Re: 890830 The Microsoft Windows Malicious Software Removal Tool



From: "Bob" <uctraing@xxxxxxxxxxxx>

| Is it true that this download is a one time occurrence - that is,
| download, run, no trace left behind - even as part of a group of
| "critical updates" ?
|
| The MS instructions make it clear that if you manually download it as
| a separate product and run it that is it a one time shot - but if you
| let it get downloaded as a part of Windows Critical Updates does it
| perform the same way? That is, there are no programs/modules left
| behind to load and execute on a daily basis ?
|
| Thanks,

It will download and execute as an "One Demand" anti virus type scanner.

It is not a HotFix and so you will not find it in the Control Panel applet, Add/Remove
Programs.

The last version executed *IS* left behind...

The utility is...
%windir%\system32\MRT.exe

Command line switches...

/? or /HELP = displays the command line switches
/Q = quiet
/N = detect only
/F = force extended scan
/F:Y = force extended scan and automatically clean infected files

The following is the resultant log file...

%windir%\Debug\mrt.log

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


.



Relevant Pages

  • Re: SP3 potential problem
    ... Enquire, plan and execute ... download the Net framework updates. ... Net Framework items from my machine. ...
    (microsoft.public.windowsxp.basics)
  • RE: File extensions spoofable in MSIE download dialog
    ... notepad.exe (as a file with the usual ".log" extension would be) ... In no instance was I able to "silently" download and execute an executable ... These are the two browsers I tested with: ...
    (Bugtraq)
  • Re: Trojan Horse
    ... NewCrapNet is not classified as a virus, ... > Download and install Ad-aware SE ... > signature files and install them before performing the scan. ... > Execute; CLEAN.EXE ...
    (microsoft.public.windowsupdate)
  • Re: New Patch Fixes 43 Flaws In OS X, Many Serious
    ... Process *ids* aren't tied to user ids; ... Try it yourself; download a text file ... Evil code, and execute. ... have to hand-install the widgets, ...
    (comp.sys.mac.advocacy)
  • Re: Trojan Horse
    ... Download and install Ad-aware SE ... DOS disk boot images can be obtained from; ... Execute; CLEAN.EXE ... It would be a good idea to scan in Safe Mode and in Normal Mode and save a copy of the HTML ...
    (microsoft.public.windowsupdate)