Using the EXE file to install the Webroot Business Endpoint Protection agent

The Webroot Business Endpoint Protection agent can be installed using the EXE file. It is very important to use the correct keycode when deploying the Webroot agent. The keycode is a vital part of communications and using the wrong one will prevent the agent from working properly. Click here for information on finding a site keycode.

Installation requirements:

The device meets system requirements.
- System Requirements
An active internet connection.
- Firewall configuration
The user or method used to deploy needs permission to install software to the device.

Tip: The EXE installation file can be downloaded using this link:

https://anywhere.webrootcloudav.com/zerol/wsasme.exe

There are a variety of options available when using the EXE to install, click an option to see more information.

+Manually running the EXE file on the device

Copy the wsasme.exe file to the device.
Run the wsasme.exe file, follow the onscreen prompts.
When prompted, enter the keycode.
The agent will run a scan as part of the installation process. Once the scan completes, installation will complete and the device will check-in to the Webroot Management console.

Note: The user installing the agent must have permissions to install software to the device.

+Using the renamed EXE file - useful when using a tool to deploy an EXE file

When the EXE file is renamed as the keycode and executed, a silent and unattended installation occurs, using the keycode in the file name to register the agent. This is useful when deploying via script if you don't want to use the MSI file. A renamed EXE looks like:

XXXX-XXXX-XXXX-XXXX.exe

Where XXXX-XXXX-XXXX-XXXX is the site keycode

You can download a renamed EXE file from the Webroot Management console:

Log in to the Webroot management console.
For the Business view:
1. In the left nav bar, click Dashboard.
2. In the Download Software box under Windows PC, click Download.
3. Choose a location to save the file.
For the Service Provider view:
1. In the left nav bar, click Sites List.
2. Find and click the Site you want to download the EXE for.
  - You can use the top search box to find a site by name or partial name.
3. In the top menu, click Endpoint Protection.
4. In the Download Software section (to the right), click the link: Download Windows (.exe)
5. Choose a location to save the file.

+Command line options available

The EXE file can be executed using command line options. These options provide more control over how the agent is installed and are useful in a variety of situations. Some options are only available for Windows, see the list for more details.

Command Line Options for Windows

Command Line	Description
/key=keycode	Installs with the provided keycode, with or without hyphens. Example: wsasme.exe /key=xxxx-xxxx-xxxx-xxxx-xxxx
/silent	Installs in the background.
/nostart	Installs without starting the agent.
/lockautouninstall=password	Allows uninstallation of the agent using the password you specify and does not add an entry to the Programs or Add/Remove Programs list. This option is useful if you need to silently uninstall the agent later. To uninstall, use the EXE command with the /autouninstall option. To use this option to set an uninstall password but still display the Webroot Agent in the Programs or Add/Remove list, use the /exeshowaddremove option.
/autouninstall=password	Only used to uninstall the agent silently when the /lockautouninstall option was used for installation.
-clone	For cloned machines/VMs, creates a persistent, unique value for the PC which is added to the back of the hostname as it is displayed in the Management console. Example: For a PC named PCHOSTNAME, if the unique value is C8137921, the PC will be displayed in the Management console with the name: PCHOSTNAME-C8137921 Notes:This value will persist if the agent is uninstalled/reinstalled without removing the WRData folder. If the OS is reinstalled, the ID will change. Useful when Instance MID's are matching causing duplicates in the console.
-uniquedevice	Useful when multiple devices share the same type of hardware, but each device has a unique name. Installing the Webroot agent to devices using similar hardware may result in the devices not appearing in the Management console as expected. Use -uniquedevice to change how the device is identified to avoid or resolve issues. If the device is mis-labeled, to correct it: Uninstall the Webroot agent. Delete the WRData folder and reboot. Re-install the agent using the -uniquedvice command option Note: For use when DeviceMID's are matching causing duplicates in the console or endpoints replacing endpoints at each poll interval.
/exeshowaddremove	Adds an entry to the Programs or Add/Remove Programs list for the Webroot agent. IMPORTANT NOTE: Adding Webroot to Add/Remove Programs enables the endpoint user to remove the software if the Unmanaged endpoint policy is applied.
/group=groupcode	Command line switch for deploying directly into groups. Example: wsasme.exe /key=xxxxxxxxx /group=135260017840748808 /silent To get the group code: From the Endpoint Protection console, go to the Group Management tab and select the Groups sub-tab. Highlight the Group you would like to deploy to, click Actions, then Deploy Endpoints to this Group. The group code will be displayed and is unique to this group. Other requirements: The group must already exist in the console. This only works new for new installs on systems that have never been seen by the console previously.
-proxyhost=X -proxyport=X -proxyuser=X -proxypass=X -proxyauth=#	Specifies proxy settings. Note: If the endpoint connects through a proxy server, the agent will automatically detect the proxy settings. The Webroot Business - Endpoint Protection agent checks for changes to the proxy settings every 15 minutes and whenever the endpoint restarts. We recommend using auto-detection for proxy settings; however, you can use command-line options if you prefer. To enable proxy support, use these command-line options: wsasme.exe -proxyhost=nn.nn.nn.nn -proxyauth=n (where n can be 0=Any, 1=Basic, 2=Digest, 3=Negotiate, 4=NTLM) -proxyuser=proxyuser -proxypass=password -proxyport=port_number We recommend that you use a specific value for-proxyauth, instead of 0 (any). The any option requires the endpoint to search through all authentication types, which might result in unnecessary errors on proxy servers as well as delayed communications. If you use this command-line option, use all parameters and blank out any value you don't need with double quotes, for example: proxypass=""
/lang=LanguageCode	Specifies the language to use for the agent. Supported language options include: en — English ja — Japanese es — Spanish fr — French de — German it — Italian nl — Dutch ko — Korean zh-cn — Simplified Chinese pt — Brazilian Portuguese ru — Russian tr — Turkish zh-tw — Traditional Chinese

+Command line examples

Installing silently using the specified keycode:
- wsasme.exe /key=xxxxxxxxxxxx /silent
Installing silently using the specified keycode, do not list in Add/Remove or Programs and set an uninstall password:
- wsasme.exe /key=xxxxxxxxxxxx /silent /lockautouninstall=password
Installing silently using the Japanese language setting:
- wsasme.exe /key=xxxxxxxxxxxx /silent /lang=ja

If you require additional assistance using the EXE to install the agent, please contact Webroot Support.

Thanks for your feedback!