Solved

False posative?

  • 22 December 2013
  • 12 replies
  • 92 views

Userlevel 7
Badge +36
Have tried 3 unsuccesfull attempts of installing Ghostery for IE11. Webroot calling it a threat each time?? Scanned installer with Webroot & Hitman Pro prior to installation! Results were clean. No Threats.
 
c:program files (x86)ghostery ieghostery ie64.exe
icon

Best answer by RetiredTripleHelix 30 June 2014, 18:18

View original

12 replies

Userlevel 7
Hey there acooldozen!
 
It sounds like it cold be a false postive.  The actual site to obtain it is not marked as suspect, and as you said the installer shows up clean.  The best way to get it whitelisted is of course a Trouble Ticket.  
 
I am not sure how to get past the block until it is whitelisted as it is the installer that is getting blocked.  Have you tried going into the Quarantine, restoring the file(s) and then manually setting them to Allow?
Userlevel 7
Badge +36
Thanx for the reply.
Cleaned the threats from Webroot, re-set to Monitor the executible on next install. All is well.
Userlevel 7
Awesome!
Userlevel 7
Badge +35
Hello acooldozen,
I was able to locate and reverse a False Positive for Ghostery for IE11.
Any time you experience a False Positive we request that you submit a support ticket, even when you are able to solve your issue by creating manual overrides (I was unable to find a support ticket under the email address that you use here on the community.) This helps us fix what caused the False Positivesin the first place so that other users don't experience the same issues. If you happen to use other security products, please report any False Positives that they detect to them as well. None of us like having False Positives, and in many cases we are not aware of False Positives until they are reported - it is an unfortunate result of the exponential increase in malicious files over the past several years.
 
Thanks,
 
-Dan
Userlevel 7
Badge +6
@  Webroot should really monitor when users are overriding determinations in the client and business console. You already do it for the web shield.
Userlevel 7
Badge +35
@ wrote:
@  Webroot should really monitor when users are overriding determinations in the client and business console. You already do it for the web shield.
Yes, we should, and we do have a feature request in for this, so it is only a matter of time. I've been looking forward to seeing that data.
 
-Dan
Userlevel 7
Badge +36
Will do. Thanks for the Heads up!
Userlevel 7
Badge +36
Hello acooldozen,
I was able to locate and reverse a False Positive for Ghostery for IE11.
Any time you experience a False Positive we request that you submit a support ticket, even when you are able to solve your issue by creating manual overrides (I was unable to find a support ticket under the email address that you use here on the community.) This helps us fix what caused the False Positivesin the first place so that other users don't experience the same issues. If you happen to use other security products, please report any False Positives that they detect to them as well. None of us like having False Positives, and in many cases we are not aware of False Positives until they are reported - it is an unfortunate result of the exponential increase in malicious files over the past several years.
 
Thanks,
 
-Dan
Webroot Threat Research The problem with Ghostery has returned so I opened a support ticket. Can I permanently delete the threat while awaiting the verdict?
Userlevel 7
Badge +36
Support has white listed the culprit causing the problem. All is well! Thanx everyone.
Webroot is a joke. They make us submit a false positive where they shoukd be detecting these things.Sounds like this software is not upgrading itself. No wonder webroot isn't even on the top  5 antivirus software.Ditch the EDITED
Userlevel 6
Sorry you feel this way @ , but lets not "Kill the mood" so I will ask you to please read the community guidelines
https://community.webroot.com/t5/Community-Announcements/Webroot-Community-Guidelines/td-p/2
 
 
 
Userlevel 7
Badge +56
@ wrote:
Webroot is a joke. They make us submit a false positive where they shoukd be detecting these things.Sounds like this software is not upgrading itself. No wonder webroot isn't even on the top  5 antivirus software.Ditch the bitch and go with the number 1 Bitdefender
Also you say one thing here and say the complete opposite here so why the comment above? Also you have to know how WSA works compared to any other AV as it's all new Technology built off of Prevx and all the work is done in the Cloud and not on your PC, I think this Video will help you understand more on how WSA protects you even if it is unknown and it's given by Grayson Milbourne Director, Security Intelligence Webroot and if you have further Questions feel free as we can have a nice dialog!
 
Thanks,
 
Daniel
 

Reply