Webroot

Designed with MSPs, resellers, and distributors in mind, the Webroot® Channel Edge® Program offers
competitive margins, recurring revenue, lower operational costs, improved productivity, and innovative
enablement tools. Through its web-based management console and integration with RMM and PSA
platforms, Webroot provides easy-to-deploy, cloud-based security for endpoint, mobile, and web.
Partnering with businesses of all sizes, Webroot secures your clients against sophisticated threats—no
matter how or where users connect. For more information, visit www.webroot.com/MSPpartners

Share tech news, updates, or what's on your mind.

Sign up to Post

we have a SBS2008 server that had recently been effected by malware.
Our webroot antivirus program saw it and deleted it.
now the server backup will not run.
it still shows in windows features as being installed but there is no block level backup in services.

Would removing the feature and adding it back fix this issue or do you think its something bigger that would need Microsoft support involved?
0
I am trying to confirm whether Sentinel One EndPoint Protection is a viable replacement for existing Webroot EndPoint Protection and MalwareBytes EndPoint protection.  We have been using Webroot/Malwarebytes endpoint clients on our workstations and servers for about four or five years now.  We have not encountered any compromises/issues using these products.   I also need to mention we also use Cisco's Umbrella Roaming Client as well.

We also have a SonicWall TZ500W with the Comprehensive  Gateway protection.  We never enabled the DPI module because it caused many connection issues accessing creditable Court websites, etc.  

So now SonicWall is promoting/offering their Capture Client solution that I am interested in.  I wanted to purchase the Sentinel One client software a couple of years back, but they said I could not make a purchase since the minimum count they could sell is 100.  We only need 25 licenses.  So now that Sonicwall offers Capture Client, I want to know if its feasible to say it would actually replace both Webroot and MalwareBytes EndPoint products and not just work along side and complement them.  So, I contacted Sentinel One Sales and they indicate their product serves as direct replacement.  They also mentioned their clients actually use Capture Client exclusively.

I have concern about a complete replacement solution.  I just want to ensure if we decide to deploy Sentinel One Capture Client as the sole Anti-Virus and Anti-Malware solution it …
0
A customer of mine with a Windows 2016 Server got a ransomware infection this Monday.  Turned out to be the Xorist.  I got the Emsisoft decrypter tool and ran it with success and then decrypted all the files on the server.  

With that part done, scanned the machine with Webroot (installed, don't know how it didn't detect this) windows defender, sophos second opinion, TDDSKiller,  superantispyware  and malwarebytes.  a trojan was found in a zip file that was in a profile that was created by an external source.

I went through all my usual programs to look for anything further (process explorer, tcpview, netstat etc but when it got to process monitor i narrowed a lot of network traffic coming from the lsass.exe process, and it was going to random IP's (gamertalk.com.br)
snapshot of the process monitor
I could not get this traffic to subside, and it eventually crashed the server after 6-8 hours.

I took away the servers DNS settings as well as the gateway setting and this continued to flow in process monitor.

Am I reading this program incorrectly?
How else can I go about trying to find what is making this traffic?

Thank you.
0
Hi,

I am continuously getting event id: 4005 on RDS server.  

Server OS: Microsoft Windows Server 2012 R2 Standard.

The Winlogon process terminates unexpectedly and prevents new logins from processing.  However, the only way to get login process work after the power cycle the server.

Webroot antivirus agent is installed on the server.

==================================================================
Event Logs:
==================================================================
Log Name:      Application
Source:        Microsoft-Windows-Winlogon
Date:          10/9/2017 4:30:19 PM
Event ID:      4005
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      
Description:
The Windows logon process has unexpectedly terminated.

Below mentioned steps which I have performed on the server:

-- Ran SFC /Scannnow command and successfully repaired the Windows Resource Protection corruption.
-- Ran DISM ScanHealth command on the server and no component store corruption detected.
-- Installed latest Microsoft released updates on the server.

==================================================================
SFC /Scannnow command Result:
==================================================================
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.

C:\Windows\system32 sfc /scannow

Beginning system scan.  This process will take some time.

Beginning …
0
I have a client with a PC with Windows 10 Home. It hangs during startup. It has Webroot SecureAnywhere in its list of Features and Apps. Trying to uninstall from there brings up a message that it cannot find a certain uninstall program. I downloaded WRUpdaterTool.exe and ran it. It display messages as it ran indicating that it was succeeding, but in the end, the app still shows in Features and Apps. Does anyone know any other means to get rid of it? Thanks.
1
Interestingly enough I have no problem using let's encrypt on Windows platform and figured it was going to be a breeze on *nix... Running into a slew of issues.  For one I am trying to use certbot to facilitate this.  When I issue the correct commands and webroot I see it builds the .well-known folder but it does not build the acme-challenge folder.  If I try to manually create the acme-challenge folder it deletes it after the sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com command (with my domain info substituted of course) with the following error:

Detail: Invalid response from
   http://<mysite>/.well-known/acme-challenge/bM6ijKNrbr6Dcf3nzJdyhssFHrySeeLk-2VWQgAlWnQ:
   "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
   <html><head>
   <title>403 Forbidden</title>
   </head><body>
   <h1>Forbidden</h1>
   <p"
Super frustrated as everything in *nix is always easier, right?  Well not this time LOL.   Any suggestions would be appreciated!

-J
0
We have installed Web Root Secure Anywhere Endpoint Protection v. 9.0.15.50 on several of our customer's Windows 10 computers (running either Office 2016, Office 2013, or Office 2010).

Our customers keep reporting that when they arrive at work in the morning the list of their recently opened documents within either Microsoft Word or Excel has been cleared (see the screenshots).

This is a major problem.

What can be done to fix or prevent this from happening?

WordExcel
0

Webroot

Designed with MSPs, resellers, and distributors in mind, the Webroot® Channel Edge® Program offers
competitive margins, recurring revenue, lower operational costs, improved productivity, and innovative
enablement tools. Through its web-based management console and integration with RMM and PSA
platforms, Webroot provides easy-to-deploy, cloud-based security for endpoint, mobile, and web.
Partnering with businesses of all sizes, Webroot secures your clients against sophisticated threats—no
matter how or where users connect. For more information, visit www.webroot.com/MSPpartners