This morning, Webroot Secureanywhere did not start. OnlineArmor asked if I wanted to allow a program with a name similar to "WRupdate347369.exe" to execute out of the temp folder. It identified itself as a Webroot program but the numbers seemed strange and executing out of the temp folder concerned me. I NEEDED to log in for a webinar so execution was blocked and Secureanywhere had to be manually started. The executable did not appear again.
Was this a legitimate WR update? If so, how can it be verified before allowing it to execute?
(Comment: It has been advised by other applications (JAVA & Adobe are the most notorious) not to allow automatic updates to execute but rather go to the website and get the update directly.)