What is MRT.exe (Windows Malicious Software Removal Tool)

Do you happen to see a lot of disk activity and you’re wondering what the MRT.exe is? Also, here are some infos why you should *not* delete the MRT.exe or disable anonymous reports.


What is MRT.exe

What is it?

MRT.exe is the Windows Malicious Software Removal Tool. It scans for malicious files like viruses in the background and is updating itself every patch day (second Tuesday in a month). The program (MRT.exe) will have a lot of disk activity at specific times and is also sending anonymous data to Microsoft about viruses and problems. There’s nothing wrong with that, in fact it’s a positive sign when the MRT.exe is running in the background.

Where is the MTR.exe located?

MRT.exe can be found in C:/Windows/system32 .. any other path should be considered a security warning and analysed immediately!

Do I need the MRT.exe

If you have secured your system with other security tools, such as Malwarebytes, SuperAntiSpyware, Search & Destroy or Adware (Top5 Spyware Scanner for Windows 7), you may not need the MRT.exe. You can disable the Windows 7 security center completely AND delete the file MRT.exe after creating a backup. However, I advise you not do this, more below.

Is it safe to delete MRT.exe?

Yes, you can safely delete the MRT.exe. However, I urge you not do this if you want to keep your PC secure. Only if you have encountered problems with that specific program I would consider removing it. Also, before you remove the MRT.exe create a backup, although you can probably restore it via sfc.exe anyway since it’s stored in the system32 folder.

I want to keep the MRT.exe, but disable anonymous reports. How?

You may want to disable anonymous reports that are send to Microsoft. However, since it is anonymous this is not a security-risk and will help Microsoft to improve their tool to find even more viruses.

Unfortunately, virus creators attack more and more endusers with viruses that are not recognized. Keep in mind, viruses that are not very common can often not be identified by anti-virus software. Therefore security firms rely on anonymous reports to find new viruses! You can actively help to find new viruses if you enable anonymous reports.

If you still want to disable anonymous reports, you may download this registry key: Disable anonymous MRT.exe reports

Alternatively, you can copy the following text into a notepad and save it as a .reg file, then execute via double-click:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT]
“DontReportInfectionInformation”=dword:00000001

5 of 5 0 (100%) 1 vote
- Cheers!


Written by:
Oliver is the founder and lead editor of this site. He is interested in finding new ways to break Windows, find common errors and help others to fix them. Aside from that, he loves to fully customize systems with Rainmeter and Dreamscene, find out more about ancient civilizations like the Chachapoya, sharpen his digital photography skills and create software with a small group of selected developers. If you would like to connect with him to discuss anything, send him a mail!

Learn More About.Me

Follow me on Twitter for daily updates: Twitter Follower

Contact The Author:
support@windows7themes.net Get Free Help.png

Connect With Our Site:

facebook google twitter


Need help? Ask a question at our QA site, click the red button to get started:

One Response to What is MRT.exe (Windows Malicious Software Removal Tool)

  1. Orange Community Approved Comment:
    wildcatherder said:

    You should note that RadioTime’s RedButton software (an Internet radio scheduler recorder) also runs a file called MRT.exe. It consumes 2% of CPU resources when playing back its files, perhaps more during recording (multiple sources can record simultaneously).

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Current day month ye@r *