Subj : Re: Malicious Software Removal Tool MRT.exe bogus infected files?
To   : All
From : [email protected]
Date : Thu Jan 31 2019 07:14 pm

Path:
eternal-september.org!mx02.eternal-september.org!feeder.eternal-september.org!n
ews.unit0.net!cyclone01.ams2.highwinds-media.com!voer-me.highwinds-media.com!pe
er01.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.c
om!Xl.tags.giganews.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!local2
.nntp.dca.giganews.com!nntp.earthlink.com!news.earthlink.com.POSTED!not-for-mai
l
NNTP-Posting-Date: Sat, 11 Jun 2016 14:40:41 -0500
Message-ID: <[email protected]>
Date: Sat, 11 Jun 2016 15:40:44 -0400
From: Ron Hardin <[email protected]>
X-Mailer: Mozilla 2.02 (WinNT; I)
MIME-Version: 1.0
Newsgroups: microsoft.public.windowsxp.help_and_support
Subject: Re: Malicious Software Removal Tool MRT.exe bogus infected files?
References: <[email protected]>
<[email protected]>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 25
X-Usenet-Provider: http://www.giganews.com
NNTP-Posting-Host: 71.54.71.88
X-Trace:
sv3-CmMhFUXn48cFrmY93KozbLzKpT1p0dkJ6uLrykUgmSn+tr1hmHdPxamkYzDTUF5mtKafFblW4W5
DaSU!npxTrou2qV4nHOKEx9+1vR1E6oB3Op11YeRrpBz9V9/2j8pjHhJV8CJd/gvxC6RPDjATogAHjJ
+o!Kd4mimf5
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint
properly
X-Postfilter: 1.3.40
X-Original-Bytes: 1927
X-Received-Body-CRC: 1025399669
X-Received-Bytes: 2180
Xref: mx02.eternal-september.org
microsoft.public.windowsxp.help_and_support:31853

JJ wrote:
>
> On Sat, 11 Jun 2016 11:12:23 -0400, Ron Hardin wrote:
> > MRT.exe, if you run it explicitly (say download it
> > after the second Tuesday from Microsoft instead of
> > getting it from Windows Update) during its scan
> > reports 4 infected files, but at the end reports
> > no files infected.
>
> It's glitch that proofs anti viruses use white-listing.

That's not a mistake.  The legitimate files do something that would be
suspicious
in an imported file so they check for it.  If it's the legitimate file, they
ignore it.

But that's guesswork.

I can't run the modern AVG antivirus because it quarantines some .dll
components
of the old Cygwin version I use, which defeats the whole point of the computer.

That needs whitelisting.
--
[email protected]

On the internet, nobody knows you're a jerk.
--- Platinum Xpress/Win/WINServer v3.1
* Origin: Prison Board BBS Mesquite Tx  //telnet.RDFIG.NET www. (1:124/5013)