This Malicious Software Removal Tool which Microsoft sends around
every month; usually, I download this tool and have it installed
automatically, but I really do not know what it is doing. Is it doing
it automatically or does it have to be activated?
I once downloaded this tool as a separate item and then I could run
it on it’s own, however, I ended up in Windows Defender. Does that mean
that this tool is a part of Windows Defender and sort of an update? I
could not find anything about this in all my computer books.
Microsoft’s “Malicious Software Removal Tool” is somewhat mysterious.
It shows up in Windows updates, apparently gets installed, and then
Not quite. Let’s look at what Microsoft says, how I interpret it,
and just what the MSRT does.
Here it is, straight from the horses mouth:
The Microsoft Windows Malicious Software Removal Tool checks computers running Windows Vista, Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software-including Blaster, Sasser, and Mydoom-and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.
My take is that it’s a little of each, but not a replacement for either.
First, realize that the definitions of “spyware” and “virus” are somewhat arbitrary, and blurry. Many things we think of as one are really the other, or even some blend of both.
That’s why the term “malware” is actually more accurate: malicious software. The term covers both.
I believe that the MSRT exists in part because even after all this time many people do not run anti-malware tools. They should, but they don’t. The MSRT focuses on the most prevalent, the most malicious, and removes them when found. It doesn’t scan regularly, look for updates or monitor or anything like that, it just runs, looks for a specific and pre-defined set of known threats and removes them.
And it’s part of Windows Update so that more people will get it, automatically, when they take updates to Windows.
It’s unclear exactly how often MSRT runs – the wording on the site actually implies that it only runs once a month, presumably when it’s updated.
One thing that is clear is that it reports back to Microsoft what it finds. Note that this is anonymous – nothing about you or your system is included. It’s used by Microsoft to track the rates at which various malware are being found. Once again, quoting Microsoft:
The Malicious Software Removal Tool will send basic information to Microsoft if the tool detects malicious software or finds an error. This information will be used for tracking virus prevalence. No identifiable personal information that is related to you or to the computer is sent together with this report.
The MSRT does not have to be activated, it just runs when it runs.
It’s not a replacement for anti-virus and anti-spyware software. You still need to make sure that you have appropriate anti-malware tools installed and running in addition to whatever the MSRT might be doing.