I recently had my mac book pro hard drive wiped and re-installed by Geek Squad. I was getting this message from web root before the wipe. I didn't get ths message for a couple of weeks, then it has started up again. The message is:
Suspicious Activity Detected:
SecureAnywhere has detected suspicious activity
System Folder Modified: /System/Library//LaunchAgents/
com.apple.RemoteDesktop.plist
/System/Library/PrivteFrameworks/PackageKit.framework/
Resources/shove
To allow this app to make chnges in the future press
'Ignore'
What does this mean? I don't hav a clue. Help!
Gin Shipp
I keep getting this notice from web root: Suspicious /activity detected.
+62Hello Majinja,
Welcome to the Community Forum,
Yes I own a Mac as well and I get these pop up messages too. Most of the time I will block/ or click ok? I'm not at my Mac right now..
But I would like to ping our Mac Threat Expert@ so that he can assist here with more information.
Kind Regards,
Welcome to the Community Forum,
Yes I own a Mac as well and I get these pop up messages too. Most of the time I will block/ or click ok? I'm not at my Mac right now..
But I would like to ping our Mac Threat Expert
Kind Regards,
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.3.2}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
1 person likes this
Thank you so much! I would be happy to have your expert take a look and give me his/her thoughts or help. Thanks Gin Shipp
Hello Gin,
The message ‘Suspicious Activity detected’ is a notification that Webroot SecureAnywhere provides when a change is made to the system that may resemble behavior of a malicious process. Generally speaking, these notifications are not malicious as there are a number of automated tasks that can occur within OS-X that could trigger it. Common tasks that could prompt this message are updates to software, or Folder Actions. It’s common that these kinds of tasks change or modify ‘plist’ files that affect the overall preferences for the system.
You may see in the alert mention of a plist (property list) file, which stores all the settings for an application, or LaunchDaemons, which are a scheduled task to run a single or selection of services. If you ever receive these prompts, you can safely click OK. If the alert repeats multiple times you may click Ignore. We are actively working to improve our SecureAnywhere agent for Mac and new design implementations are coming soon for these prompts and alerts.
Please note, the alert will only show up once to notify you that a trusted application or system process has done something a bit different today. If it was genuinely suspicious or malicious activity, it would be blocked by the client.
Regards,
The message ‘Suspicious Activity detected’ is a notification that Webroot SecureAnywhere provides when a change is made to the system that may resemble behavior of a malicious process. Generally speaking, these notifications are not malicious as there are a number of automated tasks that can occur within OS-X that could trigger it. Common tasks that could prompt this message are updates to software, or Folder Actions. It’s common that these kinds of tasks change or modify ‘plist’ files that affect the overall preferences for the system.
You may see in the alert mention of a plist (property list) file, which stores all the settings for an application, or LaunchDaemons, which are a scheduled task to run a single or selection of services. If you ever receive these prompts, you can safely click OK. If the alert repeats multiple times you may click Ignore. We are actively working to improve our SecureAnywhere agent for Mac and new design implementations are coming soon for these prompts and alerts.
Please note, the alert will only show up once to notify you that a trusted application or system process has done something a bit different today. If it was genuinely suspicious or malicious activity, it would be blocked by the client.
Regards,
Devin T Byrd Former Mac Threat Research Analyst
1 person likes this
+62 Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.3.2}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
1 person likes this
No problem :D and remember
Devin T Byrd Former Mac Threat Research Analyst
Reply
Rich Text Editor, editor1
Editor toolbars
Press ALT 0 for help
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.