Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,134 Topics
- 3,656 Replies
Hello, We are using Webroot alongside Huntress, and we want to use the features of Managed AV of Huntress as it can trigger an analyse of the Huntress ThreatOps Team. So, my question is simple, can we use Webroot and Microsoft Defender actively (as Windows Defender can stop a malware and trigger Huntress) on the same computer.Actually, i have just found some very old article that says it’s possible :SecureAnywhere You want to know if SecureAnywhere is compatible with other antivirus software (webroot.com)SecureAnywhere You want tips for running SecureAnywhere with another antivirus program (webroot.com)But it’s about 10-year-old articles, so i want to know if, in 2023, it still actual , or not?I have also seen this post : Webroot with Windows Defender in 2021 | Webroot Community but the solution say that Windows Defender should have Active Scanning Disabled so i suppose that will disable the benefit of Microsoft Defender with Huntress. Thanks in advance
MSP here. I’ve seen other posts that discuss Webroot with Windows Defender, but now that it’s 2021, Windows 10 has changed a bit.Why other posts don’t apply anymore: Disable periodic scans in Windows Defender is no longer an option According to this article, you can set a DWORD value in the registry to enable Passive Mode for Defender, however, upon setting it, is has no effect on issue #1 belowTwo issues:With Webroot + Windows Defender enabled, Windows Defender is still actively scanning data in real-time. I ran a test and saw the Microsoft Anti-Malware service spike up to 30-40% CPU usage. Webroot is installed and functioning correctly, but Webroot doesn’t seem tell Windows Defender to turn off. I have a registry hack to force Windows Defender off, but I’d rather not apply that unless I have to. In addition, if I disable “Real-time Protection” in Windows Defender, I get a toast message that says that Windows Defender & Webroot are both disabled, even though Webroot is actually
Using the business version, is there any way to force a scan to run every single day?I have a policy to scan daily and “scan before 8 am when the computer is idle” but this appears to not cause a scan to actually happen but once a week. A specific computer I picked out as an example does not routinely experience “idle” times and is never shut off in normal operation, but spends entire weeks without performing a scheduled scan. There is another set of options such as “scan at 8 am when resources are available” but I am nervous to try it, it sounds to me like another conditional that might result in scans not being carried out under certain circumstances.Anyone have any knowledge about this?I also have an open ticket with Webroot but they’ve been slow to respond usefully, so I figured I’d take a shot on the forum.Incidentally, I am aware the real value of Webroot is its realtime scan, but I am required to show daily file scans are being conducted as well.
I have Webroot deployed across a large number of endpoints. Every once in a while a few people will report that Google Chrome will not open. As soon as I uninstall Webroot, Chrome works just fine. And then when I reinstall Webroot things are back to normal.Is this a known issue, any suggestions for how best to deal with it?
My software is set to the default settings where it scans the device daily. The scan report window does not go away. Each day a new scan window is there and these windows stack on top of each other. When I log in remotely the taskbar has a stack of webroot windows that I must close individually every day. This is annoying. Previous research said to remove and reinstall the agent. Tried that. It did not work. Any help out there please?
Hi Webroot Team, Newbie here. Can we audit device per sites if Web Threat Shield extension for Browser is enabled or disabled? Also, if the Web Threat Shield extension is disabled from a device with Webroot client program, does it mean that if the User accessed a malicious site, Webroot would not block it? Thank you.
Hello, I need help whitelisting a specific file on a specific machine. We are running Webroot SecureAnywhere with a centrally managed console. I’ve tried following the instructions located in this thread:https://docs.webroot.com/us/en/business/wsab_endpointprotection_adminguide/Content/UsingOverrides/CreatingWhitelistOverrides.htm I’ve tried creating an override on the desktop without success, but even when I stick the file in the root of C: and create an override to the folder in that location it does not work. I’ll attach a couple screenshots for reference. I’ve also got an open ticket and am waiting on a response, but wanted to ask for any suggestions here?
I unfortunately tested the "deactivate" button on my own machine in the console. How do I clean this up and have it back in the proper group? I know the clue was in the "this cannot be undone" warning but hey, I'm inquisitive! Any help would be most welcome! Thanks, Arkaig
Hello Experts, These two Trojans were found on a pc during a scan from another software provider, results were Infected, Signature, Trojan, but was not able to cure either of them. Ran another scan using WebRoot software and no threats were found. Are these Trojans a valid threat? If so, how are they to be cured? Thanks, Dee
I purchased a 5 user license for SecureAnywhere Complete a few days ago. I have installed it on 5 PC's and one Droid Bionic. 3 of the PC's are Windows XP, 1 is Windows 7 32 Bit and the final is Windows 7 64 bit. All 3 of the XP Boxes lose the ability to cut and paste. Rebooting fixes it for a while, but it happens again within 10 minutes. Shutting down Secure Anywhere fixes the problem immediately without reboot and it works fine until I restart Secure Anywhere. And it will happen again in a few minutes. It will come and go. On the 32 Bit Windows 7 PC, the CPU stays neat 100% when I am using Chrome. The mouse movement becomes "sticky" and I end up shutting down Chrome and restarting it. Within 5 minutes with 3 or 4 tabs open, it happens again. I only have a couple of extentions. When I shut down SecureAnywhere, the CPU does not hit 100%. On this same PC, the number keys change to arrow keys so the cursor jumps all over the screen when I try to enter numbers. The regul
I have one user trying to reach newsblues.com using Firefox (v22.0), their preferred browser but the site is blocked by Secure Anywhere (v184.108.40.206). Using IE 8 is OK (Windows XP SP3) Windows 7 users are not blocked when using Firefox. What might I be looking for to allow XP users access to the site or do they just have to use IE?
Ok, fiddling a bit with a few installs on the way to rollouts of Webroot Endpoint. What I would like to know is how do I prevent an end user from uninstalling webroot? I just got off an end users machine who uninstalled the other AV bloatware because it slowed his machine down too much. Not an uncommon sentiment, but then I installed webroot on one of my machines and I was able to uninstall it from add/remove programs without a password (the type the above letters verification code was tricky though :) ), and even if I remove the Webroot item from add/remove programs the end user can still go and delete the webroot executable from the program files(x86)webroot directory. Many of my end users are local admins on their machines, so I need an uninstall password on the app. Is this built in somewhere and I am missing it? Some other way to avoid users doing this? If the executable is deleted does the web console push it back out? Am I missing something? Thanks, Wayne&nb
Hi all, In the Remote Deployment Tool I'm receiving a "Authenticating...failed, Unexpected error 1909" when scanning our network for endpoints. What does this mean and what triggers it? I have been able to use the RDT successfully before, deploying to about 30 computers. Last week, the first time I received this message, I refreshed the states and the endpoints showed up as normal and I could deploy changes. Now no matter how many times I refresh I get this error and the status of these endpoints changes each refresh state. They flip between the the 1909 error, and "Invalid Username/password" and "Network path not found." My coworker's RDT pulls up the endpoints just fine. I'm not sure what's going on. Any insight would be appreciated.
We have a small network (<15) workstations. We want to install some internet monotoring and blocking software. Webroot is compromising the workstation installation. The Software log indicates that a the client software has been compromised. One of the prodicts that we are evaluating is Pearl Echo Suite. I have seen this work in other companies and want to install it. Their experts say that Webroot must be blocking or modifying the LSP that their software uses. Is there any way to configure Webroot to allow LSP'S.
Hi, I am currently conducting a trial of Webroot installed at a remote office in Malaysia, from Australia. Yesterday I received an email that one of the PC's there had been "Attacked", and checking the console this morning I see the message : [b]Alert 1 Endpoint needs attention We recommend you check whether this endpoint has automatic remediation enabled on the assigned policy.[/b] The endpoint shows as "Infected" by Malware called "W32.Rogue.32". The PC was last seen yesterday afternoon, a few minutes after the Malware was detected. There is no clean scan recorded. My question is : How do I know what action was taken by Webroot, or do I have to assume the file was quarantined ? There does not seem to be any way to see a log of the actions performed either successfully or not. I find the message "Infected" rather alarming as it implies there is still an infection ..... Thanks
I need to exclude some programs from real-time protection scanning and I need some direction. The error message is contained below. Right now the only work around to turn off protection scanning which is not acceptable. Any help would be greatly appreciated. OS: Windows Server 2008 R2 Standard (64-bit) RAM: 12GB CPU: Xeon 3.3GHz 4-Core Here is the error detail: Problem Event Name: BEX Application Name: NovaBackX.exe Application Version: 220.127.116.11 Application Timestamp: 50c3acfa Fault Module Name: WRusr.dll Fault Module Version: 18.104.22.168 Fault Module Timestamp: 50d237dd Exception Offset: 00018560 Exception Code: c0000005 Exception Data&colon; 00000008 OS Version: 6.1.7601.2.1.0.272.7 Locale ID: 1033 Additional Information 1: 2608 Additional Information 2: 2608c5700f693da309fa1a40136afc7c Additional Information 3: 0a97 Additional Information 4: 0a97994f40f74f03e0d128f2b3952d56
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.