The Security settings is a tab on the Settings screen in Malwarebytes for Windows. This section allows you to configure how the program protects your Windows device. Some of these features are only available to Malwarebytes Premium and Trial users. If the program reverts to the Free version, Premium dependent features will disable. To view this screen, click the gear icon in the top-right corner of the Dashboard, then click the Security tab.
You can scroll through the Security settings to see several configurable items. Read further for a description of each.
Update threat intelligence (Premium only)
Malwarebytes Premium and Malwarebytes Trial users have the option to automatically check for protection updates and to set the interval when the checks occur. You can adjust the interval between every 15 minutes and 14 days. You can set the increment to minutes, hours, and days. The default for this feature is On.
Automatic quarantine (Premium only)
Malwarebytes Premium and Malwarebytes Trial users can specify if detections are automatically quarantined when detected. By default, this setting is On. If the setting is toggled off, a notification will display in the lower right corner of the screen for each detection, and you must specify to ignore the detection once, ignore always (added to Exclusions) or quarantine.
Windows startup (Premium only)
These settings define how Malwarebytes behaves when your computer starts. You may launch several applications at startup, and they may initiate processes which require Malwarebytes launch timing to be adjusted. Keep this feature On if you want Malwarebytes to launch in the background when Windows starts. Descriptions for each Advanced setting are follows:
- Start Malwarebytes at Windows startup: If this setting is disabled, Malwarebytes will not start with Windows. No real-time protection layers will start when Windows starts, but be started manually by launching Malwarebytes.
- Delay Real-Time Protection when Malwarebytes starts: There may be times when the startup of system services used by Malwarebytes conflicts with services required by other applications at boot time. When this is the case, turn this setting on. You may also adjust the delay timing. The delay setting is adjustable from 15-180 seconds, in increments of 15 seconds.
- Enable self-protection module: This setting controls whether Malwarebytes creates a safe zone to prevent malicious manipulation of the program and its components. Checking this box introduces a one-time delay as the self-protection module is enabled.
- Enable self-protection module early start: When enabled, the self-protection module will enable earlier in the computer's boot process. This changes the order of services and drivers associated with your computer's startup.
This set of options allows you to configure the Malwarebytes rules used for scanning your device. These settings are for manual scans. If you want information about setting scheduled scans, see Set up automatic scans in Malwarebytes for Windows.
- Scan for rootkits: A specific set of rules used during scans to determine if a rootkit is on your device. Rootkits are malicious software that can be placed on a device and has the ability to modify operating system files and hide its presence. Toggling this setting on will make scans more intensive and effective, but increases the time to complete them. By default, this setting is Off.
- Scan within archives: When enabled, Malwarebytes scans two levels deep within archive zip, rar, 7z, cab and msi files. If disabled, the archive is excluded from scans. By default, this setting is On.
- Use artificial intelligence to detect threats (scans may take longer): By toggling this scan option on, you supplement existing detection methods to use machine learning to identify malicious files.
- Use expert system algorithms to identify malicious files (Premium only): By toggling this scan option on, you supplement existing detection methods to use expert system algorithms to identify malicious files.
Windows Security Center (Premium only)
Malwarebytes Premium and Malwarebytes Trial versions register as a security solution on your Windows device by default. If kept enabled, your Windows operating system recognizes Malwarebytes as your security solution. If you run any other anti-virus software, you may need to register that program with Windows Security Center separately.
Potentially unwanted items
Malwarebytes detects non-malicious, but probably annoying, software called Potentially Unwanted Programs and Potentially Unwanted Modifications. Potentially Unwanted Programs appear in the form of toolbars and other software which are installed on your computer as part of a bundle. Potentially Unwanted Modifications are usually related to the Windows registry. For both of these types, this feature offers the following settings for how you want Malwarebytes to handle them during scans and Real-Time Protection events:
- Detect Potentially Unwanted Programs (PUPs): Use the drop down menu to select how you want Malwarebytes to handle Potentially Unwanted Programs when encountered. You can select Ignore Detection, Warn User, or Always (recommended).
- Detect Potentially Unwanted Modifications: Use the drop down menu to select how you want Malwarebytes to handle Potentially Unwanted Modifications when encountered. You can select Ignore Detection, Warn User, or Always (recommended).
Brute Force Protection
Brute Force Protection (BFP) monitors Microsoft's Remote Desktop Protocol by protecting your devices from suspicious connections via remote devices. It temporarily blocks IP addresses with suspicious login attempts and notifies you of the blocks. BFP is an opt-in feature and is available only for Malwarebytes for Windows and Malwarebytes for Teams users. Learn how to enable Brute Force Protection.
Exploit Protection (Premium only)
Exploit Protection guards against attempted exploits of vulnerabilities in legitimate programs. When you launch apps, exploit protection also launches as a shield. This protection detects and blocks attacks that go undetected by other security apps. This feature has the following options:
- Block potentially malicious email attachments (Outlook desktop only): Blocks malicious file attachments sent through your Outlook app.
- Block penetration testing attacks: Blocks exploits used by third-party tests.
Click the Manage protected applications button to see a new window that displays all of your exploit protected apps. Apps protected by Malwarebytes appear under the Default tab while apps you manually add for protection display under the Custom tab.
You can toggle protection on or off for individual apps in this window. You can add an app to protect by clicking the Custom tab, then click the Add button. This opens a new window to add an app to exploit protection.
You can create an app name in the Application name field, and click Browse... to select the app you want to add for the Application file field. Use the drop-down menu to select a Program type. If you are unsure of the type of program, select Other. Click the blue Add button to save your entry. The entry appears under the Custom tab where you can toggle protection on or off. You can hover your cursor over the entry and click the pencil icon to edit, or click the trash icon to delete the entry.
Additionally, Malwarebytes Premium and Trial users can modify advanced Exploit Protection settings. Click the Advanced Settings button to view the following window and configure finer details of Exploit Protection.
Use the check boxes to enable or disable protections for specific protection layers. Use the tabs to change views between different protection categories. We recommend only changing these advanced settings when requested by a Malwarebytes Support representative. Incorrect settings may result in impaired protection.
Return to the Malwarebytes for Windows guide.