Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,134 Topics
- 3,648 Replies
Hi, I am trialling Webroot endpoint protection on a small network ( workgroup/no dedicated server) 3-5 endpoints. We have two physically separate networks ( 3 endpoint and 4 endpoint). As the 3 point network does not need a constant internet connection we share one broadband connection as necessary ( simply physically connect the router to the appropriate network's switch). On our lesser internet used network we recently had an external tech support technician log on do a remote sesion with Teamviewer to update some software. Although he could access the PC he was logged into he had problems accessing other files on mapped drives - he could "see" them but not access. I later discovered (email received late as internet connection was switched to smaller network) that Webroot had flagged an infection ( a false positive - both VirusTotal and Jotti's scan confirm ) on the PC he was logged into - Webroot is installed on that PC not the other two. I am now wondering
Hi, I wish to mention here my problem with Webroot Threat Research: I have a customer who has [b]5700+ undetermined software[/b] in the '[i]All undetermined software seen[/i]' report [b]for months[/b]. (And some more customers with 1000+ undetermined software) First of all, I do not understand how this can happen? Actually, I expect Webroot Threat Research to classify all undetermined software as soon as possible, otherwise how could Webroot guarantee that there are not any malware among them --- that are being able to run on the endpoint thanks to the way WSA client is developed, it will run just until the client receives the BAD classification from the cloud. But it looks like many thousand software are simply never gets classified. So in my reading, a malware can simply run anytime for quite a long time (eg. for month as in our case). I think the expected approach from Webroot is that in case of undetermined objects added to the list and the reported to the cloud then Webroo
Hi Guys, My name is Chris Saunders and I'm responsible for the Enterprise Support team here at Webroot. I wanted to canvas opinion on a new way for us to notify customers when we have useful information about the service such as upgrades, service issues or hints and tips. We're thinking of creating an RSS feed that customers can subscribe to, any updates we make would then be automatically downloaded to the users RSS reader of choice. What do you guys think? Is there any other contact method you would prefer us to use? Thanks in advance! Chris
We have several files on our saystems which are unknown to WSA - Unknown processes are monitored so changes can be reversed. Main question: a) Is it advised to have really _all_ unknown files marked either as bad or good? additionla questions b) is the monitoring based on login session and will initial start on every reboot ? c) the list with unknown files in the webconsole is showing only the first "arriving" on the unknown file. what happens when webroot trusts that file - will this file then be also trusted in the reports? d) how can I aggregate the list of unknown files so i see how many times a unknown file is stored on our WSA protected systems? maybe some of the experts can give me some explanations. newmy
hi, First, am not able to install webroot cleint Remotely, Seconly, Webroot has detected Conficker worm on multiple Computers, but not cleaning it, what i need to do, have to RUN conficker cleaner on indvidula machine or i can do it remotely. Cybermate
It appears when sorting fields in Group Management, All Endpoints screen, that its only sorting based on the page and not the entire group of endpoints. For example I want to sort the "status" field and bring all infected machines to the top. Am I doing something wrong? Rich
I switched to Webroot about two months ago and have been pushing it out to through GPO to all our Windows clients. I set up an Installation Alert to be sent to me so I knew which clients had Webroot installed so I could uninstall our previous AV (Panda). This workes like a charm and the migration has gone smoothly. Now for about ten ago I noticed the mac install .dmg and had it installed on our MAC clients. The installation ran as expected on all MACs but two... The Installation Alert email for MAC client #1 are sent to me repeatedly - like one to two times every hour (since installation five days ago), but the client doesn't show up in the web console. Looking at the client everything looks legit and for what I can tell is doing it's job. The Installation Alert email for MAC clinet #2 has been sent to about 10 times in the last five days, but the email doesn't include all the information it should but just two lines (and the client doesn't show up in the web conso
Hello, I create serval scripts(in AutoIT) that allow me to automate deploying updates to my users, or gathering info, ect... Every script I create gets flagged as a virus. My question is, is there a way I can create an override before I deploy the software and get a message that there is a virus? Thanks for your input. Rich
Ok, just for kicks and giggles (and because it's my BD and I don't feel like working) I downloaded and ran Webroot System Analyzer. Imagine my surprise when I was reviewing the log file and found this: System Security ---------------------------------------------------------------- Virus Protection AVG Internet Security 2012 (Enabled, Up to date) Spyware Protection AVG Internet Security 2012 (Enabled, Up to date) Considering I uninstalled AVG IS 2012 months ago, and have rebooted numerous times since, and I installed Webroot months ago (immediately before uninstalling AVG) why is this showing? Webroot shows running in active processes. Any ideas? Wayne
Hi, I've been seeing some weird stuff with Dropbox and webroot. When a file in dropbox is syncing webroot is reporting it multiple times as undetermined software (for example - ~5E839294.TMP in %profiles%dropbox.dropbox.cache or CONTROLSCF.RESOURCES (DELETED F3AC29B235882A96028CFA36266D9F22).DLL %profiles%dropbox.dropbox.cache2013-09-12) with each file getting flagged with the size which can be changing. How does one stop this from happening? I can see the value in flagging new files and want to see them, and I know cache folders are high risk areas, but why the temp files during download or sync? I see the same thing when downloading say a 7Zip installer file, multiple files with the .part extension and then finally the actual file (7Z920.EXE.PART %cache%). Also, why does it just show the variable %profiles% rather than the actual user name? Any direction would be appreciated. Regards, Wayne
[url=http://arstechnica.com/information-technology/2013/08/a-brief-history-of-disruption-technologies-that-upended-enterprise-it/2/]Long story[/url] short, according to journalist Matthew Rothenberg of Ars Technica, the top technologies that have influenced enterprise IT are: 1. x86 servers 2. Virtualization 3. Communications Technologies 4. BYOD While these are all important pieces of technology that have had a major impact on business, I'm curious to know what other IT professionals' "Top 4" would be. What technology impacted enterprise IT the most for you?
Hello everyone, I am experiencing a strange issue which I have seen more than once lately during our trial. For example, on the status p, under recently infected, I see an endpoint that was infected today at 4:59AM with conflicker virus. However when I cl ick on group management and choose that same endpoint , it shows that it scanned at 4:59AM and the status is clean. Also, the infection shown in the status is not shown in the reports UNLESS I specifically choose today. Any idea how to resolve? [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/5846i05BCB370E33C1040.png[/img] [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/5852iD540DBA93CAE889D.png[/img] *note from admin - I reposted an edited version of your image so as not to include ip addresses*
Hi After upgrade of WSA to version .174 I observed a strange issue. When I go to System Tools/System Control/Control Active Processes and click any process and then "More Info" new window appears and when I click "Details" everything dissappears and I have two WSA icons in a system tray for couple of seconds. Looks like some bug to me.
Hello everyone, I was testing its effectiveness at blocking viruses from downloading onto a clean machine, and tried downloading known viruses and the web shield successfully detected it and gave me a warning to close or approve which is great (ofcourse for deployment I would not allow the user to approve) Now what I found strange is that when I repeated the test with the same malicious websites and downloaded the same viruses a few hours later, the web shield gave no warning this time, instead allowing the file to download normally then the file system AV kicked in and removed it. There have been other examples where this happened as well. What i want to know is that why is the web shield component inconsistent.
I run my small busineses from two dedicated severs. Server 1 is Linux, server 2 is unbuntu and I have several questions I am hoping someone can answer. 1) can webroot be installed on both of these severs? 2) Is this a good thing to do? 3) Can webroot be installed and operated remotely by someone who has very little knowledge of SSH? 4) According to Clam Scan there are hundreds of unactivated viruses, trojans, malwre etc etc. on Server 1. Server 2 has no sites on it yet but has 125 domians being readied for the the public and is free of viruses and malware. Can Webroot get rid of the viruses on server 1? 5) How much would it cost to get Webroot and install it on these two servers?
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.