What is the Malicious Software Removal Tool?

In early 2005, Microsoft started releasing a software product called the Microsoft Malicious Software Removal
Tool. Its a monthly update released on the second Tuesday of each month (Patch Tuesday) to help scan user's computers
and remove viruses and malware. MRT uses a signature database they update on a monthly basis. Because this database does not have virus signatures and patterns for EVERY virus in the wild, its meant to just help prevent the infection and spread of the most prevalent issues. For this reason, you should still run antivirus software on your computer even though the Malicious Software Removal Tool is being run on your computer.

Normally, this removal tool is downloaded via Windows Update and runs silently in the background to check for infections on the computer. It runs a quickscan for the worst infections, but what if you would like to use the removal tool to run a more thorough scan of your computer. We'll show you how to manually start the MSRT and how to run a thorough scan for problems.

How to Run the Malicious Software Removal Tool Manually

Follow the steps below to open MSRT and change the default settings.

1) Click on Start, Run
2) Type MRT and Press Enter
3) You'll be presented with the following screen, click on the Next button

4) Normally, the removal tool runs the Quick Scan, but for more thorough results, choose FULL SCAN and click Next

5) Now the Malicious Software Removal Tool will scan your entire hard drive for infections and problems.

6) Once the scan is completed, you should see the following screen if your computer is free of infection.

7) If you click on the View Detailed Results of the Scan option on the Results page you should see which viruses, worms, and trojans the removal tool scanned for and if an infection was found.

8) Click Finish on the Scan Results page to exit the Microsoft Malicious Software Removal Tool

Log File Results

Whether you manually run the removal tool or it runs automatically when downloaded from Windows Updates, you may want to view the scan results log to see what it scanned for and what it found. The log file (mrt.log) will be found in the Windows\Debug folder. If you are running Windows XP or Windows Vista, this file is probably located at

c:\windows\debug\mrt.log

Follow the instructions below to open it.

1) Click on Start, Run
2) Type the following and Press Enter

notepad c:\windows\debug\mrt.log

3) The log file will open in Windows Notepad. Each scan will log its results in the file. If you had an infected file, you will see something like the following in the log file.


Microsoft Windows Malicious Software Removal Tool v1.33, September 2007
Started On Sat Sep 15 21:41:52 2007

Extended Scan Results
----------------
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
Found virus: Backdoor:Win32/Nuwar.B!ini in file://C:\Documents and Settings\Mark\spooldr.ini
Found virus: Backdoor:Win32/Nuwar.B!ini in file://C:\Documents and Settings\Mark\Desktop\Virus Info\spooldr.ini
Found virus: Trojan:Win32/Tibs.DC in file://C:\System Volume Information\_restore{3C8729AD-DC07-4E82-8FC5-363FFE9EB86D}\RP14\A0020913.exe

4) Click on the X in the upper right corner to close Notepad

More Information

For more information on the Microsoft Malicious Software Removal Tool visit their help page or click on the following link to go to the home page for the removal tool

Microsoft Malicious Software Removal Tool Page

How to Remove Antivir Antivirus

Another great free antivirus program is called Antivir. It does not take up a lot of system resources and is excellent at quarantining viruses and other nastyware. However, like all other antivirus products, there may be times when you need to uninstall or remove it. Corrupted virus signatures have caused it not to update properly, or it wont start properly and it needs to be reinstalled. Maybe corrupted files are causing 100% CPU usage. These and other issues can cause you to uninstall and reinstall your antivirus product.

Whatever the reason for needing to uninstall Antivir, I've listed the best procedure for doing this below:


Normal Uninstall

The first thing you want to try is to locate AntiVir in the Add/Remove Control Panel and try to remove it from there. Follow these instructions to accomplish this.

1) Click on Start, Control Panel
2) Open Add/Remove Programs
3) Find AntiVir in the Programs list and highlight it
4) Click Remove and follow the prompts to uninstall Antivir

What if Windows Security Center Shows AntiVir or other muliple Antivirus products installed

One quirk with AntiVir causes it to still show up in the Windows Security Center even when its been uninstalled properly. If this is the case, please refer to this article to resolve it.

http://www.pchell.com/support/multiple_antivirus_in_security_center.shtml


Using the AntiVir Registry Cleaner

If for some reason the normal uninstall does not work, you may have to download AntiVir's registry cleaner utility to remove all traces of it from the registry and allow you to reinstall it.

