Malwarebytes Anti-Malware (a.k.a. "MBAM")
The foremost recommended malware removal tool in numerous forums, like Bleeping Computer.
As a security tool. Malwarebytes Anti-Malware has proven itself to be the leader of current emerging threat removal. It is currently the 3rd most downloaded anti-malware application on download.com! By purchasing it from our site you will be contributing not only to our efforts to supply you with good security information and advice, but also to the MalwareBytes Malware Database (via shared malware removal statistics).
Malwarebytes Anti-Malware is geared towards detecting the only most current active threats in the wild. It is capable of removing the following fake security programs (with more added every day):
Various fake HDD and Defragmenter utilities, AntiMalware Doctor, Koobface, Fake Microsoft Security Essentials (Hotfix.exe), My Security Shield, PC Defender, PC Protect, Personal Antivirus (pav.exe), RegistryFix, Security Essentials, Security Tool, System (Defend) Total Security, Spyware Cease, SpyWareNuker, Thinkpoint, System or Win Defragmenter, XP Antispyware (+year), XP Antivirus (+year), XP Security (+year), fake Flash installers … and many more!
Malwarebytes Anti-Malware is considered to be the next step in the detection and removal of malware. They have compiled a number of new technologies that are designed to quickly detect, destroy, and prevent malware. Malwarebytes Anti-Malware can detect and remove malware that even the most well-known antivirus software and anti-malware applications on the market today cannot. Malwarebytes Anti-Malware monitors every process and stops malicious processes before they even start. The Realtime Protection Module uses an advanced heuristic scanning technology which monitors your system to keep it safe and secure. In addition, MalwareBytes has implemented a threats center which will allow you to keep up to date with the latest malware threats.
Many of the current malcode threats have a useful distribution life of about 24 hours, before being discarded and replaced with altered versions. MalwareBytes AntiMalware is updated multiple times daily to respond to these constantly changing malware threats. The company optimizes the downloaded databases by rotating out defunct definitions and replacing them with new ones, and by merging overlapping rules. Unfortunately, a lot of people who have installed the free version of MBAM forget to check for definition updates and scan for Malware, until it is too late. Registering the program automates this and also prevents most known current malware from installing into your computer, in the first place.
Activating the full version unlocks realtime protection, scheduled scanning, and scheduled, frequent automated updating. The total price is a one time fee of just $24.95 USD, or equivilant in your currency (+VAT in EU), which gives you free program updates for life. Buy Malwarebytes Anti-Malware now.
You can also choose to try a 14 day, full featured trial of Malwarebytes' Anti-Malware, with all realtime protection and scanning options available to you. Use this link to download the trial version. If you would like to continue to have complete, realtime protection, Flash-speed scanning and frequent automatic updates and scheduled automatic scans, purchase a lifetime license and input the registration details into MBAM. If you choose to not register after the 14 day trial, it dumbs down into the free version's full manual operation mode.
If you just want the free, manual operation version of Malwarebytes Anti-Malware (e.g. to remove an active threat), you can download it here. You must manually check for updates and run scans. There is no realtime protection or "Flash" scans in the free version.
There is no program difference between the free and paid versions of MBAM, except for the options you are allowed to use. If you currently have a free version, paying for a lifetime license and inputting the user ID and product key turns on all of the previously unavailable options. There is a download link in the receipt page. Use it to install the latest version of MBAM. All new versions install right over the previous version, unless you are otherwise notified during setup.
†Read how to download and register Malwarebytes Anti-Malware (MBAM) after purchasing your lifetime license.
- Beginning with version 220.127.116.110: Malwarebytes Chameleon technology gets Malwarebytes Anti-Malware running even when it is blocked by an infection.
- Support for Microsoft Windows 2000, XP, Vista, 7 (32-bit and 64-bit).
- Light speed quick scanning. The "Flash Scan" (Registered version only) is twice as fast as the Quick Scan!
- Ability to perform full scans for all drives.
- There is No Limit on the number of infected items that can be removed with the unregistered version.
- Malwarebytes Anti-Malware Protection Module. (requires registration)
- Malwarebytes Anti-Malware includes IP blocking protection. * (requires registration) You'll never connect to a malicious website again! Now gives you the ability to ignore blocked IP addresses permanently (see next item for explanation). (Evolving feature. Read the details here)
- * IP blocking may block websites you want to see (like your own site), because known malware may be hosted on other sites on the same server. IP blocking can be turned off by right clicking on the MBAM System Tray icon and unchecking "IP Protection."
- Database updates released (multiple times) daily, with much smaller incremental updates for registered users.
- Quarantine to hold threats and restore them at your convenience.
- Ignore list for both the scanner and Protection Module, including managing blocked IP addresses.
Accessing a Blocked Website: In order to bypass and access a potentially malicious website which has been blocked by Malwarebytes Anti-Malware, perform the following step.
Navigate the web browser to the blocked website or IP address again. A balloon tip notification will pop up from the task tray indicating that access to the website has been blocked. Right-click on the Malwarebytes Anti-Malware tray icon, hover the mouse pointer over to "Add to Ignore List". Left-click on the IP address number that you want to add to the ignore list.
