Re: 890830 The Microsoft Windows Malicious Software Removal Tool

From: "Bob" <uctraing@xxxxxxxxxxxx>

| Is it true that this download is a one time occurrence - that is,
| download, run, no trace left behind - even as part of a group of
| "critical updates" ?
| The MS instructions make it clear that if you manually download it as
| a separate product and run it that is it a one time shot - but if you
| let it get downloaded as a part of Windows Critical Updates does it
| perform the same way? That is, there are no programs/modules left
| behind to load and execute on a daily basis ?
| Thanks,

It will download and execute as an "One Demand" anti virus type scanner.

It is not a HotFix and so you will not find it in the Control Panel applet, Add/Remove

The last version executed *IS* left behind...

The utility is...

Command line switches...

/? or /HELP = displays the command line switches
/Q = quiet
/N = detect only
/F = force extended scan
/F:Y = force extended scan and automatically clean infected files

The following is the resultant log file...




Relevant Pages

  • Re: SP3 potential problem
    ... Enquire, plan and execute ... download the Net framework updates. ... Net Framework items from my machine. ...
  • RE: File extensions spoofable in MSIE download dialog
    ... notepad.exe (as a file with the usual ".log" extension would be) ... In no instance was I able to "silently" download and execute an executable ... These are the two browsers I tested with: ...
  • Re: Trojan Horse
    ... NewCrapNet is not classified as a virus, ... > Download and install Ad-aware SE ... > signature files and install them before performing the scan. ... > Execute; CLEAN.EXE ...
  • Re: New Patch Fixes 43 Flaws In OS X, Many Serious
    ... Process *ids* aren't tied to user ids; ... Try it yourself; download a text file ... Evil code, and execute. ... have to hand-install the widgets, ...
  • Re: Trojan Horse
    ... Download and install Ad-aware SE ... DOS disk boot images can be obtained from; ... Execute; CLEAN.EXE ... It would be a good idea to scan in Safe Mode and in Normal Mode and save a copy of the HTML ...