New MS Malware tool

Topic

New Reply

Microsoft has released a new Malware removal tool. It checks for certain malicious programs on your system, It updates the second Tuesday of each month. ( seems rather long period )
You can get it at the regular Windows Update site or manually download it at Malware Tool

Reply | Quote

Replies

With the reduction in the size of our corporate owners I have lost access to the, limited, testing lab. Just wondering if anyone has a chance to test this in a hostile environment.

Reply | Quote

See the thread beginning with post 442253.

I have tried the online version of the tool with no problems. The tool currently only checks for and fixes 8 malicious software families.

Reply | Quote

I didn’t notice the other thread about this program.
Also didn’t see where it could be started manually. It seems to me that the exe file you download IS the whole thing.
I stuck it in a utility folder and created a shortcut to it on the desktop. Every time you run it it asks for the EULA acceptance.
I guess I will keep it around for a while and run it along with the other malware tools to see if it is worthwhile keeping.

Reply | Quote

Thanks, Bob and Tony.

Looks like our corporate firewall is blocking that from running. I’ll have to play with the downloaded version after all.

Reply | Quote

Granville

You want to check both Microsoft Knowledge Base Article 890830 and Microsoft Knowledge Base Article 891716 (enterprise environment use), I would say. (Note the naff BATch file in the latter)..

The Malware Removal Tool just seems to be a combination of the individual removal tools for eight virus families which were prevalent several months ago:

Win32/Berbew
Win32/Doomjuice
Win32/Gaobot
Win32/MSBlast
Win32/Mydoom
Win32/Nachi
Win32/Sasser
Win32/Zindos

It seems a good idea to have this tool on “average user” PCs, because people are still being attacked on port 135 by many PCs still infected!

However, I still haven’t tracked down the executable on my PC under the expected filename WINDOWS-KB890830-ENU*.exe even though Windows Update downloaded and (apparently) installed it! All I get is a PreFetch file…

John

Reply | Quote

Just another reminder that the Microsoft Malicious Software Removal Tool gets updated on the second Tuesday of each month, can be run either from their website or downloaded and run from your hard disk, and now supports the removal of lots more viruses. Log is placed in C:WINDOWSdebugmrt.log.

Of course, running this tool will be unnecessary if you have followed all the other advice in this forum!!

John

Reply | Quote

Granville

You want to check both Microsoft Knowledge Base Article 890830 and Microsoft Knowledge Base Article 891716 (enterprise environment use), I would say. (Note the naff BATch file in the latter)..

The Malware Removal Tool just seems to be a combination of the individual removal tools for eight virus families which were prevalent several months ago:

Win32/Berbew
Win32/Doomjuice
Win32/Gaobot
Win32/MSBlast
Win32/Mydoom
Win32/Nachi
Win32/Sasser
Win32/Zindos

It seems a good idea to have this tool on “average user” PCs, because people are still being attacked on port 135 by many PCs still infected!

However, I still haven’t tracked down the executable on my PC under the expected filename WINDOWS-KB890830-ENU*.exe even though Windows Update downloaded and (apparently) installed it! All I get is a PreFetch file…

John

Reply | Quote

Thanks, Bob and Tony.

Looks like our corporate firewall is blocking that from running. I’ll have to play with the downloaded version after all.

Reply | Quote

I didn’t notice the other thread about this program.
Also didn’t see where it could be started manually. It seems to me that the exe file you download IS the whole thing.
I stuck it in a utility folder and created a shortcut to it on the desktop. Every time you run it it asks for the EULA acceptance.
I guess I will keep it around for a while and run it along with the other malware tools to see if it is worthwhile keeping.

Reply | Quote

See the thread beginning with post 442253.

I have tried the online version of the tool with no problems. The tool currently only checks for and fixes 8 malicious software families.

Reply | Quote