We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

Malicious Software Removal Tool - is it functioning?


theDarkness

Likes # 0

I dont think Ive ever had the windows malicious software removal removal tool show its results log after running, which its supposed to. It does install, and would state that it has installed successfully, but I wasnt 100% sure if it was supposed to run immediately after that or not, or if that was an indication that it has both installed and ran. I doubted it as its supposed to scan all hard drives, so I decided to check its results log after I installed it. The results log is be found in a log file named 'mrt.log' placed in the 'C:\Windows\Debug' folder, and here was my results:-

Microsoft Windows Malicious Software Removal Tool v4.0, September 2011 Started On Wed Sep 28 11:26:32 2011 ->Scan ERROR: resource process://pid:1052 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:1352 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:2864 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:1052 (code 0x00000005 (5))

Results Summary:

No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 28 11:30:07 2011

Return code: 0 (0x0)

..could any of my own protection software be preventing it from running (avira/spywareblaster/malwarebytes/trend micro/comodo firewall), or is this just the typical log of the removal tool, when it hasnt had a chance to fun fully yet? I think it only runs in quiet mode. The 'mrt.log' above is located in the 'C:\Windows\Debug' folder. Thanks

Like this post
Secret-Squirrel

Likes # 0

"I dont think Ive ever had the windows malicious software removal removal tool show its results log after running, which its supposed to.."

The removal tool only displays a message when it detects and removes malware.

"It does install, and would state that it has installed successfully, but I wasnt 100% sure if it was supposed to run immediately after that or not"

The MRT doesn't install as such as it's a standalone scanner that specifically targets current threats. It runs just once. The following month a new version of MRT is released.

"Results Summary: No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 28 11:30:07 2011"

Looking at your report, it clearly shows that MRT ran and found no threats. I can't seem to find anything useful regarding the "errors" that were mentioned. I've just checked the log on two PCs here and get the same as you so it's probably nothing serious.

Like this post
Secret-Squirrel

Likes # 0

Perhaps I should mention that the above post refers to the version of MRT that arrives automatically via Windows Updates - I hope that's what you mean too ;)

Like this post
theDarkness

Likes # 0

yep, its the one thats installed via microsoft updates regulary. Im just hoping that the removal tool errors arent the result of it not being able to start, and "no infection found" isnt simply because it skipped the scan and found no malicious software as a result. I wonder whether the tool is really that useful or not when comparing it to other protection software that is already installed, but the main concern is if any other software really does cause problems with it running or being able to scan the drive at all-from my report it started and finished the scan in just under 4 minutes, which seems very unlikely if its to do a thorough hard drive check. I know its not a full on antivirus, and only scans specific areas, but this does seem fast. Ill try and find out exactly what areas its supposed to scan, that will surely give a better understanding and reality check in whether it really did do the job it was supposed to ;)

Like this post
Secret-Squirrel

Likes # 0

"it started and finished the scan in just under 4 minutes, which seems very unlikely if its to do a thorough hard drive check"

Looking at the log on my laptop, the scan always takes just over one minute - it's the same for the months where no errors are encountered.

The MRT probably just checks the files associated with active processes - that's how it can complete its scans so quickly.

Like this post
theDarkness

Likes # 0

After googling up the removal tool again, it would seem that the scan does indeed finish scanning, but as 4 'scan errors' did come up on my machine, it definately had issues along the way.. as a guess-the errors indicating not being able to access/scan a process or item on the machine.

My own error codes dont match any shown on the ms website for the removal tool as the codes are for an older version of windows http://support.microsoft.com/kb/891717 but I found more info regarding each error code for vista/7 here (8th post down) http://forums.malwarebytes.org/index.php?showtopic=12854 which amongst other websites showing their log results also, proves the error codes are at least very common-not that thats a great thing :) ..code '0x00000005' in the log is common.. some websites seem to think that could be the result of an infected system or damaged/incorrectly written files but Im not reading too much into it-im pretty sure this system is clean, and the last error check was quite recent

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

Samsung Galaxy Alpha vs iPhone 5S comparison review: Metal smartphones fight

IDG UK Sites

Gateway to your kingdom: why everybody should check and update their broadband router

IDG UK Sites

Fonts review

IDG UK Sites

Best Mac? Complete Apple Mac buyers guide for 2014