Update April 28, 11:45 a.m. MDT:
Please click here to see the most recent update.
UPDATE 4/28/17 11:45 a.m. MNT: We have 0 calls in queue on our phone line, and are working through about 80 tickets related to the False Positive repair utility. A good portion of those are simply awaiting customer verification.
Please note, the utility was built to address only this specific false positive issue. It will be deactivated in the future.
If applications are operating normally on your systems, you do not need to implement the utility.
If you haven’t yet submitted a support ticket and you need the repair utility, please do so here. Include your phone number as well with the support ticket.
Thank you.
Page 3 / 12
What is the new UPDATE to the initial post?
I think if it got to the "CLEAN" step , you are SOL and need to complely reinstall the app unless it has some type of repair function. My first step is to create an overide file/path for the drive@ wrote:
Thanks. I eventually figured that out, but oddly enough the files wouldn't actually restore this way either. It let me restore the files but they never appeared on the system. Couldn't wait any longer so ended up reinstalling the application.
I have seen my apps that use a folder directly on system root and some "temp" folders get hit
This is a major flaw that I cannot restore the files myself...
Looking at my threat logs...it even deleted any files open in the exe or perhaps associated.
For example:
Deleting File> c:program files (x86)goverlan v8goverrmc.exe
Deleting File> C:UsersjpriceAppDataRoamingGoverlanGoverlanV8_DB.db3
Deleting File> C:UsersjpriceAppDataRoamingGoverlanGoverlanV8_DB.db3
Deleting File> C:UsersjpriceAppDataRoamingGoverlanGoverlanV8_DB.db3
Will the restore get those files back as well???
Looking at my threat logs...it even deleted any files open in the exe or perhaps associated.
For example:
Deleting File> c:program files (x86)goverlan v8goverrmc.exe
Deleting File> C:UsersjpriceAppDataRoamingGoverlanGoverlanV8_DB.db3
Deleting File> C:UsersjpriceAppDataRoamingGoverlanGoverlanV8_DB.db3
Deleting File> C:UsersjpriceAppDataRoamingGoverlanGoverlanV8_DB.db3
Will the restore get those files back as well???
The initial post in this forum from Webroot has been updated (new content added/changed).
This was just supposed to be a reply to station2646's question... forums that don't properly visually thread are annoying.
This was just supposed to be a reply to station2646's question... forums that don't properly visually thread are annoying.
Thank you LowellP. I'm guessing the new content included the message that MSP's are still waiting for the Universal solution?
Webroot: When allow policies finally apply to an endpoint, will that restore previously-quarantined items if they're now on an allow/exception policy?
If files end up in the c:quarantine folder, it's because the files are in use, or samba is keeping a placeholder file in place and preventing an overwrite. I was able to solve the issue on one server by closing the samba connections to the folder in question and then overwriting the file.
and now facebook.com is showing as a "High Risk Site" , did webroot get hacked?
Silly question coming from an IT-outsider just trying to restore our critical software for a doctor's office. When I log in to webroot console, I have no tab for "Group Management" - any suggestions?
CEO just called me. It's over webroot. You goofed for the last time.
I'd love to know the answer to question @ posted.
Only a few months ago we had all the virual servers blue screen from a Webroot update and now this....i feel some restitution is in order. Hundreds of hours of labor has been involved in these 2 incidents alone and i know everyone else is in the same boat. What other A/V products are others using as MSP's? I'm ready to move on.....
what do you see? some of us have partner portals that may differ@ wrote:
Silly question coming from an IT-outsider just trying to restore our critical software for a doctor's office. When I log in to webroot console, I have no tab for "Group Management" - any suggestions?
The thing is too, we've been submitting suggestions and recommendations, and complaints, and questions about all sorts of parts of the Webroot management portal, which doesn't seem properly built for MSPs. Lack of proper filtering in the "Reports" views, inability to do things that you really need to do in a central portal. And really, over the years none of this has improved. They're also lacking in license management/integration with major PSAs. So Windows 10 Anniversary Update goes out... almost every computer now shows up twice. And now the same thing for Creator's update. And other random changes on a system, can't figure out what. And an inability to enable a password-locked override (have to move entirely to Unmanaged profile, which does what else, loses all overrides? Not sure) policy to be able to manually override something as needed on an endpoint.
