What is the Malicious Software Removal Tool?


To totally unlock this section you need to Log-in


Login

In early 2005, Microsoft started releasing a software product called the Microsoft Malicious Software Removal Tool. Its a monthly update released on the second Tuesday of each month (Patch Tuesday) to help scan user's computers and remove viruses and malware. MRT uses a signature database they update on a monthly basis.

Because this database does not have virus signatures and patterns for EVERY virus in the wild, its meant to just help prevent the infection and spread of the most prevalent issues. For this reason, you should still run antivirus software on your computer even though the Malicious Software Removal Tool is being run on your computer.

Normally, this removal tool is downloaded via Windows Update and runs silently in the background to check for infections on the computer. It runs a quickscan for the worst infections, but what if you would like to use the removal tool to run a more thorough scan of your computer. We'll show you how to manually start the MSRT and how to run a thorough scan for problems.

How to Run the Malicious Software Removal Tool Manually

Follow the steps below to open MSRT and change the default settings.

1) Click on Start, then Run (or use Windows Key + R);
2) Type MRT and press Enter;
3) You'll be presented with the following screen, click on the Next button...

What is the Malicious Software Removal Tool?

What is the Malicious Software Removal Tool?

Normally, the removal tool runs the Quick Scan, but for more thorough results, choose Full Scan and click Next:

What is the Malicious Software Removal Tool?

What is the Malicious Software Removal Tool?


[tweet]

Now the Malicious Software Removal Tool will scan your entire hard drive for infections and problems.

What is the Malicious Software Removal Tool?

What is the Malicious Software Removal Tool?

Once the scan is completed, you should see the following screen if your computer is free of infection.

What is the Malicious Software Removal Tool?

What is the Malicious Software Removal Tool?

If you click on the View Detailed Results of the Scan option on the Results page you should see which viruses, worms, and trojans the removal tool scanned for and if an infection was found.

What is the Malicious Software Removal Tool?

What is the Malicious Software Removal Tool?

Click Finish on the Scan Results page to exit the Microsoft Malicious Software Removal Tool.

Log File Results

Whether you manually run the removal tool or it runs automatically when downloaded from Windows Updates, you may want to view the scan results log to see what it scanned for and what it found. The log file (mrt.log) will be found in the Windows\Debug folder. If you are running Windows XP or Windows Vista, this file is probably located at:

C:\Windows\debug\mrt.log

Follow the instructions below to open it:

1) Click on Start, Run;
2) Type the following and press Enter.

notepad c:\windows\debug\mrt.log

The log file will open in Windows Notepad. Each scan will log its results in the file. If you had an infected file, you will see something like the following in the log file.

Microsoft Windows Malicious Software Removal Tool v1.33, September 2007
Started On Sat Sep 15 21:41:52 2007

Extended Scan Results
----------------
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
Found virus: Backdoor:Win32/Nuwar.B!ini in file://C:\Documents and Settings\Mark\spooldr.ini
Found virus: Backdoor:Win32/Nuwar.B!ini in file://C:\Documents and Settings\Mark\Desktop\Virus Info\spooldr.ini
Found virus: Trojan:Win32/Tibs.DC in file://C:\System Volume Information\_restore{3C8729AD-DC07-4E82-8FC5-363FFE9EB86D}\RP14\A0020913.exe

Click on the X in the upper right corner to close Notepad.

Download Malicious Software Removal Tool

You'll be able to download this anti-malware program, written by Microsoft, going to this page: http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Enjoy and stay protected. :)

1 thought on “What is the Malicious Software Removal Tool?”

Comments are closed.