Malwarebytes' Anti-Malware (a.k.a. "MBAM")

The foremost recommended malware removal tool in numerous forums, like Bleeping Computer.

As a security tool. Malwarebytes' Anti-Malware has proven itself to be the leader of current emerging threat removal. It is currently the 3rd most downloaded anti-malware application on download.com! By purchasing it from our site you will be contributing not only to our efforts to supply you with good security information and advice, but also to the MalwareBytes Malware Database (via shared malware removal statistics).

Malwarebytes' Anti-Malware is geared towards detecting the only most current active threats in the wild. It is capable of removing the following fake security programs (with more added every day):

Various fake HDD and Defragmenter utilities, AntiMalware Doctor, Koobface, Fake Microsoft Security Essentials (Hotfix.exe), My Security Shield, PC Defender, PC Protect, Personal Antivirus (pav.exe), RegistryFix, Security Essentials, Security Tool, System (Defend) Total Security, Spyware Cease, SpyWareNuker, Thinkpoint, System or Win Defragmenter, XP Antispyware (+year), XP Antivirus (+year), XP Security (+year), fake Flash installers … and many more!

Malwarebytes' Anti-Malware is considered to be the next step in the detection and removal of malware. They have compiled a number of new technologies that are designed to quickly detect, destroy, and prevent malware. Malwarebytes' Anti-Malware can detect and remove malware that even the most well-known antivirus software and anti-malware applications on the market today cannot. Malwarebytes' Anti-Malware monitors every process and stops malicious processes before they even start. The Realtime Protection Module uses an advanced heuristic scanning technology which monitors your system to keep it safe and secure. In addition, MalwareBytes has implemented a threats center which will allow you to keep up to date with the latest malware threats.

Many of the current malcode threats have a useful distribution life of about 24 hours, before being discarded and replaced with altered versions. MalwareBytes AntiMalware is updated multiple times daily to respond to these constantly changing malware threats. The company optimizes the downloaded databases by rotating out defunct definitions and replacing them with new ones, and by merging overlapping rules. Unfortunately, a lot of people who have installed the free version of MBAM forget to check for definition updates and scan for Malware, until it is too late. Registering the program automates this and also prevents most known current malware from installing into your computer, in the first place.

Activating the full version unlocks realtime protection, scheduled scanning, and scheduled, frequent automated updating. The total price is a one time fee of just $24.95 USD, or equivilant in your currency (+VAT in EU), which gives you free program updates for life. Buy MalwareBytes' Anti-Malware now.

^†Read how to download (including alternate download locations) or register Malwarebytes' Anti-Malware (MBAM) after purchasing your lifetime license.

Key Features

• New beginning with version 1.60.0.1800: Malwarebytes Chameleon technology gets Malwarebytes Anti-Malware running even when it is blocked by an infection.
• Support for Microsoft Windows 2000, XP, Vista, 7 (32-bit and 64-bit).
• Light speed quick scanning. The "Flash Scan" (Registered version only) is twice as fast as the Quick Scan!
• Ability to perform full scans for all drives.
• There is No Limit on the number of infected items that can be removed with the unregistered version.
• Malwarebytes' Anti-Malware Protection Module. (requires registration)
• Malwarebytes Anti-Malware includes IP blocking protection. * (requires registration) You'll never connect to a malicious website again! Now gives you the ability to ignore blocked IP addresses permanently (see next item for explanation). (Evolving feature. Read the details here)
• * IP blocking may block websites you want to see (like your own site), because known malware may be hosted on other sites on the same server. IP blocking can be turned off by right clicking on the MBAM System Tray icon and unchecking "IP Protection."
• Database updates released (multiple times) daily, with much smaller incremental updates for registered users.
• Quarantine to hold threats and restore them at your convenience.
• Ignore list for both the scanner and Protection Module, including managing blocked IP addresses.
  Accessing a Blocked Website: In order to bypass and access a potentially malicious website which has been blocked by Malwarebytes' Anti-Malware, perform the following step.
  
  Navigate the web browser to the blocked website or IP address again. A balloon tip notification will pop up from the task tray indicating that access to the website has been blocked. Right-click on the Malwarebytes' Anti-Malware tray icon, hover the mouse pointer over to "Add to Ignore List". Left-click on the IP address number that you want to add to the ignore list.
  
  Security Risk: Once an IP address is added to the Ignore List, any website that uses that IP address will be able to bypass Malwarebytes' Anti-Malware.
  
  
• Settings to enhance your Malwarebytes' Anti-Malware performance.
• A small list of extra utilities to help remove malware manually.
• Multi-lingual support.
• Works together with other anti-malware utilities. (see note * below)
• Command line support for quick scanning.
• Context menu integration to scan files on demand.
• Ability to password protect key program settings. (paid version only)
• Small download file size: only 10.85 MB (version 1.60.0.1800)
• Now available in these languages: English, Arabic, Bosnian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, German, Hebrew, Hungarian, Italian, Latvian, Lithuanian, Macedonian, Norwegian, Polish, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Vietnamese.

Program Updates and fixes

Malwarebytes' Anti-Malware is frequently updated, fixing bugs, or adding useful or requested features. Version 1.60.1.1000 was released on January 31, 2012. If you are using an older version you are strongly encouraged to update to the current version. You can install it over the previous version and it will ask you to reboot to complete the installation. The new version contains several improvements and bug fixes as outlined next. Be sure you check for updates if you haven't done so recently.

New Features (v 1.60.1.1000)

1. Malwarebytes Chameleon technology gets Malwarebytes Anti-Malware running even when blocked by infection.
2. Incremental updates (paid version only).
3. Ability to password protect key program settings (paid version only).

Improvements (in v 1.60.1.1000)

1. Improved reliability and performance of the update process.
2. Detection and removal engine enhancements.
3. System tray icon now dynamically displays selected language.
4. Settings for Protection Module behavior can be changed without protection being active.
5. Improved DOR (Delete On Reboot) technology to enhance threat removal process.
6. Restructured log formats to include greater detail on system information and detected threats.
7. Improved error messages to make them more user friendly.
8. Scheduled updates now occur within 15 minutes of scheduled time.
9. Custom log locations now displayed in Logs tab.
10. Protection logs can be saved in custom locations.
11. Program version release date now displayed on About tab.

Bug Fixes (v 1.60.1.1000)

1. Fix for database not updating properly on Czech installations of Microsoft Windows.
2. Fix for certain scenarios where scans failed to complete.
3. Fixed issue resulting in freezes in certain third-party security products on Windows XP.
4. Fixed issue where ignore list was not reloaded after a database update.
5. Fixed issue where certain malformed ignore list data would result in a mbamcore.dll crash.
6. Fixed issue where desktop icon was not created on certain upgrade installations.
7. Fixed issues with Dutch, Belarusian, and Korean language files.
8. Added Greek language file.

The latest build information and revision history are found on the Malwarebytes' Forum.

Testimonials

Here is what one of my customers had to say about MalwareBytes AntiMalware, after I recommended it to him, telling him: "MBAM is not an anti virus program. It should be thought of as an add-on protection module that works along side your traditional anti-virus program."

John Floyd, from NC, USA, replied:

"I just tried this and it found 3 infections on the quick scan and 5 more on the full scan that Avast did not find."

"It did not hold my feet to the fire and force me to buy the program before it would remove the infections."

"For that reason alone I went ahead and bought the program. It's certainly worth $24.95."

Another member of a forum I moderate had this to say, when I recommended that he protect his PCs with MBAM.

David Collins said:

"Thanks Wiz, I am indeed running Malwarebytes on everything that I have, 5 PC in the office, and this Control PC. IT ROCKS!"

"Paid the minimal bucks, got lifetime protection."

I (Wiz) have this to say about my experience with Malwarebytes Anti-Malware:

"I have MBAM installed on all of my computers and use it to disinfect friends and customers computers everytime they have a malware infection. In one case I used Malwarebytes Anti-Malware to cure a customer's computer of so many Trojans, fake security alerts and browser hijackers, that she couldn't even use the computer. It was totally unresponsive when I brought it in. I rebooted into Safe Mode With Networking, installed MBAM from a known-clean thumbdrive, updated it and scanned. When the scan was complete the results showed dozens of infections and their Registry entries. I disabled System Restore and removed all the infections found from the Administrator account, It took one more reboot into Safe Mode and a second scan from a second user account to completely remove every infection, including a rootkit. I'd recommend MBAM to anybody who has to fight off multiple malware infections."

I am an affiliate for Malwarebytes' Anti-Malware, as well as a customer. As such I receive a small but appreciated commission from each sale made through my affiliate links (anywhere on my website, whether a graphic banner or text link).

Usage

Simply download Malwarebytes' Anti-Malware,^† then double click the downloaded file to install the application on your computer (must be installed with Administrator credentials). Once the application is installed, double click on the Malwarebytes' Anti-Malware icon to start the program. When the application is open, click on the Update tab, then the Check For Updates button. Once the program is updated click on the Scanner tab, select a quick or full scan, then click the Scan button. The application will guide you through the remaining steps if any malware is found.

Should an infected PC be unable to connect to the Internet, or you are blocked by malware from downloading or installing MBAM, try these workarounds.

1. Try renaming the setup file to a different filename than setup-mbam.exe. Make up a random "filename.exe"
2. Try rebooting into Safe Mode With Networking and see if you can install it from there.
3. If malware is blocking the installation or operation of MBAM, download the latest version of Rkill, from Bleepingcomputer.com. Run Rkill, then install and update MBAM and run a scan. Do not reboot until the scanning and malware removal has completed, or MBAM instructs you to reboot.
4. You can install the free version of MBAM onto another "clean" computer, update the program online, then copy the definitions file from that PC to a thumbdrive, then manually transfer and install it onto the infected computer. Look under "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware" in XP and "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware" in Vista/Windows 7. The file you want is called rules.ref. Make sure MBAM is not running when you paste the new definitions file into its update-file location.
5. Beginning with version 1.60.0.1800, you can use the new Chameleon technology module to get the program to update and begin scanning and removing malware, even though malware is trying to block the program. Read how this works.

