Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

PE_EXPIRO_GE010014.UVPM false detection caused by Smart Scan Pattern 13.377.00

    • Updated:
    • 5 Jul 2017
    • Product/Version:
    • Control Manager 6.0
    • Deep Security 10.0
    • Deep Security 8.0
    • Deep Security 9.6
    • InterScan Messaging Security Suite 7.1 Windows
    • InterScan Messaging Security Suite 7.5 Windows
    • InterScan Messaging Security Virtual Appliance 9.0
    • InterScan Messaging Security Virtual Appliance 9.1
    • OfficeScan 10.6
    • OfficeScan 11.0
    • OfficeScan XG.All
    • ScanMail for Exchange 10.2
    • ScanMail for Exchange 11.0
    • ScanMail for Exchange 12.0
    • ServerProtect for Microsoft Windows/Novell Netware 5.8
    • Worry-Free Business Security Standard/Advanced 7.0
    • Worry-Free Business Security Standard/Advanced 8.0
    • Worry-Free Business Security Standard/Advanced 9.0
    • Platform:
    • Windows 10 32-bit
    • Windows 10 64-bit
    • Windows 2008 Standard
    • Windows 2008 Standard 64-bit
    • Windows 7 32-Bit
    • Windows 7 64-Bit
    • Windows Server 2012 32-Bit
    • Windows Server 2012 64-Bit
Summary

On May 3, 2017, at approximately 7:16 (GMT), Trend Micro received several customer reports of potential false detections of GoogleUpdateSetup.exe using Trend Micro products with Smart Scan Agent Pattern (13.377.00).

At approximately 12:46 (GMT), Smart Scan Agent Pattern (13.379.00) was released to resolve the issue and is now available in the Download Center and ActiveUpdate.

Details
Public
 
Please note that the Enterprise Conventional Pattern is NOT affected by this issue. This means customers who are using the Conventional Enterprise Pattern (OPR:13.377.00) should not observe any issues.

Immediate Recommendation:

  1. Update to the Global Smart Scan Agent pattern 13.379.00 via ActiveUpdate. Refer to the following KB article for details on how to configure the update: OfficeScan client update configuration and process.
  2. If you are unable to update to the new 13.379.00 pattern, you can add the following directory(ies) and file(s) to the OfficeScan Real Time Scan exclusion list as a workaround.

    To configure the scan exclusions list:

    • For OSCE 10.6: Networked Computers > Client Management > Scan Settings > Real-time Scan Settings
    • For OSCE 11.0/XG: Agents > Agent Management > Scan Settings > Real-time Scan Settings

    Files to be excluded:

    • <Installation directory>Program Files\Google\Update\1.3.33.5\GoogleUpdateSetup.exe
    • “%userprofile%\APPDATA\LOCAL\GOOGLE\UPDATE\1.3.33.5\GoogleUpdateSetup.exe
    • “%userprofile%\APPDATA\LOCAL\GOOGLE\UPDATE\DOWNLOAD\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.33.5\GoogleUpdateSetup.exe
  3. After successfully updating to pattern 13.379.00, the directories should be removed from the exclusion list.

We apologize for any inconvenience that this issue may have caused, and encourage any customer that has questions or needs further assistance to contact their authorized Trend Micro support representative.

For further inquiries, please contact Trend Micro Technical Support.

Premium
Internal
Rating:
Category:
Troubleshoot; Remove a Malware / Virus
Solution Id:
1117328
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.