Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Streange blocked behaviour on my computer. Is this a Virus?


  • Please log in to reply
3 replies to this topic

#1 Diogo M

Diogo M

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 13 May 2015 - 09:46 AM

Hey, 

I am currently using Total Internet Security 360 and I haven't received any virus warnings or notifications for a ong time (I try to be as careful as possible with what I do on my pc), and earlier today I received a few weird notifications (one after another) from my Anti Virus saying the following:

 

2015-05-13 14:27:42 Modify key system DLL [Auto-blocked]
Detailed description:
Process:C:\WINDOWS\Sysnative\MRT.exe
Action:Trying to modify
Path:C:\Windows\Temp\330D89F9-05E9-49A7-B310-DF76F22205BD\DEVINV.DLL
2015-05-13 14:27:41 Modify key system DLL [Blocked]
Detailed description:
Process:C:\WINDOWS\Sysnative\MRT.exe
Action:Trying to modify
Path:C:\Windows\Temp\330D89F9-05E9-49A7-B310-DF76F22205BD\DEVINV.DLL
2015-05-13 14:27:34 Modify key system DLL [Blocked]
Detailed description:
Process:C:\WINDOWS\Sysnative\MRT.exe
Action:Trying to modify
Path:C:\Windows\Temp\DEVINV.DLL
 
I've made a search and apparently Sysnative is System32 so the MRT.exe is the real one. I've also tried to search if I had other instances of MRT.exe in my PC and only found the one in System32.
 
I would like to know if this could be indeed a virus or just my anti-virus giving a false warning.
Thanks for any feedback in advanced.


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:03:28 AM

Posted 13 May 2015 - 09:50 AM

Hi there,

MRT.exe is the Microsoft Malicious Software Removal Tool, and thus part of Windows. It is safe and regularly updated by Microsoft to scan for malware on your system.

Qihoo 360 is known for its high false positive rate, so I would not be surprised if it does that.

Regards,
Alex

#3 Diogo M

Diogo M
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 13 May 2015 - 09:58 AM

Hi there,

MRT.exe is the Microsoft Malicious Software Removal Tool, and thus part of Windows. It is safe and regularly updated by Microsoft to scan for malware on your system.

Qihoo 360 is known for its high false positive rate, so I would not be surprised if it does that.

Regards,
Alex

 

That was what I thought. Thank you for you help :)



#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:03:28 AM

Posted 13 May 2015 - 10:00 AM

No problem :) Have a nice (malware-free) day!

Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users