I have webroot endpoint protecton installed on my company's server but still got Ransomware. Now I have to restore from a backup and lose yesterdays data. My employer is not happy at this time..I may be murdered by days end..
This is what we got:
https://www.removemalwarefrompc.com/get-rid-crypted_zerwixairmail_cc-virus-remove-ransomware-recover-files#Phase 1
I need to know why this happened..I thought Webroot was supposed to protect against this stuff..
Edit: I can see that the last scan was done on Mar 3rd even though I have it set to run each day at 2:00AM"When resources are available"..I dont know if the "when resources are available" have anything to do with it but it needs to run every night regardless...
Page 1 / 1
With any type of Infection and even Ransomware you should Contact support as in most cases they can help you as WSA has Monitoring with Rollback feature: Webroot Customer Service
See these Video's: https://www.youtube.com/watch?v=4Wm1K4FmWqU
https://www.youtube.com/watch?v=qy5o2wIwUDk
Thanks,
Daniel
See these Video's: https://www.youtube.com/watch?v=4Wm1K4FmWqU
https://www.youtube.com/watch?v=qy5o2wIwUDk
Thanks,
Daniel
Why is this post marked as "solved"?????
Once again this proves Webroot inefficiencies in fighting ransomware.
Once again this proves Webroot inefficiencies in fighting ransomware.
Hello solved,@ wrote:
Why is this post marked as "solved"?????
Once again this proves Webroot inefficiencies in fighting ransomware.
Welcome to the Webroot Community,
There isn't a AntiVirus that protects us 100% of the time. Webroot does have a Rollback Feature and the Webroot Support Team can handle this. New Ransomeware comes out everyday...
The key...however good one's defences are, is to make sure, that one has a backup or, better still, a recent full image of one's disk(s)...so that if disaster does strike then at least one can revert to a pre-infection state.
Webroot uses the journaled data to undo every action by the program, including encrypting files. The company does warn that the journal database isn't unlimited in size, and advises keeping all important files backed up.
Kind regards,
It looks like the attack may have been through RDP. A weak password on a user may have been hacked.
Thank you rich33584 for your input! 😃 Much appreciated!@ wrote:
It looks like the attack may have been through RDP. A weak password on a user may have been hacked.
If you notice what I said "you should Contact support as in most cases they can help you" as Sherry said no AV is perfect but there is always a chance with Webroot SecureAnywhere.@ wrote:
Why is this post marked as "solved"?????
Once again this proves Webroot inefficiencies in fighting ransomware.
Thanks,
Daniel
"... installed on my company's server "
Do you really expect that the OP will give access to the company server????
If "WSA has Monitoring with Rollback feature" is not a fake thing, should work without customer service intervention.
Do you really expect that the OP will give access to the company server????
If "WSA has Monitoring with Rollback feature" is not a fake thing, should work without customer service intervention.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.