Prev: Remote Desktop Connection Will Not Launch in Windows XP
Next: Running a Program in Windows 98 Compatibility Mode
From: MowGreen on 24 May 2010 18:54
David H. Lipman wrote:
> Gary "Virus Protector" is indeed a fake but it is not classified as a "virus". It is
> classified as a trojan.
>
> There are only two ways that the MS's Malicious Software Removal Tool (MRT) is invoked.
>
> 1. Manually. That is you have to perform an "On Demand" scan with it
> (%windir%\system32\MRT.exe)
>
> 2. Automatically. That is once a month a new version of the MRT is produced and performs
> a scan of your PC when you get that month's updates through Automatic Updates.
>
> Since I doubt that you initiated a MRT "On Demand" scan, based upon this post, did you
> just get new updates via the Windows Automatic Update service ?
>
> One sure way to tell if the MRT is truly indicating there is an infection is to hit;
> Ctrl-Alt-Del, and invoke the Task Manager and sort the list by name and see if MRT.EXE is
> listed while the window showing there is an infection is still on the screen
>
> Additionally, you did NOT mention what "infection" was found, supposedly by MRT. That is
> an important fact you left out so please provide that information.
>
> -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV -
> http://www.pctipp.ch/downloads/dl/35905.asp


From: http://support.microsoft.com/kb/890830

" When the Malicious Software Removal Tool detects malicious software

The Malicious Software Removal Tool runs in quiet mode. If it detects
malicious software on your computer, the next time that you log on to
your computer as a computer administrator, a balloon will appear in the
notification area to make you aware of the detection. "

The notification area is usually in the bottom right hand corner of the
monitor/flat panel unless you've moved the Task Bar. Is that where
you're seeing the warning message ?

Also, the MRT creates an entry in the mrt.log, which is located in
Windows\debug, each time it does a scan.


MowGreen
================
*-343-* FDNY
Never Forgotten
================

banthecheck.com
"Security updates should *never* have *non-security content* prechecked
From: David H. Lipman on 24 May 2010 19:42
From: "MowGreen" <mowgreen(a)nowandzen.com>

| From: http://support.microsoft.com/kb/890830

| " When the Malicious Software Removal Tool detects malicious software

| The Malicious Software Removal Tool runs in quiet mode. If it detects
| malicious software on your computer, the next time that you log on to
| your computer as a computer administrator, a balloon will appear in the
| notification area to make you aware of the detection. "

| The notification area is usually in the bottom right hand corner of the
| monitor/flat panel unless you've moved the Task Bar. Is that where
| you're seeing the warning message ?

| Also, the MRT creates an entry in the mrt.log, which is located in
| Windows\debug, each time it does a scan.


Good points!

The log file is...
%windir%\Debug\mrt.log


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


First  |  Prev  | 
Pages: 1 2
Prev: Remote Desktop Connection Will Not Launch in Windows XP
Next: Running a Program in Windows 98 Compatibility Mode