This tutorial applies to version 1 of Malwarebytes Anti-Malware. To configure the current version, see Configure Malwarebytes Anti-Malware 2 guide instead.
After installing, Malwarebytes Anti-Malware will update its malware definitions. Wait until this is complete.
Malwarebytes Anti-Malware then displays a success message. Click OK.
If Malwarebytes Anti-Malware is not running, Windows XP users can start it by opening Start menu, All Programs, finding Malwarebytes Anti-Malware folder and clicking Malwarebytes Anti-Malware.
Windows Vista and 7 users can open Start menu, type "malware" into Search box and click Malwarebytes Anti-Malware.
Windows 8 and 8.1 users should press Windows Key+Q to open Apps search or Search everywhere, type "malware" and click Malwarebytes Anti-Malware.
A 14-day trial version of the full Malwarebytes Anti-Malware might be offered once after installation. To continue using the free version, click Decline.
In MBAM (short name for Malwarebytes Anti-Malware) main window click Settings tab.
Let's see what we can find under the General Settings tab.
To make sure that MBAM can remove malware that uses Internet Explorer for its dirty deeds, keep the Terminate Internet Explorer during threat removal box checked. Some malware run IE without displaying any browser windows, so this is important! And please remember to close all Internet Explorer windows before starting a malware scan.
If you feel very concerned about your privacy, clear the Anonymously report usage statistics box. This means that MBAM will never send any information about program usage to the creators.
The Create right click context menu option allows you to launch MBAM scan for any file or folder from Windows Explorer. For example, right-clicking Documents / My Documents folder lists the Scan with Malwarebytes Anti-Malware option among others. Activate the check box.
Leave the Automatically save log file after scan completes box checked as it can save important information about items found for IT specialists.
Clear the Open log file immediately after saving check box. You do not always need to read the log file, the scan results are quite enough.
Warn if database is outdated by is a very important settings - here you can specify how old the signature database can be without MBAM notifying you of this. The default setting, 7 days, is pretty good; but setting this to 3 is even better.
Here's the warning dialog about an outdated database. Clicking Yes will download and install the latest database right away.
Next, click the Scanner Settings tab and verify that all check boxes concerning scanning are checked. This ensures that all system areas are scanned.
Also, tick the Enable scanning inside archives (available since version 1.75) and Enable advanced heuristics engine (Heuristics.Shuriken) boxes.
Next, you can select default behavior for detected Potentially Unwanted Programs (PUPs - for example, password crackers, hacking tools, etc), Potentially Unwanted Modifications (PUMs - modifications in Registry items and settings files) and Peer-to-Peer Software (P2P - BitTorrent, eMule, Kazaa, etc).
I recommend selecting Show in results list and check for removal for both Action for potentially unwanted programs (PUP) and Action for potentially unwanted modifications (PUM) items. This ensures that all strange programs and modifications are detected. After all, you can always deselect programs and modifications in the Scanning Results window.
Action for peer-to-peer software (P2P) should be either Show in results list and do not check for removal or Show in results list and check for removal, depending whether you want to use some P2P programs or not.
Click Updater Settings tab and make sure that the Download and install program update if available and Notify me when a program update is ready for installation check boxes are ticked. This will update Malwarebytes Anti-Malware to the latest version automatically.
All detected malware is moved to a quarantine folder by default. As this folder might waste loads of disk space, it is recommended to clear it once a month. You can also restore items to their previous locations if you really know what you're doing.
Click Quarantine tab in MBAM main window. Here are all items detected. The easiest and safest way to empty quarantine folder is to click Delete All button.
You can also delete individual items by selecting them with mouse and clicking Delete button. You can select multiple concurrent items by clicking the first one, then holding down Shift key on your keyboard and clicking the last one. To select multiple non-concurrent items, hold down Ctrl key while clicking the items you need.
Be very careful with Restore All and Restore buttons, do not use them unless you are sure that you are not restoring malware!