1) Click on the following link and download the AntiVir Registry Cleaner to your desktop

http://dl.antivir.de/down/windows/registrycleaner.zip

2) Create a folder on your desktop called Antivir and Unzip the file to your desktop
3) Double-click on the file called RegCleaner.exe to run it

4) Since the program is German, you'll have to click on the button called "keys asulesen" to search the registry for any issues. Then place checkmarks next to the registry entries you wish to delete.

5) Finally, click on the button called "loschen" to delete the keys

6) Restart your computer and try to reinstall your antivirus

How to Remove AVG Free Antivirus

AVG Antivirus by Grisoft is a great free antivirus program
that I recommend to many people. However, there are times when it must be uninstalled. Corrupted virus signatures have caused it not to update properly, or it wont start properly and it needs to be reinstalled. If a new email client has been installed after AVG, you'll need to uninstall it and reinstall
it so this email program is protected.

Whatever the reason for needing to uninstall AVG, I've listed the best procedure for doing this below:
Normal Uninstall

The first thing you want to try is to locate AVG in the Add/Remove Control Panel and try to remove it from there. Follow these instructions to accomplish this.

1) Click on Start, Control Panel
2) Open Add/Remove Programs
3) Find AVG in the Programs list and highlight it
4) Click Remove and follow the prompts to uninstall AVG Free

Is There an Uninstall Utility?

Unfortunately, at this time Grisoft, the maker of AVG, does not have an uninstall utility for AVG. The recommended procedure is a time consuming one. You must download the latest version of AVG from the website, and then run it.

1) Click on the following link and download AVG to your desktop

http://free.grisoft.com/doc/5390/us/frt/0

2) Double-click on the downloaded file to run it
3) AVG will present you with three options to choose from. Choose the Uninstall option to completely uninstall AVG

Add/Remove Components - choose if you want to add/remove some components or reinstall the entire AVG program
Repair installation - this option repairs or reinstalls missing or damaged components of AVG
Uninstall - this option removes the AVG program from your PC

4) Once the uninstall has completed, restart your computer. You can then proceed to install another antivirus or install AVG again.

How to Remove Avast Antivirus

Even though Avast is one of my favorite antivirus products, there have been times when I've needed to uninstall or remove it. Corrupted virus signatures have caused it not to update properly, or it wont start properly and it needs to be reinstalled. Maybe corrupted files are causing 100% CPU usage. These and other issues can cause you to uninstall and reinstall your antivirus product.

Whatever the reason for needing to uninstall Avast, I've listed the best procedure for doing this below:
Normal Uninstall

The first thing you want to try is to locate Avast in the Add/Remove Control Panel and try to remove it from there. Follow these instructions to accomplish this.

1) Click on Start, Control Panel
2) Open Add/Remove Programs
3) Find Avast in the Programs list and highlight it
4) Click Remove and follow the prompts to uninstall Avast

Using the Avast Uninstall Utility

If for some reason the normal uninstall does not work, you may have to download Avast's own Uninstall Utility.

1) Click on the following link and download the Avast Uninstall Utility to your desktop

http://files.avast.com/files/eng/aswclear.exe

2) Double-click on the file ASWCLEAR and run it
3) You should see the following screen



4) Click on the ellipsis and choose the folder where Avast is installed. This folder is usually in the Program Files directory. Ex. C:\Program Files\Avast

Be very careful which folder you choose since whatever folder is chosen will be completely deleted from your computer.

5) Once the uninstall has completed, reboot your computer. You may then try to reinstall it or another antivirus.

If for some reason the uninstall utility does not remove it, you may have to reinstall a newer version of Avast to then proceed to uninstall or you may have an issue where multiple antivirus programs are showing in the Windows Security Center.

Download the latest version of Avast