I keep getting Rootkit False Positives with WSA every few days on one of the systems I deal with. I believe they are false because I have run other opinion software, in safemode and not in safe mode to check. Gmer Dr. Web CureIT HitmanPro Kaspersky TDS BitDefender Anti-Rootkit MBAM Anti-rootkit herdProtect All show clear, and given that's essentially a scan with around 68 AV engines, and 5-6 specialty rootkit detectors, I would assume the system is clean. But every few days WSA pops up with a Rootkit warning, and I tell it to ignore the supposed threat rather than compromise the system by deleting a clean system file, and WSA freaks out, keeps forcing another scan, then forcing me to remove/allow it - over and over - until I reboot the system, the WSA shuts up for another few days. For disclosure sake, this system is layered with; 1) Anti-Malware DNS server. 2) SOHO packet inspection security appliance (running TrendNet database) 3) SOHO router with IS/ID/SPI set to maximum. 4) Locked down Windows 8.1 (as much as possible) 5) MBAM Pro ResidentOn 6) Webroot Secure Anywhere 7) Adblocker w/only Malware Domains Activated Admuncher w/Custom Filters Activated Add to that weekly security audits, and I think I am pretty satisfied this is a false positive from WSA. If it isn't then something got past that virtual fortress of protection, and then capability fooled 68+ AV engines, and 6 dedicated rootkit scanners?