Problem solve Get help with specific problems with your technologies, process and projects.

Built-in Malware Scanning via MRT.exe

There are times on Windows PCs when a malware scan is a good idea, even if some kind of anti-malware program is resident. That’s probably why Microsoft updates its own malware scanning tool, known as the Malicious Software Removal Tool aka MRT.exe, on a monthly basis. It also runs that tool at the same frequency in the background (when the updates for Patch Tuesday get run). Although you can turn to excellent and free third-party tools such as Trend Micro’s HouseCall or MalwareBytes Anti-Malware (aka MBAM) instead, you can also run built-in malware scanning via MRT.exe any time you like (it resides in the %Windir%\System32 directory).

Type MRT.exe into the Win10 search box, and presto! you can run it directly and immediately.

Any Downsides to Built-In Malware Scanning via MRT.exe?

The foregoing section head poses a reasonable question regarding a tool updated once a month. Certainly, you should understand why Microsoft states that MRT is not, and can never be, a replacement or substitute for anti-malware software. It offer no real-time protection as such software invariably does, and its infrequent update cycle means it can’t keep up with the most current (or zero-day) threats. But if you should ever find yourself in urgent need of a quick malware scan — especially in a situation where you have no Internet acccess, or have deliberately disabled such access to prevent a presumed infection from propagating — MRT.exe should almost always be available for immediate and direct use on any modern Windows PC (versions 7, 8, 8.1 or 10, in other words).

Check-ups/Clean-ups for Malware Scanning via MRT.exe

Because the tool goes poking around amidst sensitive and critical system files — and may even attempt deletions and clean-up in the %windir% folder hierarchy — you must run the program from an administrative account (usually, an account that’s a member of a local or domain administrators’ group for the target PC). Otherwise, the tool won’t have sufficient permissions to do its job properly. It runs pretty much on its own and doesn’t require user input once launched. The tool does take some while to run (and explains why Windows Update often takes as long as half an hour to complete). Even on my way-fast production PC with its Samsung 950 NVMe SSD, the program took more than 10 minutes to run to completion.