New
#30
Update: MSRT June 2017: Removing sneaky Xiazai - Windows 10 Forums
New Malicious Software Removal Tool (MSRT) 5.49 released June 13, 2017.
Download Malicious Software Removal Tool from Official Microsoft Download Center
I am a bit confuzzed.
I ran the new version of MSRT this evening and did a full scan. The tool, states that it will give you a report at the end of the scan. Along the way it informed of 3 infected files but did not provide me with details of which files these were or where they were stored. At the end, the report simply gave me a long list of things checked for with " not infected" next to each entry. I would have been really interested to know what the 3 files were and what they were infected with.
Have I missed something?
Hey Geoff, :)
You might check to see if the Malicious Software Removal Tool scan log located below may have anymore details for them.
C:\Windows\Debug\mrt.log
Shawn,
Thanks for the hint.
Below is the log file (complete).
Nothing shows there either. Normally, I just run MSRT, go off to kick the dog and tease the cat and come back after an hour or so to see if the routine has completed. This time, I sat and watched the progress of the full scan. It is then that I noticed the report that 3 files were infected but no other details.
Code:--------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.48, May 2017 (build 5.48.13801.0) Started On Wed May 10 21:42:44 2017 Engine: 1.1.13701.0 Signatures: 1.241.491.0 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted MAPS Report Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Wed May 10 21:44:55 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.48, May 2017 (build 5.48.13803.0) Started On Mon May 29 12:31:36 2017 Engine: 1.1.13704.0 Signatures: 1.243.729.0 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Mon May 29 12:33:56 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.49, June 2017 (build 5.49.13902.0) Started On Fri Jun 16 23:28:03 2017 Engine: 1.1.13804.0 Signatures: 1.245.112.0 Run Mode: Scan Run From Windows Update Results Summary: ---------------- No infection found. Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Fri Jun 16 23:30:23 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.49, June 2017 (build 5.49.13902.0) Started On Thu Jun 22 17:41:18 2017 Engine: 1.1.13804.0 Signatures: 1.245.112.0 Run Mode: Interactive Graphical Mode Results Summary: ---------------- No infection found. Successfully Submitted MAPS Report Successfully Submitted Heartbeat Report Microsoft Windows Malicious Software Removal Tool Finished On Thu Jun 22 20:48:19 2017 Return code: 0 (0x0)
Odd. You might try running a Windows Defender Offline scan to see what results it gives you.
Windows Defender Offline Scan in Windows 10 Windows 10 Security System Tutorials
I have had in MRST & MBAM(MBAM not MB3) positives show during a scan, but when it was over, it said clean, so maybe it, just shows possible positive, until it scans the rest of the folders, to see the complete picture.
For example, it thinks it finds something in ProgramsX86, but then it sees the rest in ProgramData/AppData, and then says all is OK.
By the way, since I uninstalled MSI Command Center, which communicates directly with BIOS settings(root kit) for overclocking, I do not get any more of these.
Hi,
I typed mrt into search and ran as admin, and I got this:
This app has been blocked by your system administrator.
Contact your system administrator for more info.
So how do I run it?