Microsoft Windows Malicious Software Removal Tool(MRT)

[Tenshou]

Does anyone know what this is, I found it one day(today) on my computer and I am not sure what it is or what to do with it, I ran it it and... it is still running, does anyone know if this is real software or some fake software.

 

[jim mcnamara]

No it is real. If you read the KB###### number associated with it and then look it up on Micosoft Technet or MSDN, it will explain which malicious software it removes. And normally you only run it for that one set of malware. If you have the malware on your machine. In the first place.

I would also commend to your attention the concept that running odd programs you find on your machine and do not understand is a potential disaster in the making.

If you are not running a quality malware protection suite already, then: MS Security Essentials is free and high quality, consider using it.

http://windows.microsoft.com/en-us/windows/security-essentials-download

Edit: you get the KB##### number of the security patch by looking in (windows 7 )

Control Panel - program - programs and features - installed updates

 

[Tenshou]

Thank you, this was very helpful information :) I owe it to you.

 

[schema]

Just a side note. If you are ever in question of programs running on your computer, there are a few ways to audit the validity of the processes, and more importantly, hidden processes. There are a few free tools out there that you can use to do this. I cannot ethically tell you specifcally what security tools to use, but I will say that CNET.com is one of the best, trusted resources for security related freeware. That would be a good place to browse.

A second, more complicated method is to procure a packet analsis tool and monitor your outbound traffic. I use Wireshark. It is trusted and free, as long as you get it from their offical website.

 

[Borg]

If you are not running a quality malware protection suite already, then: MS Security Essentials is free and high quality, consider using it.

http://windows.microsoft.com/en-us/windows/security-essentials-download

Just make sure that you don't already have another virus scanner already installed and running on your computer like I did one year. I went nuts trying to figure out why my laptop was randomly locking up and having BSOD (Blue Screen Of Death) episodes. It turned out that MS Security Essentials and another virus scanner were occasionally locking the same file in order to perform a virus scan on it. The conflict that resulted caused my computer to crash.

 

[B. Elliott]

+1 for the Security Essentials recommendation. Best overall protection software IMO. Lowest resource usage of any other program like it. Unobtrusive, well supported, lightweight, and best of all, free!

 

[harborsparrow]

I second what B. Elliott says above. It works quite well, is free, doesn't slow the machine down noticeably, and won't mess up your other software, which is more than I can say for any commercial anti-virus suite I've ever tried to use. Just, as others noted, be sure not to run it simultaneously with other anti-virus software.

 

[Turion]

Just as a FYI: MSE has failed anti-virus integrity tests so please pay caution.

 

[dlgoff]

+1 for the Security Essentials recommendation. Best overall protection software IMO. Lowest resource usage of any other program like it. Unobtrusive, well supported, lightweight, and best of all, free!

+1 for me too. IIRC Greg uses it too.

 

[Bill Simpson]

In all my installations Secunia Psi's free program to scan for buggy old versions, either the downloaded or the online version, complains that it has found an out of date MSRT. I don't know whether this is junk not cleaned up from the previous bug-patch-tuesday or if it a false positive from Secunia and I've never taken the time to track down the story behind that. This might have been how the original poster happened to discover MSRT.

The typical user, at least those who manually or automatically download all the high priority patches for bug-patch-tuesday, will have MSRT run once during that and not run it again until next month's version replaces it. It is possible to manually go get and run the current version, but I think few do.

I realize how much guesswork and folklore there is when dealing with computers and I understand that some unknown amount of mine is just wrong.

If it matters, I've run brand name security packages for decades and never turned those off during the monthly bug-patch-tuesday MSRT or other updates and I've never seen a crash or other problem with this. The only exception was the update to XP SP2. That broke some machines with or without a security package running.

When I've left novice owners with Microsoft Security Essentials installed I have found in two out of two cases that it had later somehow disabled itself, the little "house" icon just turns yellow or red and sits there protecting nothing. Some searches on the net have turned up other people reporting the same thing. Folklore is that this might be related to an update to MSE or a bug-patch-tuesday update that can leave MSE disabled, but I was never able to reliably demonstrate how to make that happen. I have had to go back and poke at it to get it operating again, uninstalling and reinstalling a couple of times with one of the users to get it working again. I did determine it wasn't the users turning it off, they wouldn't know how, or the machine getting infected, a common thing to blame this on.

My feeling is a security package disabling itself is simply inexcusable. I finally bought a multi-machine license for Mcafee and just load one copy on each machine I'm supposed to keep running. I've had software vendors groan when I call about a problem and tell them Mcafee is installed because they say it just will not give up and let them do anything they want to the machine. Mcafee, mean dog that won't just decide to stop protecting and sit there. I really like that.

Part of my folklore is also to never switch brands of security packages, pick one and stick with it unless you have an overwhelming reason to change. Each vendor seems much less interested in cleaning up after itself when uninstalling and much less competent at taking over a machine which had a different brand installed ten minutes ago.

If there was a router that had Mcafee or something equivalent running inside it, would never let net crud get onto the machines behind it and only cost an extra $25 over a regular router then I would buy a case of those, even if I had to pay a reasonable yearly fee for updates. I bought a used SonicWall once, but the pricing turned out to be more than I could justify for giving these away. And I really don't want to double the problem and the power and the heat and the reliablity by building another computer for every computer just to act as a security wall.

 

[harborsparrow]

Just as a FYI: MSE has failed anti-virus integrity tests so please pay caution.

This claim keeps coming up, so I'd like to comment about it. In side-by-side comparisons, some commercial packages apparently do provide more extensive protection--but at the cost of also being more intrusive and having a higher likelihood of interfering with some software, and perhaps also slowing down a machine.

The main thing to know is, that Microsoft Windows Defender, or Security Essentials, has passed, and continues to pass, the anti-virus industry's certification tests as shown at this link:

https://www.icsalabs.com/technology-program/anti-virus/av-monthly-testing-reports

And this means, that is it reasonably effective. It is also free and won't screw up or drag down your computer. To people in a corporate environment where security is paramount, it might not be enough. To private users at home, it might be enough. I've used it for several years now and had no problems whatsoever. I've also used Symantec and other commercial packages on my work machines during the same years, and I have experienced multiple cases of the anti-virus packages interfering with other software and slowing down machines. I've also found the companies such as Symantec to be infuriating to deal with when renewal time came around.

Just trying to give accurate information here. Sometimes the "cure" is worse than the illness, and that's the way I've come to feel about many of the commercial packages that are marketed so aggressively.

I do run commercial anti-virus software on my servers. But not at home. At home, I just do regular backups and breath a little.

Deciding on which anti-virus approach is like deciding whether to get chemo if you have cancer. Chemo *might* prolong your life, but it would almost certainly decrease the quality of your remaining life. OK, computer viruses are trivial as compared with cancer. But I've wasted a lot more time cursing anti-virus software than I have cleaning up from computer viruses, so looked at as a whole, these decisions are difficult.

When my users' data is at risk, I get a commercial package, period. But not for myself.