Windows Malware removal tool under monitoring

Discussion in 'Prevx Releases' started by aieie, Sep 11, 2013.

Thread Status:
Not open for further replies.
  1. aieie

    aieie Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    175
    Hello,

    Just noticed that the Windows Malware removal tool - September 2013 (process mrtstub.exe) is executed under monitor state and not as allow.

    Is it normal?

    I think it'd be better if every component of windows updates is in allow state.

    Best Wishes
     
  2. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    Strange ... I don't have this process running at all. This removal tool runs only at once. Did you reboot after MS updates?
     
  3. aieie

    aieie Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    175
    This process is present only when applying the monthly removal tool.
     
  4. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    Yes, I know. Back to your point ... the removal tool is monitored because heuristics says so. This process is new and thus handled accordingly. It's closely related to Age and Popularity.
     
  5. aieie

    aieie Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    175
    I could've left this without writing since it happens once a month but on one of my PC...........I had blue screens at first reboot after WU, this time I noticed the monitor behaviour and changed it to allow...........and no BSOD on reboot.................

    It could be a coincidence, but still...........
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Could you send the minidump from your BSOD to my username at gmail.com? Monitoring the Malware Removal Tool shouldn't cause problems but I'd rather rule it out than speculate.

    Thanks!
     
  7. aieie

    aieie Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    175
    Sorry for the long time before answering.........email sent.
     
  8. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Thanks - I've analyzed the dump file and am not seeing anything related to WSA - it is due to nv4_disp.dll causing the graphics driver to spin in an infinite loop, waiting for the hardware to become idle. You may perhaps want to try updating your graphics driver if that fixes it.

    Hope that helps!
     
  9. aieie

    aieie Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    175
    Many thanks, Joe :)
     
Thread Status:
Not open for further replies.