Skip to main content
Customer Support Customer Support

Has WSAC been reporting false positives for Windows 10?

  • August 24, 2015
  • 3 replies
  • 38 views
Krieger_bot
Fresh Face
Forum|alt.badge.img+8
Has anyone been reporting false positives for rootkits on new Windows 10 or upgraded Windows 10 machines?  The WSAC notification icon has been displaying as "Infected" once a week, but when I scan my computer, the scan returns negative.  Last week, I removed what WSAC pinged as 4 rootkits pertaining to:
HKLMSystemCurrentControlSetServicesOneSyncSvc_Session; 
HKLMSystemCurrentControlSetServicesPimIndexMaintenanceSvc_Session;
HKLMSystemCurrentControlSetServicesUnistoreSvc_Session; and
HKLMSystemCurrentControlSetServicesUserDataSvc_Session. 
 
This afternoon, my WSAC icon again displayed "infected" and I ran (and saved) a scan which returned negative; but the threat log identified the same 4 items listed above.  
 
I'm inclined to believe that the items above were removed based on the policies I've implemented on my machine, and I'll check my event logs to verify that Windows reinstalled those items; however, the nastiness of rootkits is why I am asking for input before I tell WSAC that they are authorized processes.
 
Thank you,
Krieger_bot

    3 replies

    Ssherjj
    Moderator
    Forum|alt.badge.img+62
    • Ssherjj
    • Moderator
    • August 24, 2015
    Hello ?,
     
    Welcome to the Webroot Community,
     
    Would you please submit a Support Ticket which is free of charge with an active subscription.
     
    The support team will have a look and will whitelist these for you if need be.
     
     
    Thank you,
    IMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.7.3), Security: iPads, ALIENWARE 15 R6, W11 Microsoft Windows Workstation, x64, Webroot® SecureAnywhere™ Internet Security Complete, Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester
    V
    New Voice
    • Vince_C
    • New Voice
    • March 29, 2016
    I have the same exact problem.
     
    It would be helpful if Webroot would simply post if these are actually false positives...
    Ssherjj
    Moderator
    Forum|alt.badge.img+62
    • Ssherjj
    • Moderator
    • March 29, 2016
    Hi Vince_C,
     
    If you are having the same issues then it's best to Submit a Support Ticket and they can check this out for you which is free of charge with a Webroot subscription. https://www.webrootanywhere.com/servicewelcome.asp
     
     
    Hope this helps?
    IMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.7.3), Security: iPads, ALIENWARE 15 R6, W11 Microsoft Windows Workstation, x64, Webroot® SecureAnywhere™ Internet Security Complete, Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester
      Terms & ConditionsAccessibility statement