Re: malicious software removal tool
- From: lopar <lopar@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 18 Sep 2009 02:20:01 -0700
OK thanks but its defintielty not there, caps or not. now i'm stuck
On my system, the file MRT.exe is located in c:\windows\system32. It is not.
a hidden, system file.
As Windows is not case sensitive, mrt.exe and MRT.exe are just two ways to
spell the name of the malicious software removal tool.
"lopar" <lopar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
OK, i have tried to find the mrt.exe file using search inc hidden files
system files. there was nothing except an ie log text file.
(by the way, and please don't think i am being funny since this is the
time i have ever posted anything anywhere, you say the file might be
in /is/ - is that a file location, or a piece of jargon or soemthing
else - i
genuinely don't know what that means (or am i being too literal and you
mean is !))
i am beginning to think its not mrt after all but somehting else. however
what could possibly delete my settings every 15th of the month ?
sorry about imprecision on AVG - its 8.5.409 - is that what you wanted ?
i can't say for sure about having installed any applications or
i don't recall doing so. would a check on add remove programs by date be
sufficient to tell me ?
Every month, around the 15th, my profile settings are corrupted and IYou may have transcribed the name incorrectly. Is it possible you
do a system restore to get them back. The system generated restore
immediately before this happens is labeled by the system 'Software
Distribution Service 3.0'. On looking into this it seems that at some
have accepted an EULA to download and run something called Malicious
Reporting Tool, and recently (a few months ago) Microsoft announced
would update this program each month (the second Tuesday of the
month) and it
would from then on automatically run a system check in the background
meant "Removal" instead of "Reporting"?
yes i do mean Removal sorry
It was there to validate the name I gave you.
yes it wasI checked on Google and there was one reference to thisThe security update you downloaded was probably a "Definitions"
potentially corrupting profile settings for users.
This would seem to be the cause of the problem therefore.
The solution on the Microsoft web page was to remove tool from the
updates list, however this item is not listed on my automatic updates
not hidden either). I have therefore changed my updates to notify me
download or install. When the program popped up a few days ago I did
therefore download it. Yesterday however I did download a Windows
security update (which I assumed was unrelated), however the system
been corrupted again.
i will definitely try this, but will it simply recreate itself when itsThings I have done to try and fix thisThe files is located at C:\WINDOWS\system32\MRT.exe and /is/
1. Tried to remove it using add remove programs - it won't let you.
definitely able to be deleted.
to run next time ?
No. However, I sincerely believe this is a move in the wrong
direction. If your goal is to temporarily delete MRT.exe to see what
happens, OK. I would reinstall it afterward though.
ok i will keep downloading updates then2. searched for the individual files in the directory to manuallySee above.
them - they seemed to be system files and it wouldn't let me
3. I found a reference to this tool working in conjunction withThe relationship between the two is almost non-existent. Furthermore,
Genuine Advantage, so I tried to remove that as well as in 1 and 2
above - I
did find some files but couldn't delete the main one.
indiscriminate file removals may render your system even further
impaired and possibly un-usable.
4. did a registry search to try and find these files and deleted aSee above. Not good!
entries to at least cause the program to fall over (I hoped), but
that didn't work either.
5. checked my firewall (zone alarm) and blocked the maliciousOnce MRT.exe is deleted it can't be executed.
- no effect (couldn't find Software Distribution Service in ZA so
6. tried to find either program in the applications tray to disableYou brought up "Task Manager", and Task Manager displays running
there (control alt delete) but couldn't see it
applications. While running, Windows Defender is a "Process".
7. tried to block it in Windows Defender (in the bit that lists allThe are related only by birth...
running) but its not listed
8. contacted Microsoft help on email who were totally useless
9. tried to access their expert user (I assume a blog page) but the
kept telling me my settings weren't right to access that service. I
the settings exactly as they suggested but I still kept getting that
10. in desperation rang them to inquire about paid support but they
they would charge £60 (even if it were a 2 minute job!). I am not
to pay that for what is after all a Microsoft's bug !
The only other thing I can think of to do is to not download any
Windows Defender either - assuming the 2 products are related.
Keeping your system from being updated is "Cutting off your nose to
spite your face".
its the free versionHowever I won't know the outcome of that for another month since itThis is a reasonable assumption.
only happens once a
If it is still causing a problem then I can only assume that the
already installed and will run once a month anyway without an update.
If that's the case I need to know how to get into the system files toSurely there must be a *better* way!
- surely there must be a way ??
Any help you can think of to give me would be very much appreciated -Only temporarily...
certainly trying to fix it myself without asking anyone and have
hours doing so, but I am at a dead end!
For info I am running Windows XP Home, SP3, with AVG and ZA.Exactly which AVG product are you using? Be very precise.
I'm afraid that's not very precise of you! You are not giving away
security secrets about yourself. Precisely what version is it?
it started an few months ago and happens once a month around 15th. noMany thanks for your help.When did this original trouble first start? Can you relate any other
system changes at that time with this trouble?
changes that i am aware of.
Had you recently installed any applications or utilities?
Do you have any other antimalware applications?
yes, spybot, superantispyware, defender, ad-aware anniversary edition,
spyware doctor (though i have to disable this one from real time
takes up too much resources). all are free versions and i run them all
monthly. don't generally find anything significant on any of them.
You may wish to add MBAM to your lineup:
thanks for your help.
Shenan has passed you a very good method for doing a comprehensive
clean-up of your system.
All though we read many posts that extol the virtues of IE8, we also
see many anecdotal stories of falling back to IE7 because of slowness
or obscure troubles.
Downloading MSRT again assures you that your copy is corruption free.
- Re: malicious software removal tool
- From: 1PW
- Re: malicious software removal tool
- Prev by Date: Re: malicious software removal tool
- Next by Date: Re: malicious software removal tool
- Previous by thread: Re: malicious software removal tool
- Next by thread: Re: malicious software removal tool