Can Webroot protect against Zbot malware?

  • 11 October 2014
  • 3 replies

Because of the great protection Webroot has provided for our home computers we are considering deploying your product on our 120 computers at our business.  Most recently two of these computers were infected with a malware indentified as a Zbot.  Once these computers were infected a pop up message began asking the user for our network admin User ID and Password.  (Fortunately we do not give our employees that information so the problem was limited to these two computers.)  The pop up was relentless.  Delete it and it immediately reappeared.  The two computers were rendered useless.  Our IT service provider advised the only solution was to wipe the hard drives clean and do a reinstall of the OS because the Zbot got into the registry.  This solution was painful in that the two units had to be pulled from service. Our two employees were unproductive until the problem was resolved.   I was surprised that this Zbot couldn't simply be quarantined and deleted.  More disturbing was the fact that the rather expensive anti-virus software we use failed to block the initial infiltration or provide a defensive response once the Zbot infected the computers.  (We use a product called Vipre.)
So here's my question to Webroot: could your Webroot software provided a better response or protection compared to Vipre.  If so we'll start installing Webroot on all our computers immediately.

3 replies

Userlevel 6
Hello @ and welcome to the Webroot Community!
I'm sorry that you've had two infections in your environment.
I know by myself how painful this is and how much additional effort is needed to clean a client or do a fresh installation.
Webroots solution combines a giant threat database in the cloud with one of the best heuristics on the market, which already gives you a great protection. Additionaly every unknown software get's monitored and all actions are journaled; in the case that a suspicious/bad behaviour is detected or the cloud determines the software as a threat WSA starts a rollback and undoes every change made by the malware.
Now to your question:
Like I've said Webroot really gives you a great protection against malware.
But it's hard to say if it would have prevented your Zbot infection, as there are countless different versions and no security software can detect/prevent 100% of all threats. The difference to VIPRE would be that Webroot with its journaling/rollback-feature would have been able to revert all changes made by Zbot so that you wouldn't have to reinstall your clients.
And even if you've still had any problems you can always contact their great support team.
I would suggest you to register for the trial of Endpoint Protection and deploy it to a few clients in your network.
This way you can see how the product works and get used to the management console.
If you experience any problems or do have any questions then just come back to the Community :)
I'm told my PC is infected by Zbot please advise 
Userlevel 7
Badge +35
Hello @, if you feel that your computer has been infected it is always best to contact our support team so that they can investigate further and resolve any issues if a threat is present.