rootkit detection disappeared

  • 16 September 2015
  • 3 replies
  • 484 views

yesterday webroot detected 3-4 rootkits and asked me to clean.  incase it was a false positive, i decided to do some alternate scanning (windows defender, avast rootkit tool with avast defs, malwarebytes and malwarebytes antirootkit, zemema antimalware, panda cloud, and eset online scanner) wich turned up nothing.  i returned to webroot to clean anyway (just in case), but it now said scan (instead of clean).  i scanned and it said my system had no infections.  under threats removed, the rootkits were not there.  under reports, i've opened the threat log and found this:
 
Tue 2015-09-15 17:37:42.0214 Scan Started: [ID: 103 - Flags: 551/16]
Tue 2015-09-15 17:38:30.0801 Infection detected: SystemCurrentControlSetServicesOneSyncSvc_Session49 [MD5: ] [12/00000000] [(null)]
Tue 2015-09-15 17:38:30.0879 Infection detected: SystemCurrentControlSetServicesPimIndexMaintenanceSvc_Session49 [MD5: ] [12/00000000] [(null)]
Tue 2015-09-15 17:38:31.0223 Infection detected: SystemCurrentControlSetServicesUnistoreSvc_Session49 [MD5: ] [12/00000000] [(null)]
Tue 2015-09-15 17:38:31.0301 Infection detected: SystemCurrentControlSetServicesUserDataSvc_Session49 [MD5: ] [12/00000000] [(null)]
 
these must be the rootkits.  but i didn't clean them.  did webroot simply clean them?  i don't see them in my quarinetine, and they are not listed on webroots "theats removed" count.  i guess when webroot asked me to clean them, i should have never minimized it for later.  but now i am wondering if they are truly cleaned, seeing as they are called rootkits, and may have now avoided webroots detection.

3 replies

Userlevel 7
Hello,

For threat related issues it is best to contact our support team so they can gather logs and verify this for you, or assist with removal if something is not working properly.
 
Support Number: 1-866-612-4227
Support Ticket: https://detail.webrootanywhere.com/servicewelcome.asp

Regards,

James G.
Webroot Community Support Team
thanks for reply and link.
Userlevel 7
No worries!

Have a great day and don't hesitate to let me know if you need anything!
 
Regards,

Reply