Webroot folder in Program Data is ~48GB!!!
-
It could be the network monitor itself that we haven't seen before - post a snapshot of the processes within Webroot and we can take a look.
-
@Nic how does he find out what process is being monitored?
-
@Dashrender my ? exactly
-
@RojoLoco said:
@Dashrender practicallt impossible on this machine. It has been off for 3 days, before that no email or browsing, just a headless workstation for testing GIS map stuff.
In that case, @nic is probably right - webroot just doesn't know the process and it's probably just being cautious.
-
Is this business or consumer version?
-
@Nic Biz endpoint
-
actually it's the same for both, my bad. Click on the gear symbol next to PC Security, then click Block/Allow Files and see what is listed there. Anything with the radio button in the Monitor column is being monitored and needs to be set to either Block or Allow.
-
@Nic where is that on the console? I have the endpoints locked down, no settings available on the local machine.
-
You can do a report for "All Undetermined Software Seen" and that should show you if anything is being monitored. Then you can do an override for it on the Override tab.
-
Actually if you zoom in on an undetermined software from the report it has the override button there to make it easier.
-
@Nic ok that report revealed the issue.... like 6 gazillion instances of our own software, source code, patches, etc. This was a development machine before, and all those database instances are busy clogging up the works. Overrides on the way. Thanks for your help!
-
Ah that makes sense. One think you can do now is exclude folders, so if you just want to exclude the folders that you put your builds into, that should take care of future versions. Otherwise you'll have to keep whitelisting them as they get created.
-
@Nic I've been trying to stay on top of that stuff, but they can build faster than I can make exclusions.
-
Yeah just exclude the whole folder that they do their dev work in and that should take care of it.
