Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,134 Topics
- 3,606 Replies
Yes stupid question as stated in the subject.But to make long story short I use to work for a company 3 months ago. They installed Webroot SecureAnywhere Endpoint Protection on my personal laptop because I use it for work. I don’t work for them anymore as I have moved country and can’t be bother contacting their IT to get it removed from their central console. Now I notice they left their Webroot on my laptop and cannot delete it or even open it. It tells me to contact system administrator bla bla bla… Well my laptop is very slow at times now so I am thinking of reformatting and doing a clean wipe of my PC. Will this successfully remove Webroot from my PC?Thanks
I’ve created some whitelist overwrites that I want applied to all machines. I’ve selected NO to apply to policy because the knowledge article says that by selecting NO it will apply to all policies on our site. Am I seeing and thinking about that correctly? Reference Link: https://docs.webroot.com/us/en/business/wsab_endpointprotection_adminguide/Content/UsingOverrides/CreatingWhitelistOverrides.htm
Using the business version, is there any way to force a scan to run every single day?I have a policy to scan daily and “scan before 8 am when the computer is idle” but this appears to not cause a scan to actually happen but once a week. A specific computer I picked out as an example does not routinely experience “idle” times and is never shut off in normal operation, but spends entire weeks without performing a scheduled scan. There is another set of options such as “scan at 8 am when resources are available” but I am nervous to try it, it sounds to me like another conditional that might result in scans not being carried out under certain circumstances.Anyone have any knowledge about this?I also have an open ticket with Webroot but they’ve been slow to respond usefully, so I figured I’d take a shot on the forum.Incidentally, I am aware the real value of Webroot is its realtime scan, but I am required to show daily file scans are being conducted as well.
Hello! New Webroot SecureAnywhere user here. I recently started at a company that uses this software however I have no experience with it. Dumb question, but we are troubleshooting some software issues on a PC that has Webroot SecureAnywhere installed on it. I have access to the Admin console but am unable to disable the software locally. How do I disable this software on a single PC for testing purposes?
I just started installing webroot endpoint on all my desktops. They all seem to install okay except one desktop. When I install using the link with the key code, it still asks for the key code and installs in as a standalone app. It doesnt show up on the console and the user has full control of the app.I tried rebooting, reinstalling, updating the pc… all the normal things, but it just doesnt want to seem to work. All the other installs are working fine on similar desktops. Any ideas???
Hi all,I’ve ended up here as I’m not quite sure where else to go for dialog. I'm not sure if I'm correct or incorrect in my approach. I'm interested in the greater opinion!Where I work, we have a fairly sensitive IT manager, who on seeing a Webroot Alert will shout 'fire fire fire' and shut everything and everyone down until a full investigation has been undertaken. This gets fairly wearing as every alert generates a lot of work. (Usually to no benefit) He has a particular urgency for Trojan notifications.Now, while I appreciate the sentiment, I can't help be get ever frustrated at this approach. I am under the (correct/incorrect?) impression that an alert from Webroot is a GOOD thing and that nothing has been executed/infected. Although I do agree that a quiet investigation is probably necessary to ensure that an infection hasn't taken hold.So my question/discussion point is this - if Webroot highlights an 'infection', is the detection done at a safe point i.e. pre execution, or
We are a versatile IT company in that we take care of both small business and home users. We are trying to move away from Eset Endpoint AV to Webroot. However, we are lacking some functionality and we don't know how to overcome it. In the Eset management portal, we are able to add custom fields so that we can accurately identify the customer, computer make and model, etc. I can't figure out how to do that in the Webroot SecureAnywhere portal. For businesses, I just create a new site and put all relevant business PCs installs under that. That’s no problem. However, for a home user, I can justify creating a site for each individual user. I am looking for suggestions or best practices on how to do some type of labeling for management and record keeping purposes. I know companies like Best Buy help home users - so how do they track their licenses per home user?? Suggestions please on how others do this?
Hello, I’m attempting to remove this software from our endpoints. The manual removal fails indicating it requires wsasme.msi, I do not have this file nor is it located on the endpoint.An attempt to remove them displays a missing msi file. further to this removal from WMIC errors out with “ ReturnValue = 1603;”
edit: Title should be MacOS users able to uninstall Webroot without* admin I am curious if this is just some of our devices or if this is a wider issue. Currently Webroot clients on 9.1.x.x can be uninstalled without any password requirement.If you go to the About SecureAnywhere page of the client, you will see a link to uninstall Webroot. If you click it, and click yes, you don’t get any sort of password prompt or “this device is managed” prompt. Anyone else have this behavior?Edit: We have since disabled the GUI for all our devices to be on the safe side.
