The Malwarebytes Support Tool command line version is used to cleanup and remove Malwarebytes products. The Support Tool removes Malwarebytes Endpoint Security and Malwarebytes Endpoint Protection, including their files, settings, and license information. To remove Malwarebytes software from a Windows endpoint, download the Support Tool, then run it from the Command Prompt.
In the Command Prompt, you can use switches to specify how you want to remove the Malwarebytes software. A list of switches and instructions on how to use them are in this article.
Note: The Malwarebytes Support Tool cannot uninstall Malwarebytes software if the Tamper Protection feature is enabled in your environment. Disable Tamper Protection before running this tool.
Download and run the Malwarebytes Support Tool
- Click here to download the latest version of Malwarebytes Support Tool Command Line tool and save it to the desktop.
- Open Command Prompt as an administrator.
- In the command window, type in cd C:\Users\(name of username)\desktop or cd %userprofile%\desktop to navigate to the desktop.
- If you want to run the Malwarebytes Support Tool and allow it to reboot, enter the command mbstcmd-[file version number].exe /y /cleanup
- Verify the following directories are removed. If they are not, remove them manually:
- C:\Program Files\Malwarebytes Endpoint Agent
- C:\ProgramData\Malwarebytes Endpoint Agent
- C:\Program Files\Malwarebytes
Command line switches
Here is a list of switches you can use to execute the Malwarebytes Support Tool:
- Accepts the EULA. Without this command you will not be able to run the tool.
- Uninstalls all versions of Malwarebytes products it finds on the machine.
- Does not reinstall or reactivate the Malwarebytes installation.
- Generates output (mbst-clean-results.txt) to the directory where the Support Tool was run from.
- Forces a reboot to perform post-reboot cleanup.
- Prevents the forced reboot flag after cleanup.
- Ensures there is no post reboot cleanup.
- /epatoken "NoTamperProtection"
- Clears the tamper protection token.
- If you run this command, you will need to run an additional clean command afterwards. For example:
To clear the tamper protection token: mbstcmd-[file version number].exe /y /cleanup /noreboot /nopr /epatoken "NoTamperProtection"
To follow up with the clean process after the token is removed: mbstcmd-[file version number].exe /y /cleanup