Oh, and then many computers and some servers, if they shutdown improperly (at least that's the only reason we could figure out) sometimes when starting up they blue screen and won't recover due to a failed/corrupted Webroot system file. It can't be remotely fixed on workstations unless you have vPro working. Never saw this get fixed either and we've still seen some recent cases of this.
So it's not just this singular mess-up, it's a pile-up of a bunch of things in our eyes that make it a lot less usable than it should be... this just finalized it for us. And yes, we have to apologize to customers too. It's time to go elsewhere.
Oh, and then many computers and some servers, if they shutdown improperly (at least that's the only reason we could figure out) sometimes when starting up they blue screen and won't recover due to a failed/corrupted Webroot system file. It can't be remotely fixed on workstations unless you have vPro working. Never saw this get fixed either and we've still seen some recent cases of this.
So it's not just this singular mess-up, it's a pile-up of a bunch of things in our eyes that make it a lot less usable than it should be... this just finalized it for us. And yes, we have to apologize to customers too. It's time to go elsewhere.
The updated page 1 solution does not work. No policy updates get to the client computers from the webroot servers.
Useless Admins giving kudos to useless OP.
These fixes don't work.
These fixes don't work.
Ok so i got a few of my clients to restore but now the software that im restoring the exe of is shutting down every 1 to 2 min? any recommendations?
Hi, is there an ETA on the resolution? When I call into support, we get a message that says the issue has been resolved but is that really the case? Next, if it is, what is the solution to restore all these files?
For those that reported that agent commands were not working or were very delayed,
that backlog of requests has processed and we are told that it has caught up.
For anyone that had failures, please try again.
that backlog of requests has processed and we are told that it has caught up.
For anyone that had failures, please try again.
This entire event is unacceptable and we have already had several long internal conversations about what is obviously a serious flaw in cloud console based antivirus software. The solution to our current dilema "could" be easy to impliment if it wasn't for the fact that every single webroot customer is trying to fix their computers at the same time. Since all customers have no direct or local method of managing their webroot deployment we must rely on the cloud console to do anything and all of our workarounds have been queued up pending deployment all afternoon.
I do feel that I must point out that this problem exists with all cloud managed software and as a result we will be carefully weighing the pros and cons as a result of this. In the mean time everyone needs to realize that Webroot has been a great product with very few problems in contrast to many other platforms. With that said, how they react and manage communications will define our response and the net loss in revenue they experience overall. There is no way any company could manage direct communication during a disaster that affects 100% of their customers but this forum thread appears to still be the only direct communication and it is very lacking and the updates are too infrequent.
This Facebook blocking symptom that only started shortly ago has yet to be acknowledged and if it does turn out that there has been a security breach at Webroot and PR has taken control of official responses we will be departing immediately trust with customers is a requirement with any vendor in security related markets.
Webroot Staff: Please make communcations a priority, even if you don't have something new to share as we are all pressing refresh on this forum over and over while listening to your hold music........ Thankfully its pleasant.
I do feel that I must point out that this problem exists with all cloud managed software and as a result we will be carefully weighing the pros and cons as a result of this. In the mean time everyone needs to realize that Webroot has been a great product with very few problems in contrast to many other platforms. With that said, how they react and manage communications will define our response and the net loss in revenue they experience overall. There is no way any company could manage direct communication during a disaster that affects 100% of their customers but this forum thread appears to still be the only direct communication and it is very lacking and the updates are too infrequent.
This Facebook blocking symptom that only started shortly ago has yet to be acknowledged and if it does turn out that there has been a security breach at Webroot and PR has taken control of official responses we will be departing immediately trust with customers is a requirement with any vendor in security related markets.
Webroot Staff: Please make communcations a priority, even if you don't have something new to share as we are all pressing refresh on this forum over and over while listening to your hold music........ Thankfully its pleasant.
So if setting allow policies on files we know are good that have been trashed in this issue, then forcing the clients to poll for the updated policies, does not then subsequently restore those good files from Quarantine this is yet another feature that should be available within the console. We should be able to say that caseware.exe or whatever needs to be "un-quarantined" at all sites. Then it should show all endpoints that have this quarantine and we could even manually check/uncheck if we wanted to, and apply.
Happy to hear you like our hold music. We don't want to put you to sleep.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.