Some questions about the Microsoft Windows Malicious Software Removal Tool (MRT)
Does this program automatically run? If so, when and how often? Is it automatically updated? How do you disable it? How can you tell if it is running? What versions of Windows is it installed on?
Solution 1:
Microsoft's Malicious Software Removal Tool is a free tool for Windows XP and Vista (and probably Windows 7) which scans computers and removes specific malicious software. It is automatically updated on the second tuesday of every month via Windows Update. You can find it in the in the 'C:\Windows\System32
' folder, its name is mrt.exe
.
If you don't find this file there, it's a sign that it is not installed on your computer. But you can download it from the Microsoft Download Center. There is a 32bit and 64bit version.
After the installation or update, it automatically runs in the background and removes viruses if there are any creating the report file mrt.log in the 'C:\Windows\Debug'
folder.
You can tell if it runs, searching the Windows Task Manager for "mrt.exe".
You can run it "manually" in interactive mode too, typing mrt.exe in the "Run Window" (or search field of Windows Vista - Vista will UAC-prompt you.)
There are some switches for running the mrt.exe manually:
-
/Q
or/quiet
- runs the tool in quiet mode. This option suppresses the user interface completely -
/N
- runs in detect-only mode. In this mode, any detected malicious software will be reported but it will not be removed -
/F
- performs a full scan of the computer without removing any infections that are found -
/F:Y
- performs a full scan of the computer and automatically cleans all the found infections -
/?
or/help
- displays usage information.
The tool is not a replacement for a “real” antivirus program, because its virus list is limited and updated only once a month.
Solution 2:
It only runs after the Windows updates are receieved, right after it is updated I believe; you can always run it manually if you want. Any system that has automatic updates enabled has it.