To Customer Support To Customer Support
Solved

Seeing a lot more "suspicious activity reports" on a client's machine.

  • 27 February 2024
  • 5 replies
  • 116 views
MajorHavoc
Rank
Userlevel 7
Badge +25

I have a client running on a MacBookPro 15-inch 2018, running MacOS Ventura 13.6.3. They are running WSA Latest version 9.5.12.227:1704. The scan shows no issues, but there are constant Suspicious Activity reports popping up. For example: This file is a system owned file, marked RW for System, and read only for everyone else, so only system should not be able to change it. Yet it generates warnings like this one: 
 


This is not the only 1, there are others. Same warnings, different programs updating. This has just started showing up in the last week or so.  Here is another: 
 



Anyone have an idea why these warnings are showing up all of a sudden? Even as a Mac expert, I am stumped on this one because I do not know the internals of WSA. Help please. 

 

icon

Best answer by jhartnerd123 27 February 2024, 19:27

View original
- Owen Rubin,  Apple Expert. Worked in Vision Pro team and early Mac HW and OS engineer at Apple. Machines: 2017 iMac Pro 27" 5K 3GHz 10-Core Xenon Sonoma 14.x. 2023 14" MacBookPro M2 Max Ventura 13.x, 2018 16" MacBookPro Ventura 13.x, and a dozen or so older machines for testing. iPhone 14 Pro, iPhone 13 Pro, iPhone 6.

5 replies

TripleHelix
Rank
Userlevel 7
Badge +63

It could have to do with this issue:

 

 

If not contact Webroot Support!

Daniel - Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station"
MajorHavoc
Rank
Userlevel 7
Badge +25

Thanks Daniel. I did see that message but  I don’t recall them talking about this kind of warning.  I was just curious if others were seeing this as well. Service it is I guess. Cheers

- Owen Rubin,  Apple Expert. Worked in Vision Pro team and early Mac HW and OS engineer at Apple. Machines: 2017 iMac Pro 27" 5K 3GHz 10-Core Xenon Sonoma 14.x. 2023 14" MacBookPro M2 Max Ventura 13.x, 2018 16" MacBookPro Ventura 13.x, and a dozen or so older machines for testing. iPhone 14 Pro, iPhone 13 Pro, iPhone 6.
russell.harris
Rank
Userlevel 7
Badge +4

Hi. I support many Macs running Webroot SecureAnywhere and havent come across this.

Would be interested to know what it is too!

"The only problem with troubleshooting is that sometimes trouble shoots back!"
J
Rank
Userlevel 7
Badge +33

Looks like an FP to me with Apple’s XProtect security. This is a constant issue with Webroot on the MAC picking up XProtect. 

Contact support and complain.

 

MajorHavoc
Rank
Userlevel 7
Badge +25

Thanks jhartnerd123. Yea, I get Apple’s XProtect security is part of the problem, but now I am wondering why others are not seeing this?  And strangely, only on one of my many Macs right now is this occurring. 

I'll put in my “complaint” as well.  Cheers.

- Owen Rubin,  Apple Expert. Worked in Vision Pro team and early Mac HW and OS engineer at Apple. Machines: 2017 iMac Pro 27" 5K 3GHz 10-Core Xenon Sonoma 14.x. 2023 14" MacBookPro M2 Max Ventura 13.x, 2018 16" MacBookPro Ventura 13.x, and a dozen or so older machines for testing. iPhone 14 Pro, iPhone 13 Pro, iPhone 6.

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.