   To run the Malwarebytes' Anti-Malware Chameleon module, go to the Start Menu, All Programs > Malwarebytes' Anti-Malware > Tools and click on "Malwarebytes' Anti-Malware Chameleon."
   
   A Window will open deacribing the Chameleon technology and which contains a series of "Test" buttons, each utilizing a different file extension.
   
   Pressing any Test button launches a Command window (DOS-like), with the notice to Press any key to continue. Doing so launches an attempt to update MBAM online, via a secure channel.
   
   If the first Test button fails to update MBAM, move on down the line until you find one that works. This work the same way as Rkill, from Bleeping Computer.
   
   Once the program has been updated with new definitions, it begins killing malware processes known to MBAM. This may take some time.
   
   After the scanning for and killing of malicious processes completes, whether it finds any or not, the Chameleon mudule lauches MBAM and begins a "Quick Scan."
   
   Upon completion of the scan, the Chameleon driver is removed from memory and you are told to Press any key to continue. Click on the Command window, then press any key and the window closes.
   
   If MBAM suggests a follow-up scan after rebooting, do so. Some malware cannot be removed while parts are still active. By rebooting and scanning before those malware components have loaded, MBAM is able to delete them and their big brother watchers.
   
   Close this section.

Downloading MBAM

Download MBAM by clicking on any link or banner for it on this page. If your computer is infected by malware that blocks you from going to malwarebytes.org, or redirects your attempts to go there to a rogue website hawking fake security programs, or fake registry cleaners, use one of the safe alternate download locations. SoftPedia - Major Geeks.

^* While MBAM plays nice with other anti virus programs, some of them, like Trend Micro Internet Security don't reciprocate. If you are installing or updating your anti-virus program and it demands that MalWarebytes must be uninstalled first, do as it asks. After you finish installing/upgrading your anti-virus program, reboot. Then reinstall MBAM and input your saved registration number, if it isn't already detected. I did this after updating to Trend Micro Anti-Virus 2012 and now both security programs are getting along just fine, thank you. Kids!

Malwarebytes Anti-Malware PRO removes malware including viruses, spyware, worms and trojans, plus it protects your computer. Purchase a lifetime license and get realtime protection. You also get scheduled updating and scanning when you purchase a license. The license only costs $24.95 US, for one PC, which is good for the life of the product. Additional licenses may be purchased at a sliding discount rate.

^† How to purchase and register Malwarebytes Anti-Malware (MBAM)

Install the program and try it out, or purchase a license right now. After you have installed the (free version) program you can purchase a license to unlock it by double-clicking on its desktop icon to open the user interface, then click on the "Protection" tab. There is a button labeled "Purchase" on that screen, which takes your default browser to the Malwarebytes Online Store. Note, that you can also order a backup on CD for $9.95, or 24 month extended download privileges for $5.95, at the time of your purchase.

After you purchase your lifetime license for MBAM you will see a download link on the order confirmation page. You will also receive an e-mail confirmation that contains your customer ID, your registration key code and a download link. Be sure you save a copy of that e-mail on an external drive, in case you need to format or replace your hard drive and reinstall Windows and MBAM.

In case you were wondering if there is a free version and a registered version, there is only one version of MBAM. The free version contains the locked code of the registered version. When you register the program that code gets unlocked. You can download Malwarebytes Anti-Malware using any link or banner on this page. Install it, then register it, following the instructions in the next paragraph.

When you purchase MBAM you will be asked to enter a valid e-mail address and to re-type it. After your payment goes through the company will send you an e-mail that contains your customer ID and registration key, so be sure you set your email program or filter to allow e-mail from cleverbridge.com and malwarebytes.org. When you receive that email you should note the customer ID, then locate the key code. Use your mouse or keyboard to highlight the entire key (but nothing else) and copy it (Control + Insert, or Control + C). Then, with MBAM open, click on the "Protection" tab, then click on the REGISTER button. A box will open where you can type or paste (Control + V) in your ID and the entire key code. Click "Register" at the bottom of the box and the job is done!

You must manually enter your registration code into the program, as described above, in order to register and unlock it.

Save the email containing your registration ID and key! You will need it if you have to reinstall the program. Or, purchase a backup CD or extended download protection.

For official help installing or using MalwareBytes' Anti-Malware, please visit the official MBAM forum.

(back to top)

---

Created and maintained by Wiz Feinberg - "Wizcrafts' Computer, Consulting, and Webmaster Services"
Read Wiz's Security Blog to keep abreast of the latest security and spam threats and security program updates.
Please send any inquiries or problem reports to the Webmaster.
Last updated on February 5, 2012.