A major oversight in the product is the inability to see the currently journaled applications or allow applications that may only run for an instant but nevertheless be monitored and restricted. Or they may never run again, potentially leaving very large journaling files.
Take for example a print driver installer. You launch it and run it but it doesn't fully install. You then launch it, go into Control Active Processes, allow the main installer, and try again. However, you look in the log and it is launching executables under it that never have a chance to show up in the Control Active Processes window. You never get a chance to allow them and your installation is impeded.
Webroot's response to this is to contact support to whitelist the files via the MD5s in submitted logs or to add a file via Block/Allow files. This is not an acceptable solution for power or home users. Power users should be given full status and control of their protection, and navigating temporary directories under appdata is not a reasonable task for home users to perform. In addition, in many cases files are extracted to a random temporary directory and immediately deleted. There may never be a chance for the normal user to ever manually allow them.
Webroot needs to implement a dialog where users can see a full listing of the data that Webroot is storing on their PC via journaling and the applications it has decided to monitor and restrict from performing fully. Your competitors that have their own centralized reputation engines allow this.
As an expert, I can work around these impediments. But I am in IT with experience on the product's philosophy, workings and Windows. This knowledge should not be required to control the fundamental design and operation of a product. And this is the most fundamental design. The journaling. This is a basic, core feature that should already be implemented.