Skip to main content

I note than there has been a complaint raised about this in the past, but what is the rationale for filtering the list of active processes?  As a long-time user, I am losing confidence in WSA as sound software lately.   The filtering of the active process list makes it difficult to assess if WSA is even aware of everything underway.  Programs that have always produced process on the list no longer do so when launched, and I am unable to see any rhyme or reason to what is filtered and what is not.

Hey there @alfalfatap ,

Have you tried modifying your settings? See if this helps you at all: https://answers.webroot.com/Webroot/ukp.aspx?pid=17&vw=1&app=vw&solutionid=741

 

Let me know if that helps your situation!

-Keenan


No that doesn’t help.  My problem is that the “Active Processes” list does not include all active processes.  What setting would I modify that would alter that?


It works fine here. Is this what your seeing?

 

 

 


The list was not showing all active processes, and did not react to various processes being initiated.  But I stumbled onto a cause I find rather unsettling.  I logged onto the Webroot console.  I discovered that this particular machine has been showing as infected there (the offender being ProcessHacker.)  But local scans have shown nothing of the sort.  ProcessHacker is installed on all five of my machines and marked as ‘Allow’ (I do understand why it is being flagged) but only this machine shows as infected on the console (it is the only machine running the Home version of Windows 10, but I doubt that is relevant.)  Launching a scan from the console, the machine would come up as infected, but a local scan remained clean.  I decide to try removing the ‘Allow’ entry in PC Security and then re-addding the file and marking it ‘Allow’.  Having done that, the “Active Processes” list immediately returned to behaving normally.  Launching a scan once again from the console then came up clean.

 

I don’t routinely log on to the console, which was the only indication (other than the strange behavior of the active process list) that anything was amiss.  Frankly, I consider this pretty flaky.


The list was not showing all active processes, and did not react to various processes being initiated.  But I stumbled onto a cause I find rather unsettling.  I logged onto the Webroot console.  I discovered that this particular machine has been showing as infected there (the offender being ProcessHacker.)  But local scans have shown nothing of the sort.  ProcessHacker is installed on all five of my machines and marked as ‘Allow’ (I do understand why it is being flagged) but only this machine shows as infected on the console (it is the only machine running the Home version of Windows 10, but I doubt that is relevant.)  Launching a scan from the console, the machine would come up as infected, but a local scan remained clean.  I decide to try removing the ‘Allow’ entry in PC Security and then re-addding the file and marking it ‘Allow’.  Having done that, the “Active Processes” list immediately returned to behaving normally.  Launching a scan once again from the console then came up clean.

 

I don’t routinely log on to the console, which was the only indication (other than the strange behavior of the active process list) that anything was amiss.  Frankly, I consider this pretty flaky.


All I can say is please Submit a Support Ticket to see what they see on your system, because when I check Task Manager everything looks good to WSA Active Processes! I find Process Hacker doesn’t show the true processes, but all not even active processes but inactive ones as well. I use to use Process Hacker and use Process Explorer from MS as it’s much better IMO: https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

 

Thanks,


The list was not showing all active processes, and did not react to various processes being initiated.  But I stumbled onto a cause I find rather unsettling.  I logged onto the Webroot console.  I discovered that this particular machine has been showing as infected there (the offender being ProcessHacker.)  But local scans have shown nothing of the sort.  ProcessHacker is installed on all five of my machines and marked as ‘Allow’ (I do understand why it is being flagged) but only this machine shows as infected on the console (it is the only machine running the Home version of Windows 10, but I doubt that is relevant.)  Launching a scan from the console, the machine would come up as infected, but a local scan remained clean.  I decide to try removing the ‘Allow’ entry in PC Security and then re-addding the file and marking it ‘Allow’.  Having done that, the “Active Processes” list immediately returned to behaving normally.  Launching a scan once again from the console then came up clean.

 

I don’t routinely log on to the console, which was the only indication (other than the strange behavior of the active process list) that anything was amiss.  Frankly, I consider this pretty flaky.


Please don’t mark any process to Block as WSA will treat it as Malware and remove the Process and anything related to it from your system unless you know it’s safe.

 

Thanks,


Process Explorer from MS as it’s much better IMO: https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

 

Oh, I use Process Explorer, as well, and have used it for years.  But the Sysinternals suite isn’t as carefully maintained as it used to be.  Process Hacker provides useful tools for dealing with malware, and it has the advantage of being open source.

The significant issue here actually isn’t Process Hacker, per se.  If there is a potential risk on the machine, a local scan should alert to it.  How can there be a discrepancy between the results of a local scan and a scan of the same environment initiated from the console?  And what about this explains the “Active Processes” list crapping out?

By the way, the discrepancy which was solved by re-adding the executable as 'Allow” reappeared the following day, with the consequence that the odd behavior of the “Active Processes” list resumed.