Z
Zygy
Should I download Malicious Software Removal Tool or is it not necessary
with Vista Security Protection?
with Vista Security Protection?
M
Malke
Zygy said:
There is no "Vista Security Protection" product. Even though Vista was
designed to be a more secure operating system than XP, you still need an
antivirus, firewall (the built-in Vista Firewall is fine for most
people), and a non-viral malware scanner (the built-in Windows Defender
is fine for most people).
The Malicious Software Removal Tool is a limited program that searches
for some specific forms of malware. It will not hurt you to run it.
Malicious Software Removal Tool explanation -
http://www.microsoft.com/security/malwareremove/default.mspx
Malke
D
dean-dean
Windows Update offers the scan once a month. (Look at your Update history,
when you open Windows Update). But yes, you can also download the Tool and
run it whenever you like.
http://www.microsoft.com/downloads/...e0-e72d-4f54-9ab3-75b8eb148356&displaylang=en
when you open Windows Update). But yes, you can also download the Tool and
run it whenever you like.
http://www.microsoft.com/downloads/...e0-e72d-4f54-9ab3-75b8eb148356&displaylang=en
Z
Zygy
Hi, Many thanks for the replies.I do already have all the other protections,
but as experts do you also run the Malicious Software Removal Tool?
but as experts do you also run the Malicious Software Removal Tool?
M
Malke
Zygy said:
I usually let it run on my Windows machines when it appears in the
monthly updates. It has never hurt anything. It has never found anything
either, but I run a tight ship on those computers. ;-)
Malke
D
dean-dean
The Malicious Software Removal Tool is updated through Windows Update once a
month. Windows Update runs the Tool "silently", without user input, unless
it finds a problem. If you want to see an interface, and a list of the
malicious software it checks for (which are hyperlinked for more info), make
a shortcut to C:\Windows\System32\mrt.exe (right-click on mrt.exe > Send To
scan, and a report afterwards. As the Tool states, it's not a replacement
for an Anti-Virus product, but merely checks, on demand, for some of the
malicious-software biggies. In response to your initial question,
downloading it isn't really necessary if Windows Update is up-to-date.
month. Windows Update runs the Tool "silently", without user input, unless
it finds a problem. If you want to see an interface, and a list of the
malicious software it checks for (which are hyperlinked for more info), make
a shortcut to C:\Windows\System32\mrt.exe (right-click on mrt.exe > Send To
type of scan (Quick, Full, or Customized). You'll see the progress of the
scan, and a report afterwards. As the Tool states, it's not a replacement
for an Anti-Virus product, but merely checks, on demand, for some of the
malicious-software biggies. In response to your initial question,
downloading it isn't really necessary if Windows Update is up-to-date.
Z
Zygy
Many thanks for the very comprehensive reply. However I cannot find the
Malicious Software Removal Tool, to apply your suggestion on a shortcut,
although I downloaded and run it. I looked in Start, Search, but I cannot
see anything resembling it. Can you suggest where I should look?
Malicious Software Removal Tool, to apply your suggestion on a shortcut,
although I downloaded and run it. I looked in Start, Search, but I cannot
see anything resembling it. Can you suggest where I should look?
D
dean-dean
Hi Zygy. There is no shortcut made to the program, by default. Using
Windows Explorer, navigate to C:\Windows\System32, and look for the file
named mrt.exe. Then right-click on that file and choose Send To >Desktop
(create shortcut). This will put a shortcut on your Desktop, which you can
rename Malicious Software Removal Tool. From there you can move it to
wherever you like. For example, if you want it in your start Menu,
right-click the Start button and choose Open. Then open the Programs
folder. Drag the icon into the folder you want. This will put the shortcut
in your Start Menu.
Windows Explorer, navigate to C:\Windows\System32, and look for the file
named mrt.exe. Then right-click on that file and choose Send To >Desktop
(create shortcut). This will put a shortcut on your Desktop, which you can
rename Malicious Software Removal Tool. From there you can move it to
wherever you like. For example, if you want it in your start Menu,
right-click the Start button and choose Open. Then open the Programs
folder. Drag the icon into the folder you want. This will put the shortcut
in your Start Menu.
Z
Zygy
Hi Dean, many thanks for the explanation. However I failed to find the file
to which you refer in Explore and what is even more interesting is that a
Search for C:\Windows\System32 will produce every mention in our exchanges
of Malicious Software Removal Tool, but not the file. To resolve this I
downloaded the file and saved it on the Desktop, which gives me the same
facilities. If you have any ideas why I cannot find the file by going on a
right click to Start/Explore I would be interested to hear.
to which you refer in Explore and what is even more interesting is that a
Search for C:\Windows\System32 will produce every mention in our exchanges
of Malicious Software Removal Tool, but not the file. To resolve this I
downloaded the file and saved it on the Desktop, which gives me the same
facilities. If you have any ideas why I cannot find the file by going on a
right click to Start/Explore I would be interested to hear.
D
dean-dean
Hi Zygy. Well, maybe the easiest way to get to that file with Explorer is
to double-click (Open) the Computer icon (on your Desktop, or in the Start
Menu, on the right side), then double-click (Open) your (C
Drive, then
Open the Windows folder, then Open the System32 folder. In the System32
folder, sort the files by name, and then scroll down to the file mrt.exe.
Make a shortcut as I explained in my previous post. You can also get to
that folder by pressing the Windows key + the R key on your keyboard. This
will pop up Run. Run is also found under Start Menu > Programs >
Accessories. In the Open box of Run, type (or Copy and Paste):
C:\Windows\System32
Click on OK. This will open the System32 folder. Or you could type:
C:\Windows\System32\mrt.exe
Click on OK. This will open the Malicious Software Removal Tool.
to double-click (Open) the Computer icon (on your Desktop, or in the Start
Menu, on the right side), then double-click (Open) your (C
Drive, thenOpen the Windows folder, then Open the System32 folder. In the System32
folder, sort the files by name, and then scroll down to the file mrt.exe.
