Solved

Webroot blocking LoJack problem..

  • 18 January 2013
  • 46 replies
  • 284 views

Userlevel 1
I just spent 109 bucks on the 3 year protection of lojack for my laptop.  When I attempted to install it, it was having issues sending data on where it was located and would not complete the install until I removed Webroot.  Simply turning off the firewall did not work.  I know what the lojack files are called that are running all the time.  WHen i reinstall webroot i dont think they could get out to the internet if my laptop is stolen.  I dont like the idea of moveing to a antvirus software I didn't pay for to fix this.  Anyone have any ideas how i can open up a small hole to let the files communicate out?
icon

Best answer by vango44 28 February 2013, 21:45

OK, I can confirm that the new version of Webroot (8.0.2.118) now allows Lojack to install and communicate properly.

 

With Lojack un-installed, I confirmed that Weroot 8.0.2.118 was running.

I also had to uninstall my device from my account settings on the Lojack website. Note your registration code as you'll need it to re-install.

 

I reboot the laptop.

 

I ran the Lojack setup program again and it installed properly on the first attempt. It also installed the Absolute Notifier app in the Windows tray and I was able to successfully make a test call.

 

So it's finally working for me again!
View original

46 replies

OK, I can confirm that the new version of Webroot (8.0.2.118) now allows Lojack to install and communicate properly.
 
With Lojack un-installed, I confirmed that Weroot 8.0.2.118 was running.
I also had to uninstall my device from my account settings on the Lojack website. Note your registration code as you'll need it to re-install.
 
I reboot the laptop.
 
I ran the Lojack setup program again and it installed properly on the first attempt. It also installed the Absolute Notifier app in the Windows tray and I was able to successfully make a test call.
 
So it's finally working for me again!
Userlevel 7
Badge +56
Hello DarkMist and Welcome to the Webroot Community Forums.
 
I would suggest that you Submit a Support Ticket while having both programs installed so they can gather some logs from your system, it could be a simple thing as Whitelisting some files in the Cloud.
 
HTH,
 
TH
Userlevel 7
Thanks for the details vango44.
 
We only found out about this yesterday and we are now connecting with LoJack. Thank you for your patience while we get this resolved and we will provide updates this week about the progress. 😃
Userlevel 7
@ wrote:
Btw, What exactly was blocking it? was it the firewall part? Its probably to techy for me to follow, but im curious.
That's a great question.  The response from development is:
Development wrote back:
It was due to how LoJack opens a browser silently to perform its authentication, and the Identity Shield was blocking it from communicating back from the browser (which would normally only occur if malware is stealing user data, but in this case, it is of course legitimate).
Same problem here. I submitted the problem to Webroot support.
 
Initially I thought the problem was with Lojack and went through their support.
 
The e-mail I received from them follows:
 

Hi Joel,
 
Thank you for contacting Absolute Software Global Support regarding your LoJack For Laptops installation.
 
This problem may be a result of a few different possible causes.  Do you have the antivirus program Webroot installed on your computer?
 
We recently became aware that the antivirus program Webroot rolled out a silent update on 12/13/2012 which blocked LoJack from working properly.  For this reason, any customer who has both LoJack and Webroot installed will see that their LoJack software stopped calling in on that date (12/13/2012). 
 
Unfortunately, because we are dealing with a third-party program which is actively blocking our software from working, we do not have an immediate fix in place.  This is considered a very high priority issue for us as it is currently affecting over a thousand of our customers, and are in the process of working directly with Webroot to resolve the problem from the back end. 
 
If you do not have Webroot installed, please let me know and I will troubleshoot this matter further.
 
