Webroot blocking LoJack problem..

  • 18 January 2013
  • 46 replies

Show first post

46 replies

Userlevel 7
MPF94025 - you mentioned earlier that you opened a support ticket, could you please Send me a Private Message with the email address that you used?
Hi all.
Adding rpcnet.exe by itself did not fix the problem for me. My Lojack console lists my laptop as being in Oregon, with last checkin over 2 days ago. I haven't been to Oregon in decades.
I've also added absolutenotifierservice.exe and absolutenotifier.exe to the "allow" list in protected applications for SecureAnywhere's Identify and Privacy Identify Shield, and no luck so far with a successful test call.  I've also added as permitted websites on the list of identify and privacy/identify shield/protected websites and on the "Overview" page, under "secure sessions currently active...". I still can't seem to get a successful test call in.
As mentioned earlier, when I uninstalled, reinstalled SecureAnywyere, I was initially able to make successful calls with LoJack, then the call-blocking re-appeared.
Has the adjustment to rpcnet.exe on other's machines been a stablef fix? Perhaps I've missed a step or have another issue. I have not uninstalled/reinstalled lojack, not sure how this would make a difference.
Thanks for ongoing input.
Userlevel 7
Also, I have created a Tribal Knowledge Base Article: Webroot Blocking LoJack - with you as the primary contributor.
Thanks for your input! :D
Userlevel 7
DarkMist - I just wanted to let you know that I edited the .exe in your replies so that users wanting to use this workaround do not get confused. :D
Userlevel 7
It's actually "rpcnet.exe," just to correct the typo, for anyone wanting to use this workaround. :)
Thank you DarkMist!
Userlevel 1
rpcnet.exe is the file along with rcpnet.dll that gets installed via the BIOs chip when your stolen laptop gets a new harddrive installed in it.  Its the main program that calls out when your stolen laptop connects to the web.  There are not any broader Implications.  Your Just allowing lojack to call out your location while Webroot was installed.   If your laptop is stolen you dont really have to worry about webroot anyway.  the New harddrive will probably not have webroot installed.  If the stolen person manages to get in the laptop..  (with webroot)  This fix will allow it to call out.
Will be great if this solutions works!
What are the broader implications of reporting rcpnet.exe to identy shield as allowed?
Appreciate any insight....
Userlevel 7
Thanks for updating the thread, DarkMist. :D
I am having our dev and QA teams investigate to see if this will work as a long term workaround. I have also added these notes to your support ticket.
Userlevel 1
YOu can Uninstall lojack by logging in to there site and clicking the more button then clicking uninstall.
Userlevel 1
AH Hah!  I think that got it!..  Identity Shield is blocking rpcnet.exe.   Click the Identiy & privacy Tab.  Then, CLick on View/Edit Protected Applications.  then click on Add Application.  Find the application in c:windowssyswow64
cpnet.exe then click the Allow dot on that application and Walla..  lojack can now broadcast out.  Can other people verify this fix?  I forced lojack to rebroadcast out by uninstalling, and then reinstalling.  If it completes the install  Its allowed (i hope) 
Userlevel 1
Going to try something new..  I added rcpnet.exe to identy shield as allowed.  If this fixes the problem ill let ya know.  Unfortunatly i cant force it to broadcast out so i may have to wait a month before i know it works.
Userlevel 7
For any new customers who have not been through the support system, please Open a Support Ticket if Webroot is blocking LoJack. In the support ticket please indicate that LoJack is being blocked and that you need to submit WSA logs.
We will be gathering more information and WSA logs for our engineers and threat researchers who are currently working on this.
I sent along the information provided in my earlier post as ticket to Webroot support. I'm uninstalling SecureAnywhere for the same reason, hopefully fixed soon.
Userlevel 1
I'm dropping this note to let you guys know Im watching this thread and holding off on reinstalling Webroot on the lappy until this gets resolved.  I would hate to have the laptop stolen and not able to recover it due to webroot.  I wonder if the 1000$ garontee still would work if webroot was installed..
Userlevel 7
