Configure how Malwarebytes protects your device in the Security tab of the Settings screen in Malwarebytes for Windows version 4. Access Security settings by clicking the Settings gear on the top-right corner of the Dashboard, then selecting the Security tab. Malwarebytes Premium subscribers and Trial users benefit from additional settings. Scroll through the Security settings to see all configurable items.
Update threat intelligence
Available to paid and trial users.
Enable this setting to automatically check for protection updates, and set the interval when the checks occur, between every 15 minutes and 14 days. You can set the increment to minutes, hours, and days. This setting is On by default.
Automatic quarantine
Available to paid and trial users.
Automatically quarantine malware upon detection
Specify if threats are automatically quarantined when detected. This setting is On by default. If the setting is toggled off, a notification displays in the lower right corner of the screen for each detection, and you must specify how to action the detection. Options include:
- Ignore once: the threat remains on the device, but will be detected in the next scan.
- Ignore always: the threat is added to Allow list and will not be detected again.
- Quarantine: the threat is removed and placed in quarantine, where it no longer impacts the device.
Automatically unquarantine when detected malware is a false positive
When Automatic quarantine is enabled, this setting allows Malