SOLVED Security Essentials Message

[moss8448]

Today I received a Security Alert Message from ( I hope) MS Security Essentials.

http://i1114.photobucket.com/albums/k528/Sam_Moss/MS_SecEssn_Alert.png

when I clicked on the button Clean Computer this is the page it took me to.

http://i1114.photobucket.com/albums/k528/Sam_Moss/Untitled.png

this seemed a little fishy to me and would like someone to tell me if this is the real deal or a trojan implanted to make me run this utility for nevarious reasons. This is the first such instance of Security Essentials giving me an alert and am REAL unsure as to the authenticity of what I am receiving. It just does not look right to me and hope someone can help me with this.
Sam~

 

[moss8448]

BTW...i am currently running Kaspersky and Malwarbytes to see if they pick up any thing. Security Essentials is up to date.

 

[clifford_cooley]

I would not run setup.exe in the second photo. You should remove the file from your PC.

You are wise in questioning such behavior and quite possibly prevented contamination.

 

[moss8448]

First off I noticed the error box did not have the proper looking windows icons and then after further review I noticed that there were some spelling errors but like things in the past they resemble closely enough where the unsuspecting would have a go at it and if you look at the address bar on the second scrnsht you see it says IE5 when no one to my knowledge runs IE5 anymore and that is just a few things that stood out.

I ran Kaspersky and Malwarebytes and nothing was detected and that has me worried. Has this been reported to MS? If not why? I updated and ran Security Essentials also and it did find one and it was promptly deleted.

 

[Nibiru2012]

Of course MS knows about it, there's not much they can do on their end to rectify though. As long as there are unscrupulous individuals and groups out there contriving methods to obtain 'easy money', then the Windows user will see them from time to time.

Since you have both Kaspersky and Malewarebytes you probably shouldn't concern yourself. Just be sure to do thorough scans and temp file cleanups.

 

[Shintaro]

When it comes to viruses and Malware I am paranoid. I have been lucky and haven't been infected for a long time, touch wood!
So my suggestion (the paranoid one) would be to do an offline scan using Microsoft Defender (Security Essentials).
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline

 

[moss8448]

Viruses & MSE

A perplexing thing was Kaspersky and Malwarebytes did not detect anything but MSE found one then I ran Super-AntiVirus and it found 16 viruses and 2 Trojans..now that is a little scarey...all of course were deep complete scans.

Another question to all.. does Safe Mode allow you use the MS Default Programs in the Start mode? When I clicked on it in safe mode it ignored me.

Another thing I tried was making boot disc's to run from the Boot Manager with Windows Defender and Kaspersky Rescue disc10 but was unable to run them. It seems that even though I toggled the boot options to run from cd/dvd mode it ignores that and opens windows from internal hard drive mode no matter what...is this normal? I made both disc's in the ISO fashion called for and they (the disc's) are recognized by the dvd player and list the proper content according to the info provided but yet will not run in boot mode. Supposedly these options are for infected machines that by pass all applications and do deep scans of all software but I am left at the starting gate because of the boot manager by passing the cd/dvd drive....anyone have any ideas as to why this happens other than the obvious?

 

[Shintaro]

I created mine on a USB. Because the virus pattern becomes out of date within a couple of days or even earlier.

On some systems, when they are starting, before starting windows, it can be the F12 key that lets you choose what to boot from.
If you choose to boot from your CD or DVD that you made with Windows Defender and it fails, then something went wrong with the CD or DVD creation.

The system should boot from whatever disk or USB you made with Windows Defender offline tool. That way it makes it very difficult for viruses to hide from the virus scan.
Windows will not load, you will probably see the windows start screen, but then it will go in to Windows Defender.

 

[davehc]

Hi Moss. I was interested in your mention of Superantivirusspyware. I had not previously heard of it and decided to have a look. It did seem that, in spite of its name, it scanned for everything. I pride myself on a "clean"computer, as far as that is possible. I was suspicious, when "super" found 413 threats!!!! I examined the results and found that these were all cookies in the Mozilla folder under usename. I have not used FF for some weeks and thought this odd. . But I manually removed the cookies and ran "Super" again. This time it found nothing. I have no idea why Super decided these cookies were threats, but it might explain your own scan results? It does seem however, that MSE does not pay attention to the contents of cookies? (Maybe it need not?)
But the spin off, for me, was that Ccleaner, which I use frequently, had ignored those cookies tucked away in Mozilla.

Back to the OP. Clifford's advice in the second post is sound. I see no reason for you to worry over that item. Just don't take any further action with it.

 

[moss8448]

Scanning for Viruses

I did finally get Kaspersky USB rescue 10 up and running and phew it found no more threats....and dave I acutally found 2 trojans with the SuperAntiVirus utility or atleast that is what it called it and about five seperate viruses and the rest where PUP related mostly from CNET downloads of all things so those may be those cookie deals you mentioned..I too use Mozilla on occasion just because of its download ability...sometimes it allows downloads that IE9 refuses...on things like games for windows live and origin/ea sites...to get updates and what not....odd how IE9 will not allow those to start but FireFox will and their security is touted to be the gold standard of browsers...I have yet to run the MS Defender off line anti-virus and frankly don't think it is needed after Kasperskys very thorough scan utility but as we all know one can't be TOO safe...and thanks to all of you who have given me ideas and answered this post.

 

[moss8448]

btw what Clifford said is sage advice but the thing was I could not find the dang file that caused this issue...so that set me to scrambling to rid myself of it

 

[Shintaro]

If you know that you have the latest virus pattern file from Kasperskys, then there is no point.
I know that Defender downloads the latest virus pattern file during the creation of the CD/DVD/USB.

 

[moss8448]

thanks Shintaro and yes it updated itself when I launched it and the latest greatest was earlier today so I feel pretty good about it overall...and btw I do have that (Defender) downloaded onto a DVD but haven't yet transferred it to a USB and do plan to use it just to see how it runs...for some reason when I boot to dvd it is not recognized but the usb is so usb it is then...that'll be another post I reckon

 

[Shintaro]

If you think that everything is ok now, can you please mark the thread as Solved.

 

[davehc]

By the way. I was impressed with Superantivirusspyware.

 

[moss8448]

Shanghaied

Dave ...SuperAvS does seem to cover a lot of bases....and Shintaro I haven't seen where to click on '' Solved "....it really isn't solved per say....we probably will never figure out how MS Security Essentials got shanghaied on a web browser..and when this '' drive by '' popped up and I tried to delete it it does not respond and it seems like anything you click on activates it...so if we want to call it solved by running anti-virus utilities off line then so be it... but it does make you wonder if it really is gone..that is the thing about these deals you just never know...there should be a '' maybe solved " button

 

[moss8448]

okay I hit solved now I have to find the thank you buttons...just in case thank all you guys....salute