the Enterprise Market
[img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/5632i137992322AD52E9B.png[/img] Yesterday, Forrester released their latest studies and predictions on the growing tablet market in their report "Global Business And Consumer Tablet Forecast Update, 2013 To 2017 (Purchase the report here for [url=http://www.forrester.com/Global+Business+And+Consumer+Tablet+Forecast+Update+2013+To+2017/fulltext/-/E-RES97182?docid=97182]$499[/url]). In the report, the full market was looked at, including the enterprise environment, which lead to some very interesting statistics and predictions. By the end of 2013, there will be a forecasted 327 million tablets sold in the world, with the iPad leading the sale with 140 million. By 2017, that base number is predicted to be at 905 million, with 60% of North American online consumers will own. Of those 905 million forcasted units, 18%, or 162 million devices, will be in the enterprise market. The most
Join the Conversation
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.