![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
The MSRT seems to be misbehaving for lots of people lately, and the real question isn’t how to fix the bugs (we can’t) – it’s whether it really makes any sense to be scanning with this relic malware-removal tool. The MSRT was a stopgap solution for people on older operating systems that might not be heeding the Security Center’s warning to install a real-time AV app – and this tool can only detect a small number of prevalent threats.
But now that we have Windows Defender Antivirus included in Windows 10, you should just be running occasional Full Scans with Windows Defender itself. Windows Defender uses the full set of Microsoft definitions, rather than just the small subset included with the MSRT – and it’s available for all Windows 10 users. If you’re using a third-party AV solution for your real-time protection, then all you have to do is enable Windows Defender’s Limited Periodic Scanning mode, and this will allow you to run Full Scans with Windows Defender (as well as with your third-party AV app). Limited Periodic Scanning also allows you to run scans with Windows Defender Offline, which runs outside of the Windows environment so that malware can’t hide by manipulating the Windows infrastructure.
Additionally, you should enable Potentially Unwanted Application protection for your Windows Defender scans: Right-click on the Start button and select Windows PowerShell (Admin), and then copy, paste, and enter this command:
Set-MpPreference -PUAProtection 1
A manual Full Scan can potentially find any malware that your AV app can possibly detect (with signatures) – but since real-time protection (on-access) is always automatically scanning the files involved in file system read/write operations; on-access scanning will generally find any active malware. And consequently, manual (or scheduled) scans will normally only find archived malware, or maybe some leftover malware fragments that were missed by real-time protection. The main reason for running manual scans is that they take the time to unpack container files and scan the contents, while real-time protection doesn’t scan the contents of archived files. So manual or scheduled scans with the installed AV app really have a very low priority, and generally won’t find any active malware.
But since no single AV app covers the entire spectrum of online threats, it’s entirely possible that your primary AV app might have missed some active malware – and that should always be your main concern. So the priority should always be on running some manual scans with third-party malware-removal apps, since these often include definitions that aren’t included in your installed AV app – and these third-party apps will consequently have the potential for detecting active malware that’s running on the system just because you primary AV app wasn’t able to detect it:
Kaspersky Virus Removal Tool:
http://support.kaspersky.com/viruses/kvrt2015
Emsisoft Emergency Kit:
http://www.emsisoft.com/en/software/eek/
Malwarebytes Anti-Malware (free version only):
https://www.malwarebytes.org/antimalware/
Eset Online Scanner:
http://www.eset.com/us/online-scanner/
Some other trusted third-party malware-removal tools are listed here:
GreginMich