Got a Question?
Have a product question? Start here!
- 560 Topics
- 2,295 Replies
A few issues
This morning I noticed that the WRSA.exe on our terminal server has been spiking about 50% CPU usage. It lasts between 5 - 10 minutes and happens sporadically during the day. The server itself hosts only one program that our sales team uses. The other issue we have been having is that I noticed that the WRSA.exe on our windows 10 computer is creating about 6-8 new remote ports every second. I don't know how long it has been doing this but it is flooding our netstat and TCPView. I am not too familiar with this particular side of the tech world so any advice would be welcomed. EDIT: Forgot to mention that I updated the policy to the administrator endpoint to allow access to the interface, it has been a few days and still gives me the message to have the administrator to allow access. I have tried to refresh configuration but it still shows the message.
Block torrent files
Hi, Can I somehow block / remove *.torrent files from my sites computers with Webroot Endpoint Protection? To state the obvious.. .torrent files are not executable so I cant black list it as a program from running. I kinda want the Webroot agent to remove all files named *.torrent. Is it possible?
I don't get how I am supposed to manage overrides in the web portal.
All I see is a list of MD5 hashes and unless I drill down I cannot see the file name. If I look at my global overrides, there are about 900 entries of files that I have labelled as good. A large number of these were probably considered unknown in the cloud when I added them. Presumably, some of them have become "known good" since then. It seems like I should be able to look at the list of file namess and what their current cloud status. Then I could remove unneccessary override from my whitelist. Better yet, maybe pruning of the override list could be automatic. It also seems confusing that override can be global or attached to a site or policy. Many things I whitelist are at the global level, but it does not seem that I can tell if there are policy-level overrides for the same file. Am I missing something that would allow me to effectively manage these lists?
Webroot Integration for Kaseya
My company is moving to Webroot late next month. We are an MSP that use Kaseya RMM tool to support our customers. Anyone have experiance with it. Do you like it? What do you like about it? dislikes? I wanna know what I am getting myself into here. I know that Kaseya does not have a good reputation with intregrations. Thanks!
Trouble saving files to network file share
We have users who randomly are unable to save files like Word, Excel or other to network shares, typically over a VPN connection. When doing so they get "file is currently in use try again later" messages. It doesn't happen all of the time, however you can typically recreate the issue by opening and saving a file a few different times. In our troubleshooting we found that removing Webroot SecureAnywhere off of the client machine resolved the issue. Once re reinstalled the client we had saving problems again. We also isolated the server with the file shares by removing any A/V that was installed with no net effect. Any ideas what might be causing this on on the client side? Like I mentioned, only happens over the VPN, I do not have the same problems when opening and saving files on the local network so there must be something the Webroot client is doing in the communication stream to create the problem.
Webroot for XP
Hi As everyone knows Microsoft dscontinues support for Win XP in April 2014. Is Windows XP going to be listed in Platforms Supported by Webroot after April 2014? I also wonder what will be the reaction of other AV vendors. It seems to me that's extremely risky for AV product to officialy support OS which is no longer patched.
site admin not showing
We added a site admin to be able to view/manage one site only. yet when we select that site and look at the admin tab, it does not show them listed. When we go back out to the GSM and site admin it lists the admin, but doesn't list what sites they are an admin of? Is there no way to check this, or maybe the admin wasn't setup right?
Scare Message Web Pages
Twice in two days I've had customers with Webroot installed call because they opened a Web page that displayed some kind of virus alert. Their browsers were locked (unable to be closed normally) but I was able to close them using taskkill. Their computers were otherwise unaffected (as far as I can tell, and I did take time to review them both). Is Webroot supposed to intercept that kind of activity? If so, it didn't work in these two cases, although nothing else malicious ran on them (again, as far as I can tell). Would some forensic information help to defend against this sort of thing? If so, I should be able to collect information from both computers.
Internet Explorer Browser is not trusted
Hi: This morning I opened Internet Explorer like I did yesterday and everyday ( I know, that's my first problem, but hey, I need to know what happens when my customers do these things ) and Webroot popped up and said that C:Program Files (x86)Internet ExplorerIEXPLORE.EXE is trying to connect to the Internet and is not trusted. I clicked on Allow Always, but what should I tell my customers when they ask why Webroot does that? Thanks, TimC
Endpoint Protection failed installation
Have encountered a problem during EP installation deployment. When the program installs on one specific user, it prompts for the License Keycode to be typed in. This is incorrect as it was setup to auto-install with established keycode and then be detected and imported into default group on EP Access Portal. Can enter the keycode manually but then the EP Access Portal doesn't recognize it, won't import it, and the installation fails itself because it says the keycode is invalid. Can someone assist me please with this and what am I doing wrong that can be resolved? Thanks.
Enabling Scan Logs for Endpoints
Sorry if this has already been posted, but I could not find it anywhere. I was wondering if there is a way to enable full scan logs for all computers in a policy all at once, so that I do not have to manually remote into every computer for a client and enable this?
Can i "downgrade" ?
