MSE was disabled by a virus attack

Thumbs down for:

• Microsoft Security Essentials

After receiving the virus I had no control of the system. Task manager would not open. Computer properties would not open. Every time I tried to open a system folder or app, I was presented with a message stating the app I was trying to use had been contaminated. At the same time there appeared to be an application scanning my computer that I had not seen before. During all of this I was also presented a less than authentic security message from the Taskbar stating my security had been compromised, and was asking me if I wanted to allow this scanning program access to do something (I don't remember what the exact phrase was).

Thumbs up for:

• Safe Mode
• CCleaner
• Malwarebytes
• System Restore Points

Not being a stranger to the way these attacks operate, I knew that I only had one option. Ignore all messages and re-boot into Safe Mode. Once in Safe Mode, I could then run cleaning programs. First I ran CCleaner then Malwarebytes. Running CCleaner first will remove the trash so that the malware scanner is not scanning anything that would not need to be scanned. After removing all trash from my system, I then performed a Recovery by falling back on a System Restore Point. Once I realized Safe Mode was my only option, I was back to business in a matter of 10 minutes.


While MSE has caught a few attempts in the past, this time one got through. I will still continue to support and use MSE because, no Anti-virus application is 100% effective.

Good reason to have at least 2 AV going.

Thats one of the deficiencies of antimalware apps - they are reactive, and when they react, your system is compromised. And what were you doing to get infected?

In real time, maybe not. As a second opinion, its OK.

I run AVG and MSE no issues.

I was searching for something. I believe I was hit by a flash based virus from one of the sites in the search list. But then again I have no evidence.

Surprising.

There is a new malware "scanner" trojan out that mimics MSE and then suggests buying and downloading one of five suggested programs, which are junk to begin with.

In hindsight I should have posted a thread about it, but I didn't. I thought just about everyone here would catch it.

Although this sounds like what hit Cliff is not that scenario.

This is, maybe, the one to which Nibs refers?
http://www.brighthub.com/computing/s...les/69281.aspx

But, if not too private, can you remember what you were searching for, Cliff? I would be willing to give it a go. I am happy with MSE but would like to check out a bug, if there is such, for MS's information.

I was searching info on the movie "Iron Man 2" at that time. I can not remember which site I received the virus from.

To be honest I was jumping from one site to another pretty quickly when things started happening, so I couldn't point to one specifically anyway.

My main goal here was to point out the procedure I used to remove the virus.

I know the same procedure will not work in every instance. However it will work in many situations where you find yourself with a virus. Allot of times you may only need to use a restore point and disk cleanup then removal of the virus. This time I did not have that option without booting to Safe Mode.