I recently had my mac book pro hard drive wiped and re-installed by Geek Squad. I was getting this message from web root before the wipe. I didn't get ths message for a couple of weeks, then it has started up again. The message is:
Suspicious Activity Detected:
SecureAnywhere has detected suspicious activity
System Folder Modified: /System/Library//LaunchAgents/
com.apple.RemoteDesktop.plist
/System/Library/PrivteFrameworks/PackageKit.framework/
Resources/shove
To allow this app to make chnges in the future press
'Ignore'
What does this mean? I don't hav a clue. Help!
Gin Shipp
Userlevel 7
+62
Hello Majinja,
Welcome to the Community Forum,
Yes I own a Mac as well and I get these pop up messages too. Most of the time I will block/ or click ok? I'm not at my Mac right now..
But I would like to ping our Mac Threat Expert@ so that he can assist here with more information.
Kind Regards,
Welcome to the Community Forum,
Yes I own a Mac as well and I get these pop up messages too. Most of the time I will block/ or click ok? I'm not at my Mac right now..
But I would like to ping our Mac Threat Expert
Kind Regards,
Thank you so much! I would be happy to have your expert take a look and give me his/her thoughts or help. Thanks Gin Shipp
Userlevel 7
Hello Gin,
The message ‘Suspicious Activity detected’ is a notification that Webroot SecureAnywhere provides when a change is made to the system that may resemble behavior of a malicious process. Generally speaking, these notifications are not malicious as there are a number of automated tasks that can occur within OS-X that could trigger it. Common tasks that could prompt this message are updates to software, or Folder Actions. It’s common that these kinds of tasks change or modify ‘plist’ files that affect the overall preferences for the system.
You may see in the alert mention of a plist (property list) file, which stores all the settings for an application, or LaunchDaemons, which are a scheduled task to run a single or selection of services. If you ever receive these prompts, you can safely click OK. If the alert repeats multiple times you may click Ignore. We are actively working to improve our SecureAnywhere agent for Mac and new design implementations are coming soon for these prompts and alerts.
Please note, the alert will only show up once to notify you that a trusted application or system process has done something a bit different today. If it was genuinely suspicious or malicious activity, it would be blocked by the client.
Regards,
The message ‘Suspicious Activity detected’ is a notification that Webroot SecureAnywhere provides when a change is made to the system that may resemble behavior of a malicious process. Generally speaking, these notifications are not malicious as there are a number of automated tasks that can occur within OS-X that could trigger it. Common tasks that could prompt this message are updates to software, or Folder Actions. It’s common that these kinds of tasks change or modify ‘plist’ files that affect the overall preferences for the system.
You may see in the alert mention of a plist (property list) file, which stores all the settings for an application, or LaunchDaemons, which are a scheduled task to run a single or selection of services. If you ever receive these prompts, you can safely click OK. If the alert repeats multiple times you may click Ignore. We are actively working to improve our SecureAnywhere agent for Mac and new design implementations are coming soon for these prompts and alerts.
Please note, the alert will only show up once to notify you that a trusted application or system process has done something a bit different today. If it was genuinely suspicious or malicious activity, it would be blocked by the client.
Regards,
Userlevel 7
+62
Thank you @
Greatly appreciated!
Greatly appreciated!
Userlevel 7
No problem :D and remember
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.