First, a number of AutoRun.INF files I have authored keep vanishing. I have a large number of drives on my computer, and I have created AutoRun files to label and graphically represent them. It's really píssing me off because they keep getting deleted. Although I have not seen any notices by Webroot regarding these actions, I tried specifically allowing/protecting them via the appropriate interface, but Webroot says only "executable" files can be overridden, and those files ARE executable, sorta.
Second, I have been responding to a warning that svchost.exe is a threat, and I have been allowing it to be blocked because it's running in a directory outside its characteristic environment, a TEMP directory, not a system32 or WOW64 directory. It's kind of annoying because I keep having to delete it from quarantine, which I prefer to keep empty so I can immediately spot new threats or unblock/allow files I am certain have been misidentified as threats (certain types of game-related binaries are automatically removed because they, by necessity, employ algorithms that behave in ways that APPEAR threatening).
I put these two together only because they MIGHT be related: I thought it possible that a service host might run in the temp directory legitimately because of the AutoRun files (before they mysteriously vanish), and that my allowing them to be blocked might be triggering the disappearances…but, what if I restore a quarantined service host and it IS a threat? I'd be giving it free rein to do whatever it was designed to do, and then I'd REALLY be sorry.
However, I suspect the two issues are unrelated. I've been researching the vanishing AutoRuns problem by filtering out all the hits about how to delete and remove the so-called AutoRun virus (which is NOT related to my issue), and the remaining results are from a couple of folks with the same issue, but on MOBILE devices. I thought I'd see if there was someone who actually could answer my question with some degree of authority. I've been futzing round with computers since 1984, my experience ranging from running a university computer science lab to Microsoft Networking Certification to application and website development to application documentation. I've learned enough to know there's always someone smarter and better-taught.