Regards,
 
XXXXXXXXXX
Global Support

XXXXXXXXX@absolute.com
Userlevel 1
Yea you forgot to uninstall from the website and reinstall to force lojack to call out.  It only calls out once a day..  and sometimes not that often otherwise.  When you reinstall, if you dont get that lojack error, it has called out.  It may not show for a day though..
1) Right click the Windows Explorer "Start" button, lower left corner of screen
2) Select "Properies"
3) Among the tabbed options, selection "Notification Area"
4) Select the "Customize" button
5) There will be a list of icons, divided into "Current Items" and possibly "Past Items"6
6) Hopefully you will see "Absolute Notifier" icon listed.
7) Adjacent to the listing of "Absolute Notifier" icon is the setting for "Behavior"
😎 Among the choices for "Hide", "Hide when inactive", or "Show", select "Show"
*Note: you may not want this to show when all is working well with Webroot, as it may "tip off" a thief that LoJack is installed*
9) Select "OK" to leave the "Customize Notification Icons" screen.
10) The Absolute Notifier icon will hopefully appear. If not, it could be a problem with the taskbar notification system, which is known to have flaws. There are some Microsoft "Fixit" apps, and some third party apps (I have no endorsement for any, and of course would be careful with any of these 3rd party apps) that claim to restore the notification area to normal. At least it is better in Windows 7 than Vista (nightmare!).
 
This has worked for me, best wishes
Userlevel 7
It appears that this issue may be fixed in build 8.0.2.118 according to some initial reports in our support system, at least for the Enterprise version of LoJack for Laptops.  Could anyone who is experiencing this issue please check to see if it persists in this most recent build and make us aware of your findings?  Please be clear in your response whether you're on the standard or enterprise version of LoJack.  Thanks 🙂
Userlevel 7
Kudos for investigating this issue and posting your results so other people know about it!
Userlevel 7
Badge +56
Also I would like to see something similar that's in the https:///t5/Ideas-Exchange/Anti-Theft-function-for-PC/idi-p/19936 already give it Kudo's! 😉 Also the ability to Lock and or Wipe the system as compared in the Mobile App.
 
TH
I have the latest version of SecureAnywhere on both Windows 7 and Vista machines. The problem is only happening on the Vindows 7 machine. Vista works fine with the identical updated Webroot software. A few observations to pass along
 
1) The "obvious" settings for SecureAnywhere on both machines are identical.
 
2) The "Protected Programs" list appears different. I added absolutenotifier and absolute exe's as listed in Windows programs bu that didn't affect the ability to successfully call in
 
3) The Windows 7 machine is 64 bit Visa is 32 bit. As perhaps expected, the Absolute Software files are installed in the x86 section of the Windows program files on the Windows 7 machines (so I take this is still a 32 bit app vs a native 64 bit app, not that it makes a difference from functionality standpoint....)
 
4) When I try to trace the activity of the Absolute call in under SecureAnywhere "event details" there doesn't seem to be any record of the "event" so that i can even have a clue as to what is being obstructed. I'm surprised that SecureAnywhere doesn't seem to be overtly tracking this activity!! But then there are multiple events so I could be overlooking them
 
5) I had to uninstall Webroot SecureAnywhere (based on this post) to even reinstall and have a successful "activation" phone call with Lojack. As I was reinstalling Webroot, I did a test call with Lojack and it went through. At some point (I didn't do multiple test calls, I'll leave that to the Webroot and Lojack teams) the ability to call-in was blocked. As a suggestion, onemight want to repeat this uninstall/reinsall of SecureAnywhere to determine the exact point at which the ability to call in successfully is blocked. As I mentioned, it is not blocked immediately.
 
I hope this problem is resolved very soon, would hope it doest not take a month or longer, as, unfortunately, I will have to discontinue SecureAnywhere rather than LoJack. This problem does not happen with Norton Internet Security (I run both concurrently and aside from annoying messages from NIS that the programs are incompatible, I ignore those messages to uninstall SecureAnywhere because I've always liked the dual layer of protection and the Webroot team. :-)
 
Fix this team ASAP!!!!
 
