I'm using the Business User Protection package and try as I might I cannot get Webroot to automatically quarantine a virus.
I have tried on several different machines with different OS versions and no joy. Even with the test virus that Webroot recommend using it still won't quarantine the item.
The most annoying thing is that it is being recognised as such, but the user can still run the application. Even Webroots own test one!
This just isn't acceptable if I have to deploy this into a business as the user will have run the virus long before I get a chance to clean it off the system.
And is there anyway to alert the user that there is a virus present, preferably with a custom message?
I really like the Webroot features, but I'm on the verge of going for another product.
Rob
Answer
Automatic Quarantine
Best answer by mcarman
Sorry for your frustration with the sample infection we provide.
This MockVirus.exe file is intented to be an "unknown" file in our database so monitoring will occur on the system. This demonstrates our ability to journal the activity that a virus might take to damage a system. Upon an actual virus being changed from "unknown" to "bad" in our database, the locally stored journal will be used to rollback the infection and the damage done.
You can certainly mark the file bad locally to initiate a cleanup of the file and it's children files (if you're using the business version you can create a global override in the Webroot SecureAnywhere Business console, under the "Overrides" tab, for the MD5 hash value: F7CA0D221036324584B02C671164743D).
The 2 files that have been quarantined already are intentionally marked bad to show that the payload of the mockvirus is detected and removed.
Let us know if we can explain any further.
This MockVirus.exe file is intented to be an "unknown" file in our database so monitoring will occur on the system. This demonstrates our ability to journal the activity that a virus might take to damage a system. Upon an actual virus being changed from "unknown" to "bad" in our database, the locally stored journal will be used to rollback the infection and the damage done.
You can certainly mark the file bad locally to initiate a cleanup of the file and it's children files (if you're using the business version you can create a global override in the Webroot SecureAnywhere Business console, under the "Overrides" tab, for the MD5 hash value: F7CA0D221036324584B02C671164743D).
The 2 files that have been quarantined already are intentionally marked bad to show that the payload of the mockvirus is detected and removed.
Let us know if we can explain any further.
+56Welcome to the community Rob!
Let me have support contact you on this one to see what is going on. I've opened up a ticket and they'll contact you by email to troubleshoot further.
Let me have support contact you on this one to see what is going on. I've opened up a ticket and they'll contact you by email to troubleshoot further.
+22- OpenText Employee
- Answer
Sorry for your frustration with the sample infection we provide.
This MockVirus.exe file is intented to be an "unknown" file in our database so monitoring will occur on the system. This demonstrates our ability to journal the activity that a virus might take to damage a system. Upon an actual virus being changed from "unknown" to "bad" in our database, the locally stored journal will be used to rollback the infection and the damage done.
You can certainly mark the file bad locally to initiate a cleanup of the file and it's children files (if you're using the business version you can create a global override in the Webroot SecureAnywhere Business console, under the "Overrides" tab, for the MD5 hash value: F7CA0D221036324584B02C671164743D).
The 2 files that have been quarantined already are intentionally marked bad to show that the payload of the mockvirus is detected and removed.
Let us know if we can explain any further.
This MockVirus.exe file is intented to be an "unknown" file in our database so monitoring will occur on the system. This demonstrates our ability to journal the activity that a virus might take to damage a system. Upon an actual virus being changed from "unknown" to "bad" in our database, the locally stored journal will be used to rollback the infection and the damage done.
You can certainly mark the file bad locally to initiate a cleanup of the file and it's children files (if you're using the business version you can create a global override in the Webroot SecureAnywhere Business console, under the "Overrides" tab, for the MD5 hash value: F7CA0D221036324584B02C671164743D).
The 2 files that have been quarantined already are intentionally marked bad to show that the payload of the mockvirus is detected and removed.
Let us know if we can explain any further.
It now seems to be working with all of the test files that I previously couldn't get to work and now with your own test file as well.
Many Thanks.
Rob
Many Thanks.
Rob
I am still not sure if I'm in the right place ! My question is, I use webroot for my home not for a business . Why doesn't webroot automatically quarantine all viruses or detected virus so that I can personally delete them myself.
It seems webroot will automatically delete any virus or anything that it thinks is a virus , even if the program is not a virus .Why can't or why am I unable to view all problems that webroot thanks is a virus ?
I have tried to write small programs and many times webroot will delete them without asking my permission . Because I sometimes forgets to tell webroot that the file I'm trying to write is not a virus . The same thing happens when I try to download some programs .
Rich
It seems webroot will automatically delete any virus or anything that it thinks is a virus , even if the program is not a virus .Why can't or why am I unable to view all problems that webroot thanks is a virus ?
I have tried to write small programs and many times webroot will delete them without asking my permission . Because I sometimes forgets to tell webroot that the file I'm trying to write is not a virus . The same thing happens when I try to download some programs .
Rich
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.