Microsoft Malicious software removal tool

  vass289 19:49 21 Nov 2013
Locked
Answered

Hi,

I have been running Windows 8 for about 10 months now on a new laptop. For the past week or so The user account control has started popping up on start up asking if Microsoft Malicious software removal tool can make changes to my computer. This is new so i have denied it while i look into it. I discovered that there is a virus version of it, although the description of that is different from my scenario.

Anyway, I ran the removal tool manually via run (mrt) thinking if it was a ligit request then running manually myself would satisfy the request but on restart the user account request popped up again.

It seems it will do it every time but before i agree to allow it make changes but i am apprehensive.

Can anyone confirm if it is a legitimate request or should i be taking some other action?

Thanks for any help you can offer!!

  Secret-Squirrel 09:32 22 Nov 2013

That doesn't sound right at all. The legitimate removal tool usually runs when Windows Updates are being installed and doesn't normally display a UAC message.

I recommend you scan your PC with the free version of Malwarebytes Anti-Malware - you can get it from here. Note: towards the end of the installation of MBAM make sure you untick the option to start the free trial of the professional (paid-for) version.

  vass289 10:41 23 Nov 2013

Thanks Secret-Squirrel,

I ran the program and it found and removed 107 objects. I recognised a lot as browser extensions etc. Not sure what most were. I re-started when prompted but unfortunately user account control popped up again asking to make changes on behalf of windows malware removal tool!

I appreciate your help regardless! Im sure that helped my system in other ways! :)

  Secret-Squirrel 14:44 23 Nov 2013
Answer

"I ran the program and it found and removed 107 objects.................unfortunately user account control popped up again"

Because MBAM and your regular AV product haven't detected anything malicious, I'm slightly less concerned.

The next time that pesky UAC window pops up, click the "Show Details" button and make sure that the program location points to C:\Windows\System32\mrt.exe. Next, click the "Show information about this publisher's certificate" link and make sure it shows "Microsoft Windows" in the "Issued to" and "Issued by" sections. Let me know what you discover before I suggest anything else.

  vass289 15:21 23 Nov 2013

Hi,

Checked everything as you described and it was all in order so took the plunge and clicked 'yes' to allow changes. It the just went to desktop and a notification popped up saying malicious software has been removed and that was it...

So i can only assume all went ok?

Really appreciated the help!

Thanks!

  vass289 15:27 23 Nov 2013

Oh... Just a thought that may explain this change!!

I run a music production program called Ableton Live. Often get CPU issues when there is a lot going on so i discovered on their forum that a program called 'Game Booster' helps give that programme more resources.

Im sure it stops Windows updates while the program is running. Just after reading your post about the software removal tool running while updates run might explain why it has been asking for a manual authorisation?

I have been finding that on start up i get a notification advising windows updates are not automatic and have to change that setting. Im assuming now that is linked to the AUC request also?

Should have mentioned that sooner but i didnt see the connection!!

Thanks!

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Best phone camera 2017

Stunning new film posters by Hattie Stewart, Joe Cruz & more

iPad Pro 10.5in (2017) review

28 astuces pour profiter au mieux de votre iPhone