Windows Enterprise Desktop

Jan 19 2009   4:48PM GMT

Windows Malicious Software Removal Tool



Posted by: Ed Tittel
Tags:
antimalware
antispyware
antivirus
HijackThis
rootkit
Windows Malicious Software Removal Tool (mrt.exe)
Windows Update
Windows Vista
Windows Vista troubleshooting

Like clockwork, Microsoft proffers up a new version of the Windows Malicious Software Removal Tools on each and every Patch Tuesday. In January, 2009, that item is described in Knowledge Base article KB890830. This tool is not intended to replace anti-virus or anti-spyware tool, but it can be nice for Vista admins to recognize that the tool gets updated monthly and can more or less be guaranteed to be present on Vista PCs as long as:

  • Updates get pushed to Vista desktops regularly
  • The list of pushed updates includes the current Windows Malicious Software Removal Tool

Just for grins, I decided to dig up and learn the details involved in using this tool. The name of the executable file is mrt.exe, which is actually the recommended string to launch the tool as well (simply type mrt.exe into the Vista search box, and it’s off and to the races).

Once you fire off this program, it presents a window on the desktop that looks like this:

The Malicious Software Removal Tool Reports status as it scans

The Malicious Software Removal Tool Reports status as it scans

As it’s running, mrt.exe can consume some resources, however. Check out these screen caps from my Sidebar CPU usage widget and Task Manager’s process window, captured about the same time as the preceding screenshot:

CPU consumption usually runs about 25% for this program

CPU consumption usually runs about 25% for this program

Task Manager shows that the mrt process is pretty active

Task Manager shows that the mrt process is pretty active

The good thing about mrt.exe is that if admins need to help users cope with possible malware infestations on the road, it’s nearly always safe to assume that this tool will be available on the machine, ready to use to help track down and possibly clean up what ails it. That said, mrt.exe can be the only tool in the clean-up arsenal, where special purpose diagnostic tools such as HijackThis or various rootkit detectors must often play a role, and where special purpose one shot clean up tools from various antimalware vendors must also occasionally be called into play.

But as tools go, this one ain’t bad, and it’s never too far from any Vista machine, either. If there’s one downside to mrt.exe, it’s speed: on a test scan on my production Vista PC (Ultimate, with about 90 GB of files spread across 3 hard disks) the program took over 3 hours to perform a complete, in-depth scan of my system. Savvy admins will have tired road warriors fire this off before an extended break, or before bedtime, to help their charges avoid excessive losses of computing cycles on their traveling machines.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: