Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Webroot Secure Anywhere vs WTF ransomware
Message
<blockquote data-quote="509322" data-source="post: 634275"><p>A Webroot employee advised somewhere to wait at least 4 hours for rollback of malicious system changes; if the system is not rolled-back within 4 hours it is probably not going to happen.</p><p></p><p>I cannot say "Webroot advises" since the above is to be found nowhere in official Webroot documentation.</p><p></p><p>Webroot does rollback some encryption.</p><p></p><p>It appears that rollback of encryption is dependent upon whether or not Webroot has a rollback routine for the specific ransomware.</p><p></p><p>Someone posted somewhere here on MT that they waited 96 hours and there was no rollback of encryption.</p><p></p><p>To find out more go searching for these infos on Webroot's Reddit and elsewhere online. The "4 hour" advice is straight out of the mouth of (was posted by) a Webroot employee. I can't remember where I read it.</p><p></p><p>Anyway... this sort of thing can be avoided by setting heuristics to "Block any file that is not specifically whitelisted." With that setting you will probably be surprised to discover that System32 and SysWOW64 files are not in the Webroot database and will be monitored\blocked (dependent upon settings). <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" /></p><p></p><p>Try it for yourself... anyone can confirm this fact.</p></blockquote><p></p>
[QUOTE="509322, post: 634275"] A Webroot employee advised somewhere to wait at least 4 hours for rollback of malicious system changes; if the system is not rolled-back within 4 hours it is probably not going to happen. I cannot say "Webroot advises" since the above is to be found nowhere in official Webroot documentation. Webroot does rollback some encryption. It appears that rollback of encryption is dependent upon whether or not Webroot has a rollback routine for the specific ransomware. Someone posted somewhere here on MT that they waited 96 hours and there was no rollback of encryption. To find out more go searching for these infos on Webroot's Reddit and elsewhere online. The "4 hour" advice is straight out of the mouth of (was posted by) a Webroot employee. I can't remember where I read it. Anyway... this sort of thing can be avoided by setting heuristics to "Block any file that is not specifically whitelisted." With that setting you will probably be surprised to discover that System32 and SysWOW64 files are not in the Webroot database and will be monitored\blocked (dependent upon settings). ;) Try it for yourself... anyone can confirm this fact. [/QUOTE]
Insert quotes…
Verification
Post reply
Top