Problems? See this thread at archive.org.
Had a friend download something fishy, and MSE detected it (2 exploit packs) right away - however he tells me that he clicked "allow" for both, I don't know why.
Now, I'm sitting here with his computer, and sure enough MSE's history does say that 2 files were set to "allow" (Trojan:Mesdeh and a java exploit). However when I look at the logged location of the download, there is nothing to be found! He says he didn't delete anything, so where has this .zip package gone to? The MSE log also says it has been copied to mse's own quarantine zone (\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\), which I promptly deleted. But we can't figure out how the 2 files in question have been "allowed", yet the entire .zip archive that they were contained in is gone.
I'm running a full scan with MSE on his comp as I type this but it will take a while; so now I'm wondering will MSE even detect something that A) apparently isn't even there anymore and B) has already been told to "allow"? I don't see an option to remove or quarantine anything that has been allowed within MSE.
Did MSE just remove the entire archive even though it was told to allow files in the archive? Or is something else going on here?
MSE and "allow" option
Discussion in 'Security and Anti-Virus Software' started by hakira, May 13, 2011.
