Videos of the Webroot rollback feature in action
-
I have a Google alert setup for "Webroot" and yesterday it turned up a couple interesting videos of a guy testing our rollback feature by infecting his PC with unknown malware. Thought it was pretty cool to see the feature in action. Video one is the infection process and video two is the results of the rollback:
Youtube Video -
Nice
-
Nice example of Webroot in action! It was a good example of a user randomly clicking on things and infecting themselves.
The video's author seems more of a dabbler than a professional, however. Csrss in the user profile is not a good thing.
-
I applied a remote action last week to restore a file that was being blocked and it worked in about 1-2 minutes from applying through the web console. Compared to doing the same thing with Symantec.Cloud was impressive time. I used to have to wait 5-10 minutes for policy applications / restores.
-
Nice - glad to hear it worked well and quickly too.
-
It's a good start.
Did I miss it or did he not mention if he was running as a local admin or not? If he was not running as a local admin, there's a good chance that several of the things he ran couldn't get a foothold into the system. Furthermore, he didn't run (or at least show) that the system was still infected by anything with malwarebytes, etc, before running Webroot after the install.
He's got some steps to add before this truly impresses me.
That said, I still like the rollback idea.
-
Yeah, it was funny - I did show the videos to our threat researchers and they had some of the same sentiments as you. I'll have to dig up some videos we have on testing to see if we can get something that has more technical depth.
-
We just started using Webroot in our environment and it is awesome. We are coming from Symantec Endpoint Protection and it's like night and day.
-
Glad you like it lance! That reminds me, if anyone is using the global site manager console, we just released a big update to it yesterday:
http://www5.nohold.net/Webroot/ukp.aspx?pid=4&app=vw&vw=1&login=1&json=1&solutionid=1081 -
This is fantastic, good job over there guys! @Nic
