False positives detected in new version for OS X

  • 18 February 2015
  • 5 replies
  • 28 views

Since the lastest update pushed a couple of days ago my macs are showing a significant number of false positives. The most common one is Keylogger.amac.r and OSX.HellRTS which sound pretty scary. In my first Mac the detection happened in some applications and zip files which might be a possibility although they were pretty reliable. After 3 rounds of cleanups (each scan would find more) I went to my second Mac. In there, it found tons of instances on .plist files which are part of the developer documentation and sample code from XCode which must definitely be false positives.
 
This is my development laptop and I'm pretty sure is as safe as it gets.
 
Any thoughts?
 
Thanks,
Augusto

5 replies

Userlevel 7
Badge +56
Would you be willing to contact support so they can gather logs?  Then we can get these passed along to our threat research team and devs to get resolved:
https://www.webrootanywhere.com/servicewelcome.asp?SOURCE=ENTERPRISEWSA
I have seen the same detections today on 1 machine.   After detecting 6 keyloggers, etc, webroot tries to remove them, rescans, finds them all again, re-remove, re-rescan, same thing.  I have let it re-rescan like 15 times now.
Userlevel 7
Badge +56
Ok we've got our threat researchers working on these - if you're still experiencing any issues please go ahead and contact support to upload logs.
I am getting these false positives now. How can I fix?
 
Rafael
Userlevel 7
Badge +56
We've got a patch coming out very soon.  In the meantime contact support so we can get your situation looked into.

Reply