Windows Malicious Software Removal Tool , mrt.exe runs on startup - real or virus?

Firstly, you may directly post your image in forum, by click on picture icon in reply and you don't need to upload it in third-party website.

Since when this problem started?

Try run Windows Update and install all updates and restart your PC.

If you open task manager, under View details and in startup, are you seeing MSRT there?

Thank you for replying so quickly!! I didn't notice the insert image button. That I can do. To answer your questions:

- Started about a week ago (never seen this before, so found it unusual)

- Windows is up to date (this is done regularly)

- You're right, Task Manager shows mrt.exe trying to run at startup. Pic below.

I've actually highlighted 2 other things I'm not familiar with. 

1. Should I stop "Program" from running, that seems suspicious

2. I'm guessing "Windows host process" is usual? I just don't recall.

3. I'll probably disable MSRT, but how do I know if it's legit or fake? I just don't know if this is how mrt.exe should be running or not.

Thank you,

Alex.

From the list "Program" seems to be very suspicious try right click and open location and investigate a bit more about it.

May be you could zip the root file of it and submit it to VirusTotal:

https://www.virustotal.com/

MSRT and Windows Host process are signed by Microsoft and seems to be legit, but they should be run only once. Try disable program first and then restart your PC and see whether problem persist.

You may also use AutoRuns:

https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

To investigate startup more and manually disable them.

Excellent - disabling stopped the persistent ask.

I right-clicked the Task Bar columns and selected 'Command Line', and found that unknown Program entry to be a divx file. I assume this is fine, but it's not required on startup so that's disabled too:

I've bookmarked the links you've suggested if this problem persists - thank you so much for your help! Much appreciated.

FOLLOW-UP...

Answer-by-number:

1. Did the computer come with Win10 preinstalled, did you do a clean install of Win10, or did you upgrade a Win7 computer or a Win8.1 computer [<=PICK ONE!] to Win10?

2. Who manufactured the computer (e.g., Dell; HP; Acer; Lenovo; ASUS)?

3. Has a Norton application or a McAfee application EVER been installed on the computer since you bought it?

4. Have you ever run the Norton Removal Tool and/or the McAfee Consumer Products Removal Tool?

5. How long has AVG Free (I assume) been installed?

6. What Version & OS Build of Windows 10 is currently installed?

• Press & hold the Windows Key and press the R key. In the RUN dialog, type WINVER and press the Enter key.

1. Win 7 upgrade

2. custom build PC in a box

3. Norton, briefly, maybe 18 months ago, I don't recall how i uninstalled it, but I assume I did it properly

4. See (3)

5. Many years

6. 1607 (OS Build 14393.693)

Fact: Norton (and McAfee) applications are notorious for not uninstalling (or upgrading) cleanly. The "leftovers" may be your troublemaker here.

REPOSTING => Have you ever run the Norton Removal Tool?

I've since run the nrt, latest version downloaded from the official website.

Q: Have you ever run the Norton Removal Tool?
A: I've since run the nrt...

1. When (exact date) did you run the Norton Removal Tool?

2. Is the Malicious Software Removal Tool still running at startup?