We are having major problems with Webroot WebThreat extension and have decided to no longer use it. I created a test group to go through the remove process. The group policy has WebThreat turned off.All devices in the group have the Webroot client saying the Web Threat shield is turned off. Annoying the client is saying a warning that it is disabled.I reboot a device, and the extension is still installed.I uninstall webroot, and the extension is still there.I run the following script I made:#!/bin/bashsudo /usr/libexec/PlistBuddy -c 'Delete :ExtensionInstallForcelist' /Library/Managed\ Preferences/com.google.Chrome.plistsudo /usr/libexec/PlistBuddy -c 'Delete :ExtensionInstallForcelist' /Library/Managed\ Preferences/*/com.google.Chrome.plistsudo /usr/libexec/PlistBuddy -c 'Add :ExtensionInstallBlacklist array' /Library/Managed\ Preferences/com.google.Chrome.plistsudo /usr/libexec/PlistBuddy -c 'Add :ExtensionInstallBlacklist:0 string kjeghcllfecehndceplomkocgfbklffd' /Library/Managed\
We recently received a “security report” from an insurance underwriter related to our Cyber Liability policy. Included in the report was the one and only incident that a user had with an email threat. The threat was promptly identified and remediated. My question, since the information included the users email address, time and date of the incident, how did the insurance underwriter get this information? The only place it is contained is within our webroot data. Are you know selling our security history logs with usernames, PII, etc.? If so, we will be dropping Webroot like a rock.
So my friend was trying to get a webroot subscription he had showed me this “free webroot cracked” lol just another key basically but he’s afraid now because he found out that you can basically do things to people’s computer from “endpoint” as its called, what can he do to prevent his computer from being damaged?Didn’t really know where to post thisAlso I told him to try uninstalling the webroot, so they cant run anything to the computer (I think)
When installing WebRoot Secure Anywhere on a 2016 server do you need to change the policy in the Console to “Server” before installing on the Server.I have installed all so far with “unmanaged” policy until I get use to the software. Should I uninstall and reinstall with Server Policy instead of unmanaged or can I change the policy within the program?
We have a legacy VMware Thin App virtualised application which has been working until quite recently, i.e. just in the last day or so, users are experiencing app crashes when launching the virtualised app.We have found that removing the Webroot client from a sample computer eliminates the symptoms of the application crashing and therefore we believe that the Webroot client is interfering with execution.We have added Global Whitelists entries for the Application executable and for the UNC from where the Application executable is run and streamed, but this has not resolved the issue.I suspect that somehow the Webroot client is interfering with the data streaming process upon which the ThinApp virtualisation framework depends.This affected application is business critical, so I need to find a way to correct this behaviour, or we will be forced to abandon Webroot in favour of an alternative AV solution for all affected users. I have a raised a Support ticket today and currently awaiting a
My company recently moved from Trend to WebRoot. When working from home I used to be able to use Trend to scan my personal laptop via a local network shared folder. I tried this with WebRoot and it seems to work if I just want to scan one file, but if I choose to scan a folder it doesn’t scan the contents of any subfolders.
We have been using Webroot Secureanywhere for over 8 years at our business. This last year we have downsized our staff significantly and at renewal we notated we no longer needed our full 20 stations, but instead only 5 licenses would be needed. These systems had webroot removed and were booted down. The backend showed only 5 active stations/licenses. Sure enough at renewal we were billed for all 20 stations.I contacted support and got a response WEEKS later that a refund request had been escalated. After an additional week with no return I contacted via phone. Long story short we finally were downgraded to the correct license amount and received a refund about 38 days after the initial request.Keep in mind, the downgrade was an annual payment. The following month (March or April) we started to be billed an erroneous $13. 50 a month since then. I then opened another ticket las month and received a response 7 days later saying they were looking into it. Days later… nothing. I replied ba
Within my site, I’ve renamed some endpoints so that they are more descriptive than some of the generic hostnames. Here’s the issue, those custom names don’t appear in the global console - neither in the groups nor in reports. I’m trying to deploy evasion shield, but this limitation makes it unusable. Evasion shield’s reports don’t appear within my site, only the global console. But the global console doesn’t honor my custom endpoint names. So when I run the evasion shield reports, I get a list of endpoints but they are the original hostnames which are meaningless to me. I have contacted support about this issue. They advised this is a known issue but is low on the priority list for dev. I suspect that Webroot doesn’t fully understand or appreciate the depth of this problem. You keep pushing to use evasion shield, but evasion shield isn’t useful for me until this is fixed. Either include the evasion shield reports within my site or fix this bug in the global console, please.
We have enabled Evasion Shield and set it to remediation after a test period. The problem is that we do not receive alerts when a script is detected/quarantined. We have to run a report, daily, to discover potential problems. Do you confirm this behaviour? Thank you in advance. -- Nicola
Hello! I tried to browse topics and knowledge base, but could not find an answer. My small company manages my remote PC with Endpoint Protection where I would be allowed to set up exceptions and overrides. For this reason my boss added me as a Basic user, so I can do that from the GSM console (as they explained me). However, if I log in, in do not see anything as my console, except “You have not been granted access or permissions to any console.” What do they/I miss? Thank you if you have a minute for this one. ~snip Removed email address please don’t post email addresses in public snip~
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.