Make a shortcut as I explained in my previous post. You can also get to
that folder by pressing the Windows key + the R key on your keyboard. This
will pop up Run. Run is also found under Start Menu > Programs >
Accessories. In the Open box of Run, type (or Copy and Paste):
C:\Windows\System32
Click on OK. This will open the System32 folder. Or you could type:
C:\Windows\System32\mrt.exe
Click on OK. This will open the Malicious Software Removal Tool.
Z
Zygy
Hi Dean, You are a mine of information for someone like me, a self-taught
user. Many thanks for being so helpful!
user. Many thanks for being so helpful!
G
Guest
Zygy said:
D
dean-dean
What is the name of the Malicious software, and where, specifically, is it
located?
located?
G
Guest
Detection name: Dialer_Coulomb
C:\Users\Crystal\AppData\Local\Temp\$03DC67E1.t$m
When I get ot the Temp folder and open it, the file is not there, I now have
five of these with different numbers, smae address just different #'s. Any
help would be appreciated, have ran Avast, Trend, Windows Defender, AVG, I
found that AVG Spyware was now compatibel with Vista. It wasn't a few months
ago so I am now scanning with that, hopefully it will kick it out for me. I
really don't knwo that much about spyware so any info would be apreciated
much, thanks!
Here is the full message I am getting:
Notification
Real-time Spyware Protection
Real-time Spyware Protection has detected spyware and performed the action
specified.
..
Action taken: Removal of a malicious program has failed. You must delete the
dangerous file yourself using Windows Explorer.
..
Incident name:
C:\Users\Crystal\AppData\Local\Temp\$03DC67E1.t$m
Detection name: Dialer_Coulomb
User name: Crystal
Note: If Search for and clean Trojans is turned on and executed after
scanning, click Next to view the final action taken.
C:\Users\Crystal\AppData\Local\Temp\$03DC67E1.t$m
When I get ot the Temp folder and open it, the file is not there, I now have
five of these with different numbers, smae address just different #'s. Any
help would be appreciated, have ran Avast, Trend, Windows Defender, AVG, I
found that AVG Spyware was now compatibel with Vista. It wasn't a few months
ago so I am now scanning with that, hopefully it will kick it out for me. I
really don't knwo that much about spyware so any info would be apreciated
much, thanks!
Here is the full message I am getting:
Notification
Real-time Spyware Protection
Real-time Spyware Protection has detected spyware and performed the action
specified.
..
Action taken: Removal of a malicious program has failed. You must delete the
dangerous file yourself using Windows Explorer.
..
Incident name:
C:\Users\Crystal\AppData\Local\Temp\$03DC67E1.t$m
Detection name: Dialer_Coulomb
User name: Crystal
Note: If Search for and clean Trojans is turned on and executed after
scanning, click Next to view the final action taken.
D
dean-dean
Try this:
First, in Control Panel > Folder Options, on the View tab, do three things.
Choose to "Show hidden files and folders", and UN-check "Hide protected
operating system files (Recommended)". If you have "Hide extensions for
known file types" checked, UN-check that (Apply, OK).
Press the Windows key + R on your keyboard. Copy and Paste this into the
Run box:
C:\Users\Crystal\AppData\Local\Temp
Click OK. Do you see the file $03DC67E1.t$m ? Or other files with $ in
their names? The files might be "dimmed", which is Explorer's way of
showing you the files are hidden. Delete all the contents of the Temp
folder, if you can. Then right-click a blank spot inside the folder, and
choose Refresh. Do files come back? If so, repeat your scans and try
deleting files in this folder in Safe Mode (without Networking).
First, in Control Panel > Folder Options, on the View tab, do three things.
Choose to "Show hidden files and folders", and UN-check "Hide protected
operating system files (Recommended)". If you have "Hide extensions for
known file types" checked, UN-check that (Apply, OK).
Press the Windows key + R on your keyboard. Copy and Paste this into the
Run box:
C:\Users\Crystal\AppData\Local\Temp
Click OK. Do you see the file $03DC67E1.t$m ? Or other files with $ in
their names? The files might be "dimmed", which is Explorer's way of
showing you the files are hidden. Delete all the contents of the Temp
folder, if you can. Then right-click a blank spot inside the folder, and
choose Refresh. Do files come back? If so, repeat your scans and try
deleting files in this folder in Safe Mode (without Networking).
G
Guest
I tried it but it didnt' work, you think it's a possibility that maybe it's
glitch? I don't think it is but it is an option I guess, tahks so much for
trying, I'm still trying, Blessed be.
glitch? I don't think it is but it is an option I guess, tahks so much for
trying, I'm still trying, Blessed be.
G
Guest
I replied yesterday but for some odd reason it didnt' post, sorry, thanks for
the advice but it didn't do it, the files aren't int eh designated folder
that it says there in. Coould it be a glitch?
the advice but it didn't do it, the files aren't int eh designated folder
that it says there in. Coould it be a glitch?
D
dean-dean
Yes, it could be a glitch, or a false positve. That's what I'm thinking.
When you run TrendMicro, make sure your definition files are up to date.
Run the scan again, with the C:\Users\Crystal\AppData\Local\Temp folder
open. See if anything shows up, while the scan is running. Keep the Temp
folder as empty as possible, so that you can see what's going on during the
scan.
When you run TrendMicro, make sure your definition files are up to date.
Run the scan again, with the C:\Users\Crystal\AppData\Local\Temp folder
open. See if anything shows up, while the scan is running. Keep the Temp
folder as empty as possible, so that you can see what's going on during the
scan.