Thanks!
Userlevel 7
MPF94025, welcome to the forums!  What great details you have.. hopefully they will be of help to Webroot in resolving this.  One of the MODS on here will probably be on soon, but I would suggest that you also Submit a Trouble Ticket and provide the detailed information  you have on here as well.
Userlevel 1
I'm dropping this note to let you guys know Im watching this thread and holding off on reinstalling Webroot on the lappy until this gets resolved.  I would hate to have the laptop stolen and not able to recover it due to webroot.  I wonder if the 1000$ garontee still would work if webroot was installed..
I sent along the information provided in my earlier post as ticket to Webroot support. I'm uninstalling SecureAnywhere for the same reason, hopefully fixed soon.
Userlevel 7
For any new customers who have not been through the support system, please Open a Support Ticket if Webroot is blocking LoJack. In the support ticket please indicate that LoJack is being blocked and that you need to submit WSA logs.
 
We will be gathering more information and WSA logs for our engineers and threat researchers who are currently working on this.
Userlevel 1
Going to try something new..  I added rcpnet.exe to identy shield as allowed.  If this fixes the problem ill let ya know.  Unfortunatly i cant force it to broadcast out so i may have to wait a month before i know it works.
Userlevel 1
AH Hah!  I think that got it!..  Identity Shield is blocking rpcnet.exe.   Click the Identiy & privacy Tab.  Then, CLick on View/Edit Protected Applications.  then click on Add Application.  Find the application in c:windowssyswow64
cpnet.exe then click the Allow dot on that application and Walla..  lojack can now broadcast out.  Can other people verify this fix?  I forced lojack to rebroadcast out by uninstalling, and then reinstalling.  If it completes the install  Its allowed (i hope) 
Userlevel 1
YOu can Uninstall lojack by logging in to there site and clicking the more button then clicking uninstall.
Userlevel 7
Thanks for updating the thread, DarkMist. :D
 
I am having our dev and QA teams investigate to see if this will work as a long term workaround. I have also added these notes to your support ticket.
Will be great if this solutions works!
 
What are the broader implications of reporting rcpnet.exe to identy shield as allowed?
 
Appreciate any insight....
Userlevel 1
rpcnet.exe is the file along with rcpnet.dll that gets installed via the BIOs chip when your stolen laptop gets a new harddrive installed in it.  Its the main program that calls out when your stolen laptop connects to the web.  There are not any broader Implications.  Your Just allowing lojack to call out your location while Webroot was installed.   If your laptop is stolen you dont really have to worry about webroot anyway.  the New harddrive will probably not have webroot installed.  If the stolen person manages to get in the laptop..  (with webroot)  This fix will allow it to call out.
Userlevel 7
It's actually "rpcnet.exe," just to correct the typo, for anyone wanting to use this workaround. :)
 
Thank you DarkMist!
Userlevel 7
DarkMist - I just wanted to let you know that I edited the .exe in your replies so that users wanting to use this workaround do not get confused. :D
 
 
Userlevel 7
Also, I have created a Tribal Knowledge Base Article: Webroot Blocking LoJack - with you as the primary contributor.
 
Thanks for your input! :D
Hi all.
 
Adding rpcnet.exe by itself did not fix the problem for me. My Lojack console lists my laptop as being in Oregon, with last checkin over 2 days ago. I haven't been to Oregon in decades.
 
I've also added absolutenotifierservice.exe and absolutenotifier.exe to the "allow" list in protected applications for SecureAnywhere's Identify and Privacy Identify Shield, and no luck so far with a successful test call.  I've also added my.absolute.com as permitted websites on the list of identify and privacy/identify shield/protected websites and on the "Overview" page, under "secure sessions currently active...". I still can't seem to get a successful test call in.
 
As mentioned earlier, when I uninstalled, reinstalled SecureAnywyere, I was initially able to make successful calls with LoJack, then the call-blocking re-appeared.
 
Has the adjustment to rpcnet.exe on other's machines been a stablef fix? Perhaps I've missed a step or have another issue. I have not uninstalled/reinstalled lojack, not sure how this would make a difference.
 
Thanks for ongoing input.

Reply