mrt.exe | The Microsoft Removal Tool | Is It Safe? How To Remove

Mrt.exe is a legitimate executable file developed by Microsoft and stands for ‘Microsoft Removal Tool’.

Whilst it is not a core process in Windows, removing or disabling mrt.exe is not recommended as it helps guard against malware.

Unfortunately, however, hackers sometimes name viruses ‘mrt.exe’ to fool users and hence it is important to ensure the file is the legitimate one designed by Microsoft.

What Is The Microsoft Windows Malicious Software Removal Tool And mrt.exe?

The Microsoft Removal Tool (also called MRT or the Microsoft Malicious Software Removal Tool) scans your computer for malware to identify and eliminate any viruses on your system. This is considered an “on-demand” tool, which means it needs to be told to run in order to run, and won’t scan for viruses unless prompted.

However, If you have never run the tool manually, it doesn’t mean it has been sat there idly on your computer gathering digital dust. The tool is updated by Microsoft on “Patch Tuesday”, which is the second Tuesday of every month.

After this patch has taken place, the tool automatically runs and reports any findings to Microsoft. You can find and run the tool yourself by typing mrt.exe into the Search box or command prompt window.

You can check the details of previous scans to see if the tool found any malware by using the following method:

  • Press the Windows key + R
  • Type this string: %WINDIR%\debug folder, and press enter.
  • Open mrt.log file

Is The Microsoft Removal Tool Safe?

A legitimate version of mrt.exe is safe and can help protect your computer from malware so removing it is not advised.

However, it is not a core operating system process, so your computer will run normally if you remove the file, but this should only be done if it is causing your computer problems such as using unusually high CPU and causing your computer to be sluggish.

If you delete a legitimate version of the file because it’s causing problems, you can always download a new version of it from the Microsoft website.

It is also possible that you have a virus disguising itself as mrt.exe. There are several Trojan viruses known to do this. A legitimate mrt.exe file will be located in the folder C:\Windows\System32.

If you find a file with the same name located any other location or folder apart from C:\\Windows\System32, it is most likely malware.

How To Check A File’s Location

a. Press ctrl-alt-del

b. Click on the ‘Processes Tab’ :

c. Highlight the MRT.exe file as above

d. Right click and click ‘Properties’ to get the following screen:

mrt task manager properties

e. Note the location (circled)

If that is the case, you should run a full scan on your computer – through your antivirus software to identify and delete the virus.

How to Remove mrt.exe

A legitimate mrt.exe file that is causing problems:

  • Click on Start, and then click on Computer
  • Open the C: drive and then click on Windows
  • Scroll down the list until you reach the System32 folder and click on it.
  • The folder should be organized so that all the folders are at the top and the files underneath. Scroll past all the folders and locate MRT in the files.
  • Right-click on the MRT executable and select Delete

A malicious version of the file:

You can delete a malicious file in much the same way. Use Task Manager to see where the file is located and make a note of this. Then right-click on the process and select End Process.

Find the file in its folder and right-click on it, then select Delete. Restart your computer to check if the file is still running or can still be found.

There are times when a virus can stick around despite attempts to delete it, and this is why you should rely on anti-virus software to better protect your computer.

Malwarebytes is a popular and trusted free Anti-virus tool.


The mrt.exe process is a legitimate process. But, if it exists in the form of a virus, it’s best remove it as soon as possible by following the steps mentioned above.

Featured Posts

RGSS202E.dll is used in games developed using the RPG Maker software and is usually safe. However, out of date dll files, or files masquerading as safe dlls, should be fixed - we show you how: What Is RGSS202E.dll? RGSS202E.dll is a DLL file associated with the Ruby Game Scripting System, ...
Read More
What Is Libcef.dll? Libcef.dll is a DLL file associated with the Chromium Embedded Framework. It is used to embed the open-source Chromium web browser into another application. Who Wrote This Libcef.dll File? Chromium is an open-source browser project from Google – it’s basically the code behind its Chrome browser. In ...
Read More
Svchost.exe, Service Host, like the name suggests, hosts Microsoft services and will load all the DLLs files of the program by itself. Should you remove the svchost.exe file from your computer? It is spyware, a trojan, or a virus, or could it be a legitimate file keeping things neat? We ...
Read More
IAStorIcon.exe is an executable file used by Intel to manage storage devices in your computer set up. It is usually entirely safe and should not be removed. If you've recently noticed the IAStorIcon.exe file in your task manager, then you're probably wondering if it's a virus or spyware. After all, ...
Read More
The Best Malware Removal Tools Reviews: we look at the top 5 tools to remove trojans, spyware, viruses and other malware from your computer. When it comes to malware, there is one thing we can all agree on – we do not want them attacking our computers. Even Warren Buffet ...
Read More
GWX.EXE – What You Need To Know About It You may see gwx.exe in your task manager and are wondering whether it’s safe, or a virus/trojan. Or perhaps you’ve noticed a new logo on the notification bar of your laptop and are concerned it may be adware. Whatever your concern, ...
Read More
Should you remove the HxTsr.exe from your computer? Is this file a virus? Trojan, Spyware, or is it a legitimate executable file? Keep reading as we investigate. What is HxTsr.exe? HxTsr.exe is one of the executable files developed for your Windows Operating System by Microsoft Corporation. The latest release of ...
Read More
What are the best online scanners? Here we review software built to ensure the Microsoft Office and zipped files you download are safe. Reports On The Threat In a cybersecurity report published by Cisco in 2018 during the Annual Cybersecurity Report, a terrifying piece of the cybersecurity puzzle was revealed ...
Read More
Should you remove the sedlauncher.exe file from your computer? Is it a legitimate file or is the sedlauncher.exe file a virus, trojan or even a type of spyware? We investigate. What is sedlauncher.exe? sedlauncher.exe represents a .exe file that belongs to the Microsoft Windows Operating System developed by Microsoft. The ...
Read More
instup.exe is an executable file developed by AVAST that is part of the Avast Free Antivirus software. The file is usually safe and helps keep systems free of malware. What is instup.exe? The AVAST antivirus software is available to download for free on Windows, Android, and Mac operating systems. The ...
Read More