home

mrt.exe

Strumento di rimozione malware

Microsoft Corporation

MRT is an anti-malware utility that checks a PC for infection by specific, prevalent malicious software and helps to remove the infection if it is found. The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if a malware infection is found. Microsoft will release an updated version of this tool on the second Tuesday of each month. It runs as a scheduled task under the Windows Task Scheduler.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Strumento di rimozione malware

Version:
5.9.9902.0

MD5:
44fe8331d96e0c975b5ad76e19f4a3cc

SHA-1:
7b1b6bbfabcf268d3c41c29ccc97f43f743c7696

SHA-256:
c9feb1de132658e81bd30827bf5f22d08b7d78ee602f8b33e2ebe1c187924e42

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
5/7/2024 10:23:29 AM UTC  (today)

File size:
84.5 MB (88,567,024 bytes)

Product version:
5.9.9902.0

Copyright:
© Microsoft Corporation. Tutti i diritti riservati.

Original file name:
mrt.exe

File type:
Executable application (Win64 EXE)

Language:
Italian (Italy)

Common path:
C:\Windows\System32\mrt.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
5/16/2013 8:20:12 PM

Valid to:
8/16/2014 8:20:12 PM

Subject:
CN=Microsoft Windows, OU=AOC, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Windows Verification PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
330000001FCA3922951F79172D00000000001F

File PE Metadata
Compilation timestamp:
2/5/2014 3:54:01 AM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1572864:w9LPsKu79c/N/Z/T5xz5xE5x75xL/v/u5xN5xz5xU5xk5xD5xyLwu7/yQ3Ndt9NC:qL0v79c/N/Z/T5xz5xE5x75xL/v/u5xJ

Entry address:
0x3C14C

Entry point:
48, 83, EC, 28, E8, CF, 11, 00, 00, 48, 83, C4, 28, E9, 92, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 89, DE, 00, 00, 75, 10, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 01, C3, 48, C1, C9, 10, E9, 32, 01, 00, 00, CC, CC, CC, CC, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8B, 05, D4, 1A, 01, 00, 48, 89, 44, 24, 38, 48, 83, F8, FF, 75, 08, FF, 15, B3, 65, 01, 00, EB, 5D, B9, 08, 00, 00, 00, E8, 51, 12, 00, 00, 90, 48, 8B, 05, AF, 1A, 01, 00, 48, 89, 44...
 
[+]

Code size:
288 KB (294,912 bytes)

Scheduled Task
Task name:
MRT_HB

Path:
\Microsoft\Windows\RemovalTools\MRT_HB

Action:
mrt.exe \ehb \q


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.