Hey MSE, why did you make me panic? It told Apache files are Trojan:Win32/Critet.BS.

Update (Mar.22):

   Today, I’ve updated Apache from 2.4.32 to 2.4.33. Now, MSE says all files are clean. What was that alert? Really compromised or not? Anyway, I backed the MSE settings to the default.

   This morning Microsoft Security Essentials suddenly told Apache files are Trojan:Win32/Critet.BS and quarantined them, so Apache stopped on my server PC whose OS is Windows7 HE SP1. Although I needed to recover the service immediately, I had to take my mother to a hospital. Therefore the service must have been unavailable for about an hour.

   After arriving at the hospital, I tried to solve MSE false detection in the waiting lounge 😦. I excluded the server ware directories from MSE auto detection and permitted Trojan:Win32/Critet.BS works. If Trojan:Win32/Critet.BS is not Apache files comes to my PC, it is very problem though.
   I think both of Windows7 and MSE are not for WEB server use and some malware recently install Apache httpd for their correspondence. So this false detection is not necessarily false, but it is very trouble for me.


Leave a Reply

Your email address will not be published. Required fields are marked *