Hi, so i'm new to the community. And i only got 1 quick question i'd like someone to reply to! =) Is it possible to "downgrade" my clients from 1 version to another one. For example, i have about 500 clients running version 22.214.171.124 but i would like to downgrade them to 126.96.36.199 How can this be accomplished? //Daniel
How to set a Access Control by Policy
Hi, As we are starting to deploy Webroot, we are trying to figure out a way to hide the interface from the users (we know how to do that) but we also want the option to open the interface in case, as help desk IT guys, we need to check configure change something locally. As logging into the Web console from the endpoints is a bit of a hassle, and changing the policy every time to show hide the GUI interface is also not very convenient. Is there a way to set a password to all the endpoints under a group policy? Thanks, Elior
Webroot site reputations seem dodgy
We've started using the Webroot filtering extension, but I'm finding it difficult to trust the ratings. Although there's supposed to be a range of reputations possible, I never see anything but "Trustworthy Site" and "Suspicious site." I see "Suspicious site" on long-term, well-established sites that are completely trustworthy, and I see "Trustworthy site" on sites I know for a fact to be cesspools of phishing, scamming and spamming. I've tried to avail myself of the option to request recategorization for a few sites I know to be safe and reliable, but the only response I've ever received is basically "No, we're right, the site is untrustworthy" I have three main concerns: 1. The addon cries wolf - we have tell users to disregard the dire warnings of probable infection or harm for certain sites. A warning that is usually wrong will end up being ignored when it actually is relevant.There seems to be little middle ground, almost all sites have
Questions on application protection settings
Could use an explanation here. Thanks in advance. I'm trying to determine the best settings for mainly web browsers, but I'm a little confused as to the options and combinations of each . My options are as follows : Protect, Allow or Deny with combinations of 2 of the 3. It seems I can choose 3 different scenarios. I can select [b]Allow/Deny[/b], [b]Protect/Allow or Protect/Deny.[/b] Given these explainations for each below, unless I'm misunderstanding something how would it possible to have have an application both under [b]"Protect"[/b] and [b]"Allow"[/b] at the same time? OR, an application set to [b]"Allow"[/b] and [b]"Deny" [/b]simultaneously? As I stated, I must be misunderstanding the explanations. [b]Protect.[/b] “Protected applications” are secured against information-stealing malware, but also have full access to data on the system. You might want to add financial management software to the category. When yo
Starfield Certificate Not Trusted
I've recently seen this problem on a second server, on totally separate networks. Webroot stops communicating with the web console. On one machine this manifested as Webroot showing the subscription was expired. On another machine the symptom was that the agent was shown with a status of 'Not Seen Recently' in the console The fix for both of these was to Install the Starfield Class 2 Certificate into the Trusted Root Certification Authority store on the machine and bingo - comms restored. As I've now seen this on a second server I'm concered this could be a wider issue. Has anyone else seen this or have further information? [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/31026i363FE4161E96186C.png[/img]Greg
Unable to edit policies
I am attempting to troubleshoot an issue where WR support indicated copying the policy in use, rename the newly created policy, then edit the changes i need. Cannot edit any settings on new or default policy. Checked another client (out of 100+ companies) and not able to edit their policies as well. I am Admin. What has changed?
BSOD 0x50: PAGE_FAULT_IN_NONPAGED_AREA
The latest Webroot release 188.8.131.52 with its updated wrkrn.sys file seems to have caused some BSOD's with 2008r2 after our systems rebooted last night. I was able to delete the file from a repair command prompt and then reboot into normal operating mode. I have a ticket in with Webroot support about this issue, but I thought my issue should be shared. Update: I have talked with an MSP using Webroot who has had the same problem today. They also report that if you reboot your machine again after Webroot has a chance to reinstall the wrkrn.sys file it will start throwing up BSOD messages again.
Webroot and Windows Defender
I have read that Webroot can run along side Windows Defender. My question is what's the point of having defender running when we have Webroot SecureAnywhere running? If your recommendation is to disable Windows Defender could someone give me the steps to do so in Windows 10 and Server 2016?
Server 2012 STD R2 Hard Disk Expansion Issue - WRLog.log
After recently terminating a 3rd party IT support service they sent a remote consol command to remove their remotely managed Webroot Secure Anywhree from our network (45 workstations & 5 W Std 2102R2 servers). Although the console shows from their end that all agents were deactivated and uninstalled, that is certainly not the case. The next day, completely unaware the failed uninstall attempt occured, I came in to find all 5 W Std 2012 r2 servers c: drives completely full. I then discovered the reason was Webroot created a WRLog.log file in c:WindowsTemp directory that expanded exponentially until maximum storage space was depleted. After contacting a support tech from the IT mgmt service we were finally able to stop the service, delete the expanded WRLog,log file and then manually uninstall the agent from the cmd line for all of the servers. The following day, the problem started all over again and I had to go through all the steps to delete the temp log file once aga
How to generate report on all expiring endpoints?
I manage one console for all my business clients and need to generate a report on all upcoming expiring sites so as to send out renewal reminders. I'm doing this by manually checking back on invoices from last year but I'm sure there has to be a way to generate a report from within the console? Can anyone please advise of the process if this feature is available?
Unable to remove webroot secure Anywhere endpoint Protection
I have installed webroot secure anywehere endpoint protection trial version in my laptop. now i am unable to remove the antivirus. When i tried to remove anitivirs , its requesting me to remove from the console first. I fogot the secure code and i am not able to login to the console. When i try to reset the securecode its asking me another security question, which answer i forgot. I get an error - Error(UPA004) How can i reset this security code and remove webroot from my pc
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.