Solved

Question re 'Monitor'

  • 15 May 2012
  • 6 replies
  • 390 views

Userlevel 5
Badge +23
When a program is marked as 'Monitor' under System Tools > System Control > Control Active Processes, what exactly is Webroot doing? I ask because a couple of legitimate programs I use are currently labelled as such. Also, is it advisable to leave them, or can I move them to 'Allow' if I know they're legit?
icon

Best answer by RetiredTripleHelix 27 August 2013, 03:53

View original

6 replies

Userlevel 7
Hey,
 
Welcome to the Forums :D
 
It is fine to move them to "Allow" if you know they are legit. When WSA is "Monitoring" it means that the program is still unknown. It is being analyzed and journaled, if the process/program causes harm to the PC it will be able to revert the damage done.
 
The status should automatically switch to "Allow" after they are found to be legit and in some cases there are processes/programs that are being "Monitored" that should be accepted by WSA which would need to be Whitelisted.
Userlevel 5
Badge +23
Cheers Mike, I appreciate the response.

If, while a program is being monitored, could this have an impact on the program's performance?
Userlevel 7
Of course, I am here to help ;)
 
And yes, monitoring processes/programs can negatively impact their performance. What is being monitored?
Userlevel 5
Badge +23
foobar2000. I mainly noticed a performance hit whilst running ReplayGain on an album. I've since switched to 'Allow' and all is well again.
Userlevel 4
Sorry to raise this from the grave, but I had a similar question about monitoring.
 
My question is, does leaving something on monitor status eventually lead to Webroot whitelisting it automatically if nothing malicious is found with the monitored process?
Userlevel 7
Badge +56
@ wrote:
Sorry to raise this from the grave, but I had a similar question about monitoring.
 
My question is, does leaving something on monitor status eventually lead to Webroot whitelisting it automatically if nothing malicious is found with the monitored process?
Yes over time but if you have any select all the [u] files lines from a Scan Log and contact support and they will whitelist them for you unless one of them is malware in which it would rollback to the pre-infection state.
 
Example: Some legitimate files are not included in this log
[u] d:security programs foldervoodooshield folderinstall voodooshield.1.26.6.exe [MD5: F0ED6C4835C6321B2A63C26F7B321DFE] [Flags: 00081001.6181]
 
HTH,
 
Daniel

Reply