Webroot's self-protection has, once again, gotten completely out of hand. We are deploying by NinjaRMM (not by choice). This is a hit-and-miss process; usually the agent pairs off OK with the associated webrootanywhere account, and while it's an enormous PITA to have to create the policies and profiles AFTER onboarding, this isn't the problem.
We are in a situation where perhaps 1/10 of all installs will deploy the WRSA agent files OK; it'll start up, pull a default desktop config profile from god-knows-where, but then it tries to pair itself off to an account, fails with a generic internal error, and then slams the rest of the install shut and digs itself in like a tick.
Exactly like a tick. It'll sit there siphoning off resources (think desktop profile running on a server), and is extremely difficult to remove safely.
The agent itself is locked out by default (because Webroot), but because the process failed during provisioning, there is no valid central control panel from which to manage the agent. That's pretty shabby design, but whatever.
We used to be able to disable the WRSA service, reboot, then run \Program Files (x86)\Webroot\WRSA - uninstall.
Sometime in the last week (since I last had to do this) something has changed, because that command line switch now appears to loop back to the user-mode control panel command--which "helpfully" informs you that the product needs to be uninstalled from the central panel and bails out.
Is there a new process or other command line switch that I'm missing?