Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Security Essentials. ?False?


  • Please log in to reply
3 replies to this topic

#1 JoeGons

JoeGons

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 04 June 2010 - 06:52 PM

Thought I would share this with you.
I installed Microsoft Security Essentials a month ago.
Just like Symantec, it does not like some "Joke" files.
However, it does not like a lot of other stuff.
It was able to remove a few items it called Trojans, Trojan Downloader, Backdoor, Remote Control Software etc before I was

able to tame it in settings.

For example:

Microsoft Security Essentials


Category: Trojan Downloader

Description: This program is dangerous and downloads other programs.

Recommendation: Permit this detected item only if you trust the program or the software publisher.

Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still

access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow'

action and click 'Apply actions'. If this option is not available, log on as administrator or ask the local administrator for

help.

Items:
file:C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdateBeta.exe
file:C:\Documents and Settings\Owner\Local Settings\Temp\4.exe
service:GoogleUpdateBeta

Get more information about this item online.

TrojanDownloader:Win32/Troxen!rts (?)

Encyclopedia entry
Updated: Feb 18, 2010 | Published: Feb 18, 2010

Aliases
Not available

Alert Level (?)
High

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.83.363.0
Released: May 23, 2010 Detection initially created:
Definition: 1.59.358.0
Released: May 27, 2009


--------------------------------------------------------------------------------

On this page
Summary|Symptoms|Prevention|Recovery




--------------------------------------------------------------------------------


Summary
TrojanDownloader:Win32/Troxen!rts is a name used for trojan detections that have been added to Microsoft signatures after

advanced automated analysis.

The generic nature of this detection means that the malicious behaviors exhibited by files detected as

TrojanDownloader:Win32/Troxen!rts are highly variable and may vary from once instance of this detection to the next.

No further information is currently available on this threat. However, if a significant number of reports are received, then

a specific detection will be added and a detailed analysis will be created in the encyclopedia.

Top

--------------------------------------------------------------------------------


Symptoms
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the

only symptom(s).


AND ON AND ON RA-DA-DA-DA-DA.

If (as I am sure it is) this is a false positive, I am now considering going back to Symantec because you can have it ask

before it does most things.
If an Antimalware program can (by default) mess up a legitimate program with no undo, I’m not sure it’s worth having.
It also attacked my UBCD4Win and I’m sure that this is false.
Fortunately I found the settings and changed the default actions “Remove” to “Quarantine”.
I can restore from there.
I do not know how to let Microsoft know.
Joe

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:46 AM

Posted 04 June 2010 - 07:24 PM

Hello Joe.
To report software that might be incorrectly classified

If Microsoft Security Essentials alerts you about software that you don't believe is malicious or unwanted, you can report the problem to Microsoft by completing the False Positive Report Form on the Microsoft Web site.

FP Form
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 JoeGons

JoeGons
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 04 June 2010 - 07:27 PM

Thanks boopme.
I'll do the form.
Joe

P.S. That took me to Windows Defender but it led me to another option.
I will let you know what Microsoft says.

Edited by JoeGons, 04 June 2010 - 08:06 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:46 AM

Posted 04 June 2010 - 08:47 PM

Yeah this was the first link and then that seemed the better option.
http://www.microsoft.com/security_essentia...fc-ae74df9444dc

Good luck and keep us updated.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users