The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows 7, Windows Vista, Windows Server 2003, Windows Server 2008, or Windows XP.
The Microsoft Windows Malicious Software Removal Tool checks computers for infections by specific, prevalent malicious software, including Blaster, Sasser, and Mydoom—and helps remove any infection found.
The Microsoft Malicious Software Removal Tool does not replace an antivirus product. It is strictly a post-infection removal tool.
KB890830 lists the three key areas in which the tool differs from an antivirus application.
- The tool removes malicious software from an already-infected computer. Antivirus products block malicious software from running on a computer. It is significantly more desirable to block malicious software from running on a computer than to remove it after infection.
- The tool removes only specific prevalent malicious software. Specific prevalent malicious software is a small subset of all the malicious software that exists today.
- The tool focuses on the detection and removal of active malicious software. Active malicious software is malicious software that is currently running on the computer. The tool cannot remove malicious software that is not running. However, an antivirus product can perform this task.
When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.
Microsoft releases an updated version of this tool on the second Tuesday of each month, as needed to respond to security incidents.
The version of the tool delivered by Windows Update runs in the background and then reports if an infection is found.
This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product like the Microsoft Security Essentials, always.
If you plan to deploy the Microsoft Windows Malicious Software Removal Tool in an enterprise environment, check KB891716.