Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Essentials problem


  • Please log in to reply
10 replies to this topic

#1 blueballs

blueballs

  • Members
  • 129 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Geraldton Western Australia
  • Local time:02:55 AM

Posted 17 November 2014 - 06:23 AM

I have Win 7 OS with Microsoft Essentials but it hasn't detected anything for the 2 or 3 years that Ive had it installed? It updates every day but when I check history there is never anything in quarantine or anywhere else for that matter. I can remember now that it did pick up a few things when it was first installed but nothing since? I update the ME app regularly from filehippo so its not out of date,is this normal or would there be something wrong?

Edited by Queen-Evie, 18 November 2014 - 02:33 PM.
moved from All Other Applications to the appropriate forum


BC AdBot (Login to Remove)

 


m

#2 rp88

rp88

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:55 PM

Posted 18 November 2014 - 12:52 PM

microsoft security essentials is not a very effective antivirus, it works in some cases but it is the baseline against which all other antivirus programs are compared. It is included in windows 8 as a built in antivirus andf is not hugley effective on windows 8, it is less effective on oldr windows versions. Maybe you have been very lucky and never been infected, or mayeb you are infected but it can't spot the infection, I would try a second opinions scan. Use malwarebytes free scanner or eset online scanner, both are effective tools for checking for infections. Make sure to operate them in the "prompt for acton on detection" mode rather than on the "automatically disinfect or delete" mode as using the second mode increases risk of false positives. Then once you have used one (or both) of those scanners, if your system is clean install a better antivirus (avg and avast offer free ones, there are some other free options as well and many paid options), if it is infected start a thread in "virus removal logs" section of this forum and then once someone here has helped you disinfect you should then install a better antivirus. Also something sounds wrong with your method of updating, why can't you update the normal way?
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:55 PM

Posted 18 November 2014 - 03:01 PM

I have ESET NOD32 on two machines and avast! free on another. None of them have detected anything in years either. Does that mean they are not any good...of course not. You may be using best practices for Safe Computing and have safe surfing habits.

In most cases it is going to be your anti-malware tools which detects a lot more threats or potential threats such as PUPs and adware.

Anti-virus programs generally scan for infectious malware which includes viruses, worms, Trojans, rootkis and bots.

Potentially Unwanted Programs (PUPs) (Adware), Potentially Unwanted Applications (PUAs) and Potentially Unsafe Applications do not fall into any of those categories and that is the primary reason some anti-virus programs do not detect or remove them.

MSE can be updated through the program's GUI or by manually downloading the defintions from Microsoft Protection Center or a third-party hosting site. Other anti-virus vendors also allow for manually downloading and updating their products.


Do I Need to Stop Using Microsoft Security Essentials?
Microsoft Goes From Cellar to Stellar in New Antivirus Test
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:55 PM

Posted 18 November 2014 - 04:06 PM

If you are not sure that your antivirus is working, you can use the EICAR test file.

Download it from here: http://www.eicar.org/85-0-Download.html

Your antivirus should detect and remove it.

 

Do not worry, the EICAR test file is not malware.


Edited by Didier Stevens, 18 November 2014 - 04:35 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 rp88

rp88

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:55 PM

Posted 18 November 2014 - 04:25 PM

There is also another test called the spycar test file, it is the one which malwarebhtes will detect. It can be downloaded in a zip file, the zip file contains some exe files, each of them is a simulated "virus", malwarebytes will detect it if it is working, other antiviruses should also. You needn't even unzip the file. It can be downloaded by following a link from somewhere on malwarebytes's site. malwarebytes will detect this as being a test fle and recognise it, other antiviruses might treat it as a real infection, they will just delete the zip file no harm done. quietman might know the address of this page.

Edited by rp88, 18 November 2014 - 04:27 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:55 PM

Posted 18 November 2014 - 04:59 PM

I know the spycar test file, but I'm not sure MSE will detect it. But I know MSE detects EICAR.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:55 PM

Posted 18 November 2014 - 05:25 PM

Spycar worked on MSE according to a member who posted in this topic: Poll: Test your anti-spyware/malware protection
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 rp88

rp88

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:55 PM

Posted 18 November 2014 - 05:29 PM

because all the files in spycar do a kind of malicious activity (although set up so the user can undo it seconds later) they should be detected by any antivirus unless the antivirus author knows of them as being safe test files. MBAM know them to be safe test files so reports them as such "test file detected" sort of warnings. AVG doesn't know of them so it detects them as "trojan detectd inside the zip file you just scanned". if microsoft knows them it should report them as test files, if it doesn't it should report them as viruses. all tucked away in the zip file so even if they were viruses they would need extracting and running before they could harm you.

Edited by rp88, 18 November 2014 - 05:30 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:55 PM

Posted 18 November 2014 - 05:45 PM

According to VirusTotal, Microsoft does not detect the spycar zip file:

https://www.virustotal.com/en/file/cd951fea95366f48ff2a56492baade1dcb8d69d50eaee0ee215a8b7b3705b180/analysis/


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:55 PM

Posted 18 November 2014 - 05:56 PM

Since that analysis is recent...it appears they dropped the detection at some point.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:55 PM

Posted 18 November 2014 - 05:56 PM

because all the files in spycar do a kind of malicious activity ...

Spycar is designed to test the behavior-based defenses of an anti-spyware tool...mimic malware-like behavior in a benign form.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users