Malicious Software Removal Tool - is it functioning?

  theDarkness 12:04 PM 28 Sep 11
Locked

I dont think Ive ever had the windows malicious software removal removal tool show its results log after running, which its supposed to. It does install, and would state that it has installed successfully, but I wasnt 100% sure if it was supposed to run immediately after that or not, or if that was an indication that it has both installed and ran. I doubted it as its supposed to scan all hard drives, so I decided to check its results log after I installed it. The results log is be found in a log file named 'mrt.log' placed in the 'C:\Windows\Debug' folder, and here was my results:-

Microsoft Windows Malicious Software Removal Tool v4.0, September 2011 Started On Wed Sep 28 11:26:32 2011 ->Scan ERROR: resource process://pid:1052 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:1352 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:2864 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:1052 (code 0x00000005 (5))

Results Summary:

No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 28 11:30:07 2011

Return code: 0 (0x0)

..could any of my own protection software be preventing it from running (avira/spywareblaster/malwarebytes/trend micro/comodo firewall), or is this just the typical log of the removal tool, when it hasnt had a chance to fun fully yet? I think it only runs in quiet mode. The 'mrt.log' above is located in the 'C:\Windows\Debug' folder. Thanks

  Secret-Squirrel 12:59 PM 28 Sep 11

"I dont think Ive ever had the windows malicious software removal removal tool show its results log after running, which its supposed to.."

The removal tool only displays a message when it detects and removes malware.

"It does install, and would state that it has installed successfully, but I wasnt 100% sure if it was supposed to run immediately after that or not"

The MRT doesn't install as such as it's a standalone scanner that specifically targets current threats. It runs just once. The following month a new version of MRT is released.

"Results Summary: No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 28 11:30:07 2011"

Looking at your report, it clearly shows that MRT ran and found no threats. I can't seem to find anything useful regarding the "errors" that were mentioned. I've just checked the log on two PCs here and get the same as you so it's probably nothing serious.

  Secret-Squirrel 13:10 PM 28 Sep 11

Perhaps I should mention that the above post refers to the version of MRT that arrives automatically via Windows Updates - I hope that's what you mean too ;)

  theDarkness 14:06 PM 28 Sep 11

yep, its the one thats installed via microsoft updates regulary. Im just hoping that the removal tool errors arent the result of it not being able to start, and "no infection found" isnt simply because it skipped the scan and found no malicious software as a result. I wonder whether the tool is really that useful or not when comparing it to other protection software that is already installed, but the main concern is if any other software really does cause problems with it running or being able to scan the drive at all-from my report it started and finished the scan in just under 4 minutes, which seems very unlikely if its to do a thorough hard drive check. I know its not a full on antivirus, and only scans specific areas, but this does seem fast. Ill try and find out exactly what areas its supposed to scan, that will surely give a better understanding and reality check in whether it really did do the job it was supposed to ;)

  Secret-Squirrel 16:32 PM 28 Sep 11

"it started and finished the scan in just under 4 minutes, which seems very unlikely if its to do a thorough hard drive check"

Looking at the log on my laptop, the scan always takes just over one minute - it's the same for the months where no errors are encountered.

The MRT probably just checks the files associated with active processes - that's how it can complete its scans so quickly.

  theDarkness 22:11 PM 28 Sep 11

After googling up the removal tool again, it would seem that the scan does indeed finish scanning, but as 4 'scan errors' did come up on my machine, it definately had issues along the way.. as a guess-the errors indicating not being able to access/scan a process or item on the machine.

My own error codes dont match any shown on the ms website for the removal tool as the codes are for an older version of windows http://support.microsoft.com/kb/891717 but I found more info regarding each error code for vista/7 here (8th post down) http://forums.malwarebytes.org/index.php?showtopic=12854 which amongst other websites showing their log results also, proves the error codes are at least very common-not that thats a great thing :) ..code '0x00000005' in the log is common.. some websites seem to think that could be the result of an infected system or damaged/incorrectly written files but Im not reading too much into it-im pretty sure this system is clean, and the last error check was quite recent

Advertisement

This thread is now locked and can not be replied to.

How to get Windows 10 now: how to download and install Windows 10 even if GWX.exe is missing

1995-2015: How technology has changed the world in 20 years

Nokia rolls out spherical camera for virtual reality apps

7 best iPhone web browser apps: Why Safari for iOS is still a better option than Chrome, Dolphin,…