MPF94025, welcome to the forums!  What great details you have.. hopefully they will be of help to Webroot in resolving this.  One of the MODS on here will probably be on soon, but I would suggest that you also Submit a Trouble Ticket and provide the detailed information  you have on here as well.
I have the latest version of SecureAnywhere on both Windows 7 and Vista machines. The problem is only happening on the Vindows 7 machine. Vista works fine with the identical updated Webroot software. A few observations to pass along
1) The "obvious" settings for SecureAnywhere on both machines are identical.
2) The "Protected Programs" list appears different. I added absolutenotifier and absolute exe's as listed in Windows programs bu that didn't affect the ability to successfully call in
3) The Windows 7 machine is 64 bit Visa is 32 bit. As perhaps expected, the Absolute Software files are installed in the x86 section of the Windows program files on the Windows 7 machines (so I take this is still a 32 bit app vs a native 64 bit app, not that it makes a difference from functionality standpoint....)
4) When I try to trace the activity of the Absolute call in under SecureAnywhere "event details" there doesn't seem to be any record of the "event" so that i can even have a clue as to what is being obstructed. I'm surprised that SecureAnywhere doesn't seem to be overtly tracking this activity!! But then there are multiple events so I could be overlooking them
5) I had to uninstall Webroot SecureAnywhere (based on this post) to even reinstall and have a successful "activation" phone call with Lojack. As I was reinstalling Webroot, I did a test call with Lojack and it went through. At some point (I didn't do multiple test calls, I'll leave that to the Webroot and Lojack teams) the ability to call-in was blocked. As a suggestion, onemight want to repeat this uninstall/reinsall of SecureAnywhere to determine the exact point at which the ability to call in successfully is blocked. As I mentioned, it is not blocked immediately.
I hope this problem is resolved very soon, would hope it doest not take a month or longer, as, unfortunately, I will have to discontinue SecureAnywhere rather than LoJack. This problem does not happen with Norton Internet Security (I run both concurrently and aside from annoying messages from NIS that the programs are incompatible, I ignore those messages to uninstall SecureAnywhere because I've always liked the dual layer of protection and the Webroot team. :-)
Fix this team ASAP!!!!
Userlevel 7
Badge +56
Also I would like to see something similar that's in the https:///t5/Ideas-Exchange/Anti-Theft-function-for-PC/idi-p/19936 already give it Kudo's! 😉 Also the ability to Lock and or Wipe the system as compared in the Mobile App.
Userlevel 7
Thanks for the details vango44.
We only found out about this yesterday and we are now connecting with LoJack. Thank you for your patience while we get this resolved and we will provide updates this week about the progress. 😃
Userlevel 7
Badge +6
Kudos for investigating this issue and posting your results so other people know about it!
Same problem here. I submitted the problem to Webroot support.
Initially I thought the problem was with Lojack and went through their support.
The e-mail I received from them follows:

Hi Joel,
Thank you for contacting Absolute Software Global Support regarding your LoJack For Laptops installation.
This problem may be a result of a few different possible causes.  Do you have the antivirus program Webroot installed on your computer?
We recently became aware that the antivirus program Webroot rolled out a silent update on 12/13/2012 which blocked LoJack from working properly.  For this reason, any customer who has both LoJack and Webroot installed will see that their LoJack software stopped calling in on that date (12/13/2012). 
Unfortunately, because we are dealing with a third-party program which is actively blocking our software from working, we do not have an immediate fix in place.  This is considered a very high priority issue for us as it is currently affecting over a thousand of our customers, and are in the process of working directly with Webroot to resolve the problem from the back end. 
If you do not have Webroot installed, please let me know and I will troubleshoot this matter further.
Global Support
Userlevel 7
Badge +56
Hello DarkMist and Welcome to the Webroot Community Forums.
I would suggest that you Submit a Support Ticket while having both programs installed so they can gather some logs from your system, it could be a simple thing as Whitelisting some files in the Cloud.