Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: MSE fails these SIMPLE programs

31 Oct 2009   #1
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 
MSE fails these SIMPLE programs

Hi all
Whilst I'm not usually keen on most av software it should actually do "what it says on the tin".

I thought I'd test MSE on a VM with a deliberately infected popup hijacker.

MSE gave it a clean bill of health.

The free version of Malwarebytes Anti malware (we call it "Animalware") correctly identified the offending software and registry keys

here's the log (MSE failed to find anything).

Malwarebytes' Anti-Malware 1.41
Database version: 3065
Windows 6.1.7600
31/10/2009 10:21:40
mbam-log-2009-10-31 (10-21-40).txt
Scan type: Quick Scan
Objects scanned: 93221
Time elapsed: 2 minute(s), 45 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChange s (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.


So OK this test is not exhaustive but it looks like MSE needs a bit more work on it.

I've totally wiped the infected VM -- VM's are great for this type of testing - I would recommend DO NOT install VIRUSES for testing purposes on ANY machine connected to your LAN -- use a STAND ALONE machine with no Internet access then you should be quite safe testing these things.

Also use a dedicated CD/DVD RW for installing the software so you can completely wipe it with a COMPLETE ERASE (write binary zeros to every track) before loading new "malicious" software for testing. -- sometime USB sticks get infected and can load viruses on to CLEAN machines if you play around with this type of stuff.

Cheers
jimbo


My System SpecsSystem Spec
.
31 Oct 2009   #2
gamepro127

Windows 7 Enterprise x64
 
 

Could you try:
Norton 360 V4 BETA. You haft to give them some info but its a very good product.
For download, go here:

Spyware Free Protection ? Norton 360 v4 Beta Free Registration
My System SpecsSystem Spec
31 Oct 2009   #3
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Hi there

Maybe later

BTW MSE DID find these successfully (as did Malwarebytes).

CAREFUL if you install these for trialling how good your AV software is -- Keep away from other machines in the LAN if you play around testing.

enc snapshot.

Cheers
jimbo


Attached Thumbnails
MSE  fails these SIMPLE programs-virus.png  
My System SpecsSystem Spec
.

31 Oct 2009   #4
Dinesh

Windows® 8 Pro (64-bit)
 
 

I m confused. In your 1st post, you said that MSE gave a clean bill of health. Now you are saying that MSE was able to detect these items. ???
My System SpecsSystem Spec
31 Oct 2009   #5
Thisislaw

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by Dinesh View Post
I m confused. In your 1st post, you said that MSE gave a clean bill of health. Now you are saying that MSE was able to detect these items. ???
I am also confused about this.
I would just like to say MSE is amazing and saved me so many times.
The best anti-virus I have used. Been using it since beta and have been quite surprised.
My System SpecsSystem Spec
31 Oct 2009   #6
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

No Anti-virus or Anti-spyware software program is 100% correct in their detections and definitions.
This is one of the reasons we urge people to run 'online' scans as well as keeping their personal 'Anti-malware' and vulnerable software programs up to date.

I won't dispute that MSE could have missed this {Vundo} infection, but I've also seen other Antivirus apps missed it too.

Vundo/Virtumond is getting really nasty ... and it changes all the time. We see rootkits, Backdoor Trojans --> = thiefware (critical information stolen and sold) downloaded with this particular fake codec, fake anti-spyware/virus, infected web page/banner scripts, etc...

What SIMPLE programs did you download
My System SpecsSystem Spec
Reply

 MSE fails these SIMPLE programs




Thread Tools




Similar help and support threads
Thread Forum
Windows 7 Convenience Roll-up fails and fails...
Hi everyone! First time poster, long time listener... I work IT for a moderately-sized business and I just did a clean install on one of the user laptops that isn't in rotation at the moment. I clean installed Windows 7 Professional, 64-bit. Nothing has been installed on this PC (besides...
Windows Updates & Activation
update fails, SP1 install fails, troubleshooter fails
I'm simply attempting to run update on my Windows 7 machine. Update will not run, downloading and running the SP1 update fails, downloading and running the Update Readiness Tool fails, trying to launch a troubleshooter fails. I ran sfc and have attached the log along with all the error codes...
Windows Updates & Activation
Windows Experience Index fails/winsat formal fails invalid character
So you try to run the 'rate my computer' and it fails showing this error message: http://i86.photobucket.com/albums/k109/mikesndbs/New%20PC%202014/syserrorwei_zpse6784f1e.jpg You are then advised to run a command prompt (old dos screen) as administrator and key in and run winsat formal. ...
Performance & Maintenance
Windows fails to boot, startup repair fails to fix
Hello more knowledgeable person than myself. I've been having trouble trying to get my computer to boot; I'd noticed a drop in performance (still unsure why) so decided to boot up in safe mode and poke around - it was not my original intention to install Advanced SystemCare 5.3.0 but somehow it...
General Discussion
Programs missing, Windows repair fails, and Windows upgrade fails
Hello and thanks for reading. Let me begin by saying I've been trying to figure this problem out for hours and hours now, and every solution I find that looks promising, just leads me in circles. I'm trying my best to avoid a clean install. The problem started while playing a game, causing a...
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 15:02.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App