Please check the following update:
Database Version 7994 - 11-28-2011
Heur.Agent/Gen-FakeIE
When running real-time protection, shuts down IE-8. With Alert from SAS.
After full scan with or without real time protection on nothing found.
Cannot open IE with real time on.Get alert
With real-time off, IE-8 works fine.
This just happened when the update came in.
Heur.Agent/Gen-FakeIE -- FALSE POSITIVE !
Started by ProTruckDriver, Nov 29 2011 01:50 AM
12 replies to this topic
#1
ProTruckDriver
-
- Members
-
- 108 posts
Advanced Member
- LocationVirginia
Posted 29 November 2011 - 01:50 AM
WEBROOT SecureAnywhere Complete
No Wait For Security Updates ~ It's Done In The "Cloud"
#2
skoop
-
- Members
-
- 5 posts
Newbie
Posted 29 November 2011 - 02:11 AM
Also there with update 7995 Nov.28 2011
Unable to access IE 8 with Real Time Protection on.
Unable to access IE 8 with Real Time Protection on.
#3
rogerthehart
-
- Members
-
- 1 posts
Newbie
Posted 29 November 2011 - 02:25 AM
Same here! False positive on legit IE8 process running on Windows 7 32bit.
Database version 7995 trace 5807
Database version 7995 trace 5807
#4
Equipped Solutions
-
- Members
-
- 4 posts
Newbie
- LocationGlendale AZ
Posted 29 November 2011 - 02:44 AM
Same here on Win XP Pro SP3 machine. I have update 7995/5807 dated 11/28/2011 on Vista and Win 7 machines on same network as XP problem machine, and they are running IE8 without any problems. (Haven't come to grips with IE9 yet)
Wondering if it truly is a false positive....
Wondering if it truly is a false positive....
#5
Equipped Solutions
-
- Members
-
- 4 posts
Newbie
- LocationGlendale AZ
Posted 29 November 2011 - 03:02 AM
POSSIBLE RESOLUTION
I added the blocked Heur.Agent/Gen-FakeIE to the allow list in SAS - started IE8 and disabled a few of the add-ons in IE - like Google SideBar, Google updater, and a few others that seemed unnecessary. Sorry I can't be more specific, as I wasn't paying real close attention as I was disabling them.
Also, I went to the Advanced tab in IE's Internet Options and clicked "Restore Advanced Settings" and "Reset.." to assure everything is set at default.
Closed IE8, removed the Heur.Agent/Gen-FakeIE from the Allowed/Trusted list in SAS preferences. Assured realtime protection is still enabled in SAS.
Now IE8 opens up fine without any warning or blocking of Heur.Agent/Gen-FakeIE.
Hopefully this will help the others having this issue.
My guess is it's an add-on for IE8 that is either infected or a False Positive.
Just wish I paid closer attention to which ones I disabled. (DOH!)
I added the blocked Heur.Agent/Gen-FakeIE to the allow list in SAS - started IE8 and disabled a few of the add-ons in IE - like Google SideBar, Google updater, and a few others that seemed unnecessary. Sorry I can't be more specific, as I wasn't paying real close attention as I was disabling them.
Also, I went to the Advanced tab in IE's Internet Options and clicked "Restore Advanced Settings" and "Reset.." to assure everything is set at default.
Closed IE8, removed the Heur.Agent/Gen-FakeIE from the Allowed/Trusted list in SAS preferences. Assured realtime protection is still enabled in SAS.
Now IE8 opens up fine without any warning or blocking of Heur.Agent/Gen-FakeIE.
Hopefully this will help the others having this issue.
My guess is it's an add-on for IE8 that is either infected or a False Positive.
Just wish I paid closer attention to which ones I disabled. (DOH!)
#6
tng5737
-
- Members
-
- 1 posts
Newbie
Posted 29 November 2011 - 03:13 AM
Same here just started with last update - I've run scans with MawlwareBytes and MSE with nothing found! I'm using Firefox now.
#7
Ramie
-
- Members
-
- 1 posts
Newbie
Posted 29 November 2011 - 03:28 AM
I am also getting the same error message. Running Windows XP. IE version 8.0.6001.187002. I am not running any add-ons. I did have a shortcut on the menu bar, which caused the error everytime. When I start via my desktop, I get no error. Wonder if the fact that I was using a copy of a shortcut could have an issue?
#8
Asrial
-
- Members
-
- 15 posts
Member
Posted 29 November 2011 - 03:57 AM
Add me to the list. Customer is using XP.
More details to come shortly...
[EDIT: IF my customer's computer is infected.. I can't see anything. I don't even see anything abnormal occurring.]
More details to come shortly...
[EDIT: IF my customer's computer is infected.. I can't see anything. I don't even see anything abnormal occurring.]
#9
SAS Customer Service
-
- Moderators
-
- 890 posts
Advanced Member
Posted 29 November 2011 - 04:00 AM
I will let the guys know!
Customer Service
SUPERAntiSpyware
www.superantispyware.com
#10
ProTruckDriver
-
- Members
-
- 108 posts
Advanced Member
- LocationVirginia
Posted 29 November 2011 - 04:08 AM
I will let the guys know!
Thank you
WEBROOT SecureAnywhere Complete
No Wait For Security Updates ~ It's Done In The "Cloud"
#11
SAS Customer Service
-
- Moderators
-
- 890 posts
Advanced Member
Posted 29 November 2011 - 04:46 AM
Update your definitions, should be fixed now!
Customer Service
SUPERAntiSpyware
www.superantispyware.com
#12
ProTruckDriver
-
- Members
-
- 108 posts
Advanced Member
- LocationVirginia
Posted 29 November 2011 - 05:21 AM
It's fixed, Thank you.
WEBROOT SecureAnywhere Complete
No Wait For Security Updates ~ It's Done In The "Cloud"
#13
Asrial
-
- Members
-
- 15 posts
Member
Posted 29 November 2011 - 05:43 AM
I updated my customer. If you don't hear back from me, that means my situation is also solved
Thanks for the quick action!
Thanks for the quick action!
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
