I have Windows 10 and webroot keeps flagging the same 4 items are these false posatives?
SystemCurrentControlSetServicesOneSyncSvc_Session3
SystemCurrentControlSetServicesPimIndexMaintenanceSvc_Session3
SystemCurrentControlSetServicesUnistoreSvc_Session3
SystemCurrentControlSetServicesUserDataSvc_Session3
false posative?
+62Hello onthego,
Welcome to the Webroot Community,
My advise would be to submit a Support Ticket and they can check or correct these if they are a false positive. This is free of charge with an active Webroot subscription.
http://www.webroot.com/us/en/support/contact
Hope this Helps, Kind Regards,
Welcome to the Webroot Community,
My advise would be to submit a Support Ticket and they can check or correct these if they are a false positive. This is free of charge with an active Webroot subscription.
http://www.webroot.com/us/en/support/contact
Hope this Helps, Kind Regards,
IMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.7.2), Security: iPads, ALIENWARE 15 R6, W11 Microsoft Windows Workstation, x64, Webroot® SecureAnywhere™ Internet Security Complete, Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester
Hi,
just found this here - I am using WSA since approx 3 weeks and the same problem. Sometimes I get these file marked as rootkit, sometimes not. I opened a ticket and the recommendation was to reinstall WSA - it helped one or two days than the issue came back again.
I wrote again and got the same advise.
The last statement was that it is now send to the Dev team.
I wonder that this seem to be a problem since August and still no solution ?
What I would also like to know if other WIN 10 users don't have the problem ?
Peter
just found this here - I am using WSA since approx 3 weeks and the same problem. Sometimes I get these file marked as rootkit, sometimes not. I opened a ticket and the recommendation was to reinstall WSA - it helped one or two days than the issue came back again.
I wrote again and got the same advise.
The last statement was that it is now send to the Dev team.
I wonder that this seem to be a problem since August and still no solution ?
What I would also like to know if other WIN 10 users don't have the problem ?
Peter
Hello there ?
I have been using Windows 10 since August, and I have never had that detection. Please submit a Trouble Ticket to have Webroot Support take a look at it for you.
I have been using Windows 10 since August, and I have never had that detection. Please submit a Trouble Ticket to have Webroot Support take a look at it for you.
Hi David,
as I wrote I raised a ticket and the last status is that it was forwarded to the Dev team to find a solution.
The strange this is that sometimes I get this warning when turning on the PC, and sometimes I don't get it..
Peter
as I wrote I raised a ticket and the last status is that it was forwarded to the Dev team to find a solution.
The strange this is that sometimes I get this warning when turning on the PC, and sometimes I don't get it..
Peter
That is very strange that it sometimes hits and sometimes not, at least I think so. Did you mention that in your Trouble Ticket?
Thanks for the update on it that it has been sent to the Dev team!
Thanks for the update on it that it has been sent to the Dev team!
Yes - this is completely strange - if it hits than I can run 3 or 4 times the virus scan and sometimes it disappears then.....
I did mentioin this in the ticket - the problem is that I have no idea when this hits or not - there seem to be no rule when it happens.
I did mentioin this in the ticket - the problem is that I have no idea when this hits or not - there seem to be no rule when it happens.
I think that may well be a part of what the Dev team wants to take a look at. They may be looking at a couple things:
1) the detection itself. If anything needs whitelisted they will do it.
2) the WHY it hits sometimes but not others. That almost makes it look like WSA is not uniformly starting up on time at boot time: it might not be starting up on time every time, according to design.
1) the detection itself. If anything needs whitelisted they will do it.
2) the WHY it hits sometimes but not others. That almost makes it look like WSA is not uniformly starting up on time at boot time: it might not be starting up on time every time, according to design.
Today the rootkit warning did not come up with booting the PC - I just ran a scan and the warning came.........
Peter
Peter
Was there ever a resolution to this? I get the same thing except I have a few more entries.
SystemCurrentControlSetServicesCDPUserSvc_6d0ec
SystemCurrentControlSetServicesDevicesFlowUserSvc_6d0ec
SystemCurrentControlSetServicesMessagingService_6d0ec
SystemCurrentControlSetServicesOneSyncSvc_6d0ec
SystemCurrentControlSetServicesPimIndexMaintenanceSvc_6d0ec
SystemCurrentControlSetServicesPrintWorkflowUserSvc_6d0ec
SystemCurrentControlSetServicesUnistoreSvc_6d0ec
SystemCurrentControlSetServicesUserDataSvc_6d0ec
SystemCurrentControlSetServicesWpnUserService_6d0ec
Thanks.
SystemCurrentControlSetServicesCDPUserSvc_6d0ec
SystemCurrentControlSetServicesDevicesFlowUserSvc_6d0ec
SystemCurrentControlSetServicesMessagingService_6d0ec
SystemCurrentControlSetServicesOneSyncSvc_6d0ec
SystemCurrentControlSetServicesPimIndexMaintenanceSvc_6d0ec
SystemCurrentControlSetServicesPrintWorkflowUserSvc_6d0ec
SystemCurrentControlSetServicesUnistoreSvc_6d0ec
SystemCurrentControlSetServicesUserDataSvc_6d0ec
SystemCurrentControlSetServicesWpnUserService_6d0ec
Thanks.
