Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: How To Use Windows Malicious Software Utility  (Read 126683 times)

0 Members and 1 Guest are viewing this topic.

evilfantasy

    Topic Starter
  • Malware Removal Specialist


  • Genius
  • Calm like a bomb
  • Thanked: 493
  • Experience: Experienced
  • OS: Windows 11
How To Use Windows Malicious Software Utility
« on: October 18, 2008, 03:57:39 PM »
Microsoft Windows Malicious Software Removal Tool is a free tool which helps to remove specific malicious software from computers which run Windows operating systems. After it is installed, it silently runs in the background and removes the malicious software that it finds. When the detection and removal process is complete, the tool generates a report describing the outcome of the scan. It’s actually a free but basic anti-virus, anti-worm and anti-Trojan security utility that is provided by Microsoft to protect and secure Windows Vista, Windows XP, Windows 2000 and Windows 2003 system by way of post infection removal.
 
Where To Find MRT.EXE
 

 
By default, the tool can be found in the C:\Windows\System32 folder. Once you open this location, search for a file called mrt.exe. If you don’t find this file, it means that this tool is not installed on your PC. In this case you can download it directly from the Microsoft Download Center. The 64 bit version can be found here.

A quick way to launch the tool is to go to Start > Run and type mrt.exe then click OK.

How To Use It
 
After opening MRT.EXE, you’ll see the Welcome window, click Next.
 

 
Now you need to select the type of scan you want the tool to perform. You have three possible options: Quick scan, Full scan and Customized scan. If you did not scan your PC before and you don’t have a reliable antivirus solution installed, you might want to select Full scan. Once you selected the option you prefer, click Next.

 
It will start scanning your computer and show you the status of the scan. If malicious software has modified (or infected) user files on the computer, the tool will prompt you to remove the malicious software from those files. You can choose to clean specific files or all infected files found. Note that some data loss is possible during this process and that the tool may not be able to restore some files to the original, pre-infection state.
 

 
When finished you will see the results. In my case, no malicious software was detected. Now click Finish and the tool will close.
 

 

 
The program does not have any shortcut in Start Menu nor desktop or Quick Launch area. Actually WMSRT runs in the background once every month without your knowledge, if you have installed MSRT. If you feel like running the tool to check your system manually for frequency more than once a month, or suspecting your system is infected and want to run the MSRT to clean the infection, or simply want to display view the results of the scan (by default everything is silent unless infected), you can manually execute and run the tool with the following command:
 
Code: [Select]
MRT.EXE
You can type this program name in command prompt, or Run command box, or in Start Search in Vista. Note that users must log on to the computer by using an account that is a member of the Administrators group to use the Malicious Software Removal Tool. In Vista, user needs to give User Account Control permission to continue.
 
 
WMSRT MRT.exe supports four command line switches listed below, which is optional and most of the time not necessary unless you’re administrator for corporate network:
 
  • /Q or /quiet - Use quiet mode. This option suppresses the user interface of the tool.
  • /? - Display a dialog box that lists the command-line switches.
  • /N - Run in detect-only mode. In this mode, malicious software will be reported to the user but will not be removed.
  • /F - Force an extended scan of the computer.
  • /F:Y - Force an extended scan of the computer and automatically clean any infections found.
« Last Edit: April 02, 2009, 05:08:55 PM by evilfantasy »