Microsoft’s Malicious Software Removal Tool Focuses On Families – Malware Families, That Is

imageLike it or not, (what’s not to like), you get scanned once a month – provided that is, you update your Windows OS on the second Tuesday of each month (fondly known as Patch Tuesday).

Malware comes, and malware goes. Not all malware of course, but the majority of malware doesn’t stick around very long – just a few days in many cases. Still, with upwards of 300,000 new malware samples every day (according to some estimates), AV solutions could soon be overrun in the race to keep pace with this onslaught. Luckily, malware can often be be grouped by families (malware with inherited characteristics), and that’s where Microsoft’s Malicious Software Removal Tool specifically, comes into play.

The Malicious Software Removal Tool, which is updated monthly, is included with Patch Tuesday’s Windows Update and once activated – runs in the background targeting specific, prevalent malware families. If an infection is found, the tool will remove the malware (hopefully), and provide a report on any actions taken.

A list of malicious software detected and cleaned by the Malicious Software Removal Tool is available here.

If you wish, you can download and then run this tool manually, as required. The latest edition of the tool is always available at the Microsoft Download Center.

System requirements: Windows 7, Windows Server 2003, Windows Vista, Windows XP

You might wonder as to why Microsoft would make a point of including this AV scanner as part of Windows update. Here’s why (in my view) – an astonishingly large number of users don’t have any security applications installed or, an installed AV solution’s databases is rarely (if ever) updated.

If you take issue with this statement (and that’s fair), then test it by asking a typical user friend/s to name their AV application; tell you the last time they updated the database and, if they recall the last time they ran a malware scan. I think you’ll be disappointed with the response.

A website worth taking note of: Microsoft Consumer Security Support Center.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

About these ads

4 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Freeware, Malware Removal, Microsoft, Microsoft Patch Tuesday, Software, Windows Tips and Tools, Windows Update

4 responses to “Microsoft’s Malicious Software Removal Tool Focuses On Families – Malware Families, That Is

  1. Hi Bill ~ Thanks for this post. It’s downloaded in my patches, but I’ve paid it no attention until now. Hope I’m not asking too many questions here !

    You write:

    The Malicious Software Removal Tool [...] is included with Patch Tuesday’s Windows Update and once activated – runs in the background…

    Q1. Is this an automatic activation ? I think it is because this from MS kind of implies it is:

    If an infection is found, the tool will display a status report the next time you start your computer

    Q2. What’s the name of the process/service ?
    Q3. Does it overwrite old instances of itself ?
    Q4. Where does it install on my 64-bit machine ?

    Cheers !

    • Hi Michael,

      The Malicious Software Removal Tool installs in a temp folder, and then deletes the folder following the scan which is automatically triggered. Btw, the temp folder is randomly generated and is created directly to the root of the system drive.

      As for the name of the process – there won’t be a service – I haven’t taken a look while it’s been running and so, I don’t know. :)

      Good questions that I should have covered in the post. Glad you brought them up.

      Best,

      Bill

  2. Thats Totally True Bill,, people don’t care about their AV or even updating it .. i myself know some of my friends who doesn’t care about that but being protected is always good thing ;)
    i always make sure to update my Computer and my AV ;)