Microsoft Security Essentials false positive.

Thought I would share this with you.
I installed Microsoft Security Essentials a month ago.
Just like Symantec, it does not like some "Joke" files.
However, it does not like a lot of other stuff.
It was able to remove a few items it called Trojans, Trojan Downloader, Backdoor, Remote Control Software etc before I was

able to tame it in settings.

For example:

Microsoft Security Essentials


Category: Trojan Downloader

Description: This program is dangerous and downloads other programs.

Recommendation: Permit this detected item only if you trust the program or the software publisher.

Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still

access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow'

action and click 'Apply actions'. If this option is not available, log on as administrator or ask the local administrator for

help.

Items:
file:C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdateBeta.exe
file:C:\Documents and Settings\Owner\Local Settings\Temp\4.exe
service:GoogleUpdateBeta

If (as I am sure it is) this is a false positive, I am now considering going back to Symantec because you can have it ask

before it does most things.
If an Antimalware program can (by default) mess up a legitimate program with no undo, I’m not sure it’s worth having.
It also attacked my UBCD4Win and I’m sure that this is false.
Fortunately I found the settings and changed the default actions “Remove” to “Quarantine”.
I can restore from there.
I do not know how to let Microsoft know.
Joe

 

 

Question Info


Last updated December 16, 2018 Views 4,888 Applies to:
Answer
Answer

In case of false positive detection please log on to:

https://www.microsoft.com/security/portal/Submission/Submit.aspx

and report those file to Microsoft and make sure you also checked the box that said:

I believe this file should not be detected as malware

And also explian a bit about source and why you think it is false positive.

It could help Microsoft to enhance Malware protection and scanning.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Answer
Answer

I scanned UBCD4Win just a couple of days ago using the default settings and if I remember correctly at the end of the scan I was presented with the results and the recommended action to take. The detections were angryscan, ultra vnc, real vnc and keydump. The recommended action to take was remove but it could be changed to allow, which I did. MSE does ask prior to taking action but if there is no user input it will take automatic action per your settings after a few minutes.

Jim


Microsoft MVP Consumer Security - Forum Moderator - Live One Care - Live Mesh - Microsoft Security Essentials

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.