W
W_Whelan
Guest
System Description: Windows 7 Home Premium (64-bit), Service Pack 1, built ~ Dec 2011 w/OS loaded from MS Windows 7 install DVD, all critical updates applied. Browsers: IE 11 (11.0.9600.18314, update version 11.0.32), FireFox (V46.0.1), MS Office 2007. Antivirus s/w Microsoft Security Essentials (MSE) installed when system built w/all latest updates; Win7 firewall and router hardware firewall. System does scheduled MSE Full Scans weekly w/never any report of malware.
Hardware: Intel DP55WB board w/16GB RAM, (2) 1TB HDDs, CPU: Intel Core(tm) i5 @ 2.67GHz.
Background:
Several days ago I got what I believe was a spoof email though it wasn't immediately recognized as such. It said "mail error code 12789" with no message but with a link. I clicked the link. It connected to the Outlook Mail user login page. I also got a popup saying call this number (1-866-xxx-yyyy) for "Microsoft Outlook Mail" support. At this point I stopped, concerned for malware. The popup was difficult to kill but eventually I did with the Task Manager.
My concern is/was: By clinking the link to the login page I may have unleashed a virus.
I did an MSE Quick Scan and saw the following message during the scanning: Preliminary scan results show that malicious or potentially unwanted software may exist on your system. You can review the detected items when the scan has completed. There were no items listed in the in the MSE scan History tab at scan completion and MSE reported "No Items were found" with the normal clean scan checkmark. A Full Scan showed the same result, an alert during scanning, but nothing shown after scan completion.
I did two other system checks 1) From the Command Window: sfc /scannow which came up negative; 2) Scanned with the latest MS Security Scanner s/w which also came up negative.
Doing a MS User Community search I found this link with a very recent similar report: http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/mse-states-preliminary-scan-results-might-have/9d4d619a-036d-4d24-88f7-caa768f02ada This linked the potentially spurious MSE alert with Microsoft.NET Framework s/w being enabled. When this feature was disabled there was no alert during MSE scanning. I tried this and found the same effect. Re-enabling caused the alert warning to reappear, but w/the same clean final post-scan report. I then noted this behavior on the thread above and was advised to start my own thread.
My questions:
1) Is there a known malware-related vulnerability associated with Microsoft.NET Framework s/w and if so what is recommended to address it?
2) Should I dig deeper w/other malware detecting tools looking for possible malware (or is this a known MSE "quirk")?
TIA
Continue reading...
Hardware: Intel DP55WB board w/16GB RAM, (2) 1TB HDDs, CPU: Intel Core(tm) i5 @ 2.67GHz.
Background:
Several days ago I got what I believe was a spoof email though it wasn't immediately recognized as such. It said "mail error code 12789" with no message but with a link. I clicked the link. It connected to the Outlook Mail user login page. I also got a popup saying call this number (1-866-xxx-yyyy) for "Microsoft Outlook Mail" support. At this point I stopped, concerned for malware. The popup was difficult to kill but eventually I did with the Task Manager.
My concern is/was: By clinking the link to the login page I may have unleashed a virus.
I did an MSE Quick Scan and saw the following message during the scanning: Preliminary scan results show that malicious or potentially unwanted software may exist on your system. You can review the detected items when the scan has completed. There were no items listed in the in the MSE scan History tab at scan completion and MSE reported "No Items were found" with the normal clean scan checkmark. A Full Scan showed the same result, an alert during scanning, but nothing shown after scan completion.
I did two other system checks 1) From the Command Window: sfc /scannow which came up negative; 2) Scanned with the latest MS Security Scanner s/w which also came up negative.
Doing a MS User Community search I found this link with a very recent similar report: http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/mse-states-preliminary-scan-results-might-have/9d4d619a-036d-4d24-88f7-caa768f02ada This linked the potentially spurious MSE alert with Microsoft.NET Framework s/w being enabled. When this feature was disabled there was no alert during MSE scanning. I tried this and found the same effect. Re-enabling caused the alert warning to reappear, but w/the same clean final post-scan report. I then noted this behavior on the thread above and was advised to start my own thread.
My questions:
1) Is there a known malware-related vulnerability associated with Microsoft.NET Framework s/w and if so what is recommended to address it?
2) Should I dig deeper w/other malware detecting tools looking for possible malware (or is this a known MSE "quirk")?
TIA
Continue reading...