+62Hello dpandkp,
Welcome to the Webroot Community Forum,
I am not aware of any resolutions...
Please Submit a Support Ticket so they can check or/and correct these if they are false positives.
Thanks,
Welcome to the Webroot Community Forum,
I am not aware of any resolutions...
Please Submit a Support Ticket so they can check or/and correct these if they are false positives.
Thanks,
IMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.7.2), Security: iPads, ALIENWARE 15 R6, W11 Microsoft Windows Workstation, x64, Webroot® SecureAnywhere™ Internet Security Complete, Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester
+56Can you please lower your Heuristics back to default and the detections will stop, also WSA can't remove those so no worries there! See here: https://docs.webroot.com/us/en/home/wsa_pc_userguide/wsa_pc_userguide.htm#SettingPreferences/AdjustingHeuristics.htm%3FTocPath%3DSetting%2520Preferences%7C_____3 maybe@ wrote:
Was there ever a resolution to this? I get the same thing except I have a few more entries.
SystemCurrentControlSetServicesCDPUserSvc_6d0ec
SystemCurrentControlSetServicesDevicesFlowUserSvc_6d0ec
SystemCurrentControlSetServicesMessagingService_6d0ec
SystemCurrentControlSetServicesOneSyncSvc_6d0ec
SystemCurrentControlSetServicesPimIndexMaintenanceSvc_6d0ec
SystemCurrentControlSetServicesPrintWorkflowUserSvc_6d0ec
SystemCurrentControlSetServicesUnistoreSvc_6d0ec
SystemCurrentControlSetServicesUserDataSvc_6d0ec
SystemCurrentControlSetServicesWpnUserService_6d0ec
Thanks.
Enable enhanced heuristics based on the behavior, origin, age, and popularity of files
Default; recommended setting.
+35- OpenText Employee
A support ticket would be the way to go with this one. I haven't seen a report of this in a long time.@ wrote:
Can you please lower your Heuristics back to default and the detections will stop, also WSA can't remove those so no worries there! See here: https://docs.webroot.com/us/en/home/wsa_pc_userguide/wsa_pc_userguide.htm#SettingPreferences/AdjustingHeuristics.htm%3FTocPath%3DSetting%2520Preferences%7C_____3 maybe@ wrote:
Was there ever a resolution to this? I get the same thing except I have a few more entries.
SystemCurrentControlSetServicesCDPUserSvc_6d0ec
SystemCurrentControlSetServicesDevicesFlowUserSvc_6d0ec
SystemCurrentControlSetServicesMessagingService_6d0ec
SystemCurrentControlSetServicesOneSyncSvc_6d0ec
SystemCurrentControlSetServicesPimIndexMaintenanceSvc_6d0ec
SystemCurrentControlSetServicesPrintWorkflowUserSvc_6d0ec
SystemCurrentControlSetServicesUnistoreSvc_6d0ec
SystemCurrentControlSetServicesUserDataSvc_6d0ec
SystemCurrentControlSetServicesWpnUserService_6d0ec
Thanks.
@ can supply more info as I can't find his older posts about this subject?
Enable enhanced heuristics based on the behavior, origin, age, and popularity of files
Default; recommended setting.
-Dan
Webroot Threat Research
+56@ wrote:
A support ticket would be the way to go with this one. I haven't seen a report of this in a long time.@ wrote:
Can you please lower your Heuristics back to default and the detections will stop, also WSA can't remove those so no worries there! See here: https://docs.webroot.com/us/en/home/wsa_pc_userguide/wsa_pc_userguide.htm#SettingPreferences/AdjustingHeuristics.htm%3FTocPath%3DSetting%2520Preferences%7C_____3 maybe@ wrote:
Was there ever a resolution to this? I get the same thing except I have a few more entries.
SystemCurrentControlSetServicesCDPUserSvc_6d0ec
SystemCurrentControlSetServicesDevicesFlowUserSvc_6d0ec
SystemCurrentControlSetServicesMessagingService_6d0ec
SystemCurrentControlSetServicesOneSyncSvc_6d0ec
SystemCurrentControlSetServicesPimIndexMaintenanceSvc_6d0ec
SystemCurrentControlSetServicesPrintWorkflowUserSvc_6d0ec
SystemCurrentControlSetServicesUnistoreSvc_6d0ec
SystemCurrentControlSetServicesUserDataSvc_6d0ec
SystemCurrentControlSetServicesWpnUserService_6d0ec
Thanks.
@ can supply more info as I can't find his older posts about this subject?
Enable enhanced heuristics based on the behavior, origin, age, and popularity of files
Default; recommended setting.
-Dan
Other thread: https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/What-could-cause-the-Caution-Rootkit-virus-to-return-a-day-later/m-p/259496#M26294 and here as I had the same Detections: https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/What-could-cause-the-Caution-Rootkit-virus-to-return-a-day-later/m-p/259719#M26333
Thanks,
Daniel
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.