How do I use Malwarebytes Anti-Rootkit?

Document created by dshull Employee on May 10, 2017Last modified by jyamada on Jun 11, 2017
Version 3Show Document
  • View in full screen mode

Download Malwarebytes Anti-Rootkit (MBAR) from here and follow the steps below:

  1. This is a self-extracting file. Double click to run the tool.
  2. Follow the onscreen instructions to extract it to a location of your choice.It will extract to your desktop by default.
  3. MBAR will then open on its own. 
    Note: On some machines, this may take up to a minute, please be patient.
  4. Follow the instructions in the wizard to update the database and allow the program to scan your computer for threats.
  5. Click on the Cleanup button to remove any threats and reboot if prompted to do so. 
    Note: If you are unsure of how to proceed should there be detections at the end of a scan, Please read this KB article, Should I click Cleanup or Exit with Malwarebyes Anti-Rootkit? .
  6. Wait while the system shuts down and the cleanup process is performed.
  7. Once back in Windows, please run another scan with MBAR to verify that no threats remain. To do so, locate the mbar.exe in the extracted mbar folder which should be on your desktop or location selected previously.
  8. Double click on mbar.exe and once again follow the instruction in the wizard to update the database and allow the program to scan your computer for threats.
  9. If threats are still detected, click Cleanup once more and repeat the process until no further detections remain.
  10. If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
    • Internet access
    • Windows Update
    • Windows Firewall
  11. If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit. It is located in the Plugins folder inside the MBAR folder.
  12. Verify that your system is now functioning normally.