Security Risk: Once an IP address is added to the Ignore List, any website that uses that IP address will be able to bypass Malwarebytes Anti-Malware.
- Settings to enhance your Malwarebytes Anti-Malware performance.
- A small list of extra utilities to help remove malware manually.
- Multi-lingual support.
- Works together with other anti-malware utilities. (see note * below)
- Command line support for quick scanning.
- Context menu integration to scan files on demand.
- Ability to password protect key program settings. (paid version only)
- Small download file size: only 10.85 MB (version 18.104.22.1680)
- Now available in these languages: English, Arabic, Bosnian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, German, Hebrew, Hungarian, Italian, Latvian, Lithuanian, Macedonian, Norwegian, Polish, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Vietnamese.
Program Updates and fixes
Malwarebytes Anti-Malware is frequently updated, fixing bugs, or adding useful or requested features. Version 22.214.171.1240 was released on December 27, 2012, with 8 new features, 5 improvements and 1 bug fix, as outlined below.
If you are using an older version you are strongly encouraged to update to the current version. You can install it over the previous version and you will no longer have to reboot to complete the program update. Be sure you check for updates if you haven't done so recently.
New Features (v 126.96.36.1990)
- New program logo and icons
- Heuristics for 0-day exploit detection now implemented in protection module for PRO version
- Threats detected by the protection module are now quarantined automatically by default
- Malwarebytes Anti-Malware now shows Windows 8 START screen notifications
- Malwarebytes Anti-Malware now identified in scan logs, registry and About tab
- More Tools tab enhanced with tons of new content and more to come in the future
- Option to allow a threat to run temporarily (Allow Temporarily) added to filesystem protection prompts
- Option to add a detected item to the Ignore List (Allow Always) added to filesystem protection prompts
Improvements (in v 188.8.131.520)
- Heuristics for detecting new and unknown threats improved
- Scanner efficiency improved
- Microsoft Windows 8 and Internet Explorer 10 now identified correctly in scan logs
- Help file updated to include information on new features
- Better compatibility with many other security products in realtime
Bug Fixes (v 184.108.40.2060)
- FIXED: Minor issue with password creation from CLI fixed
The latest build information and revision history are found on the Malwarebytes Forum.
Here is what one of my customers had to say about MalwareBytes AntiMalware, after I recommended it to him, telling him: "MBAM is not an anti virus program. It should be thought of as an add-on protection module that works along side your traditional anti-virus program."
John Floyd, from NC, USA, replied:
"I just tried this and it found 3 infections on the quick scan and 5 more on the full scan that Avast did not find."
"It did not hold my feet to the fire and force me to buy the program before it would remove the infections."
"For that reason alone I went ahead and bought the program. It's certainly worth $24.95."
Another member of a forum I moderate had this to say, when I recommended that he protect his PCs with MBAM.
David Collins said:
"Thanks Wiz, I am indeed running Malwarebytes on everything that I have, 5 PC in the office, and this Control PC. IT ROCKS!"
"Paid the minimal bucks, got lifetime protection."
I have this to say about my own experience with Malwarebytes Anti-Malware:
"I have MBAM installed on all of my computers and use it to disinfect friends and customers computers everytime they have a malware infection. In one case I used Malwarebytes Anti-Malware to cure a customer's computer of so many Trojans, fake security alerts and browser hijackers, that she couldn't even use the computer. It was totally unresponsive when I brought it in. I rebooted into Safe Mode With Networking, installed MBAM from a known-clean thumbdrive, updated it and scanned. When the scan was complete the results showed dozens of infections and their Registry entries. I disabled System Restore and removed all the infections found from the Administrator account, It took one more reboot into Safe Mode and a second scan from a second user account to completely remove every infection, including a rootkit. I'd recommend MBAM to anybody who has to fight off multiple malware infections."
I am an affiliate for Malwarebytes Anti-Malware, as well as a customer. As such I receive a small but appreciated commission from each sale made through my affiliate links (anywhere on my website, whether a graphic banner or text link).
Simply download Malwarebytes Anti-Malware,† then double click the downloaded file to install the application on your computer (must be installed with Administrator credentials). Once the application is installed, double click on the Malwarebytes Anti-Malware icon to start the program. When the application is open, click on the Update tab, then the Check For Updates button. Once the program is updated click on the Scanner tab, select a quick or full scan, then click the Scan button. The application will guide you through the remaining steps if any malware is found.
Should an infected PC be unable to connect to the Internet, or you are blocked by malware from downloading or installing MBAM, try these workarounds.
- Try renaming the setup file to a different filename than setup-mbam.exe. Make up a random "filename.exe"
- Try rebooting into Safe Mode With Networking and see if you can install it from there.
- If malware is blocking the installation or operation of MBAM, download the latest version of Rkill, from Bleepingcomputer.com. Run Rkill, then install and update MBAM and run a scan. Do not reboot until the scanning and malware removal has completed, or MBAM instructs you to reboot.
- You can install the free version of MBAM onto another "clean" computer, update the program online, then copy the definitions file from that PC to a thumbdrive, then manually transfer and install it onto the infected computer. Look under "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware" in XP and "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" in Vista/Windows 7. The file you want is called rules.ref. Make sure MBAM is not running when you paste the new definitions file into its update-file location.
- Beginning with version 220.127.116.110, you can use the new Chameleon technology module to get the program to update and begin scanning and removing malware, even though malware is trying to block the program. Read how this works.
To run the Malwarebytes Anti-Malware Chameleon module, go to the Start Menu, All Programs > Malwarebytes Anti-Malware > Tools and click on "Malwarebytes Anti-Malware Chameleon."
A Window will open deacribing the Chameleon technology and which contains a series of "Test" buttons, each utilizing a different file extension.
Pressing any Test button launches a Command window (DOS-like), with the notice to Press any key to continue. Doing so launches an attempt to update MBAM online, via a secure channel.
If the first Test button fails to update MBAM, move on down the line until you find one that works. This work the same way as Rkill, from Bleeping Computer.
Once the program has been updated with new definitions, it begins killing malware processes known to MBAM. This may take some time.
After the scanning for and killing of malicious processes completes, whether it finds any or not, the Chameleon mudule lauches MBAM and begins a "Quick Scan."
Upon completion of the scan, the Chameleon driver is removed from memory and you are told to Press any key to continue. Click on the Command window, then press any key and the window closes.
If MBAM suggests a follow-up scan after rebooting, do so. Some malware cannot be removed while parts are still active. By rebooting and scanning before those malware components have loaded, MBAM is able to delete them and their big brother watchers.
Close this section.
Download MBAM by clicking on any link or banner for it on this page. If your computer is infected by malware that blocks you from going to malwarebytes.org, or redirects your attempts to go there to a rogue website hawking fake security programs, or fake registry cleaners, use one of the safe alternate download locations. SoftPedia - Major Geeks.
* While MBAM plays nice with other anti virus programs, some of them, like Trend Micro Internet Security don't reciprocate. If you are installing or updating your anti-virus program and it demands that MalWarebytes must be uninstalled first, do as it asks. After you finish installing/upgrading your anti-virus program, reboot. Then reinstall MBAM and input your saved registration number, if it isn't already detected. I did this after updating to Trend Micro Anti-Virus 2012 and now both security programs are getting along just fine, thank you. Kids!
Malwarebytes Anti-Malware PRO removes malware including viruses, spyware, worms and trojans, plus it protects your computer. Purchase a lifetime license and get realtime protection. You also get scheduled updating and scanning when you purchase a license. The license only costs $24.95 US, for one PC, which is good for the life of the product. Additional licenses may be purchased at a sliding discount rate.
† How to purchase and register Malwarebytes Anti-Malware (MBAM)
Install the program and try it out, or purchase a license right now. After you have installed the (free version) program you can purchase a license to unlock it by double-clicking on its desktop icon to open the user interface, then click on the "Protection" tab. There is a button labeled "Purchase" on that screen, which takes your default browser to the Malwarebytes Online Store. Note, that you can also order a backup on CD for $9.95, or 24 month extended download privileges for $5.95, at the time of your purchase.
After you purchase your lifetime license for MBAM you will see a download link on the order confirmation page. You will also receive an e-mail confirmation that contains your customer ID, your registration key code and a download link. Be sure you save a copy of that e-mail on an external drive, in case you need to format or replace your hard drive and reinstall Windows and MBAM.
In case you were wondering if there is a free version and a registered version, there is only one version of MBAM. The free version contains the locked code of the registered version. When you register the program that code gets unlocked. You can download Malwarebytes Anti-Malware using any link or banner on this page. Install it, then register it, following the instructions in the next paragraph.
When you purchase MBAM you will be asked to enter a valid e-mail address and to re-type it. After your payment goes through the company will send you an e-mail that contains your customer ID and registration key, so be sure you set your email program or filter to allow e-mail from cleverbridge.com and malwarebytes.org. When you receive that email you should note the customer ID, then locate the key code. Use your mouse or keyboard to highlight the entire key (but nothing else) and copy it (Control + Insert, or Control + C). Then, with MBAM open, click on the "Protection" tab, then click on the REGISTER button. A box will open where you can type or paste (Control + V) in your ID and the entire key code. Click "Register" at the bottom of the box and the job is done!
You must manually enter your registration code into the program, as described above, in order to register and unlock it.
Save the email containing your registration ID and key! You will need it if you have to reinstall the program. Or, purchase a backup CD or extended download protection.
For official help installing or using Malwarebytes Anti-Malware, please visit the official MBAM forum.
Created and maintained by Wiz Feinberg - "Wizcrafts' Computer, Consulting, and Webmaster Services"
Read Wiz's Security Blog to keep abreast of the latest security and spam threats and security program updates.
Please send any inquiries or problem reports to the Webmaster.
Last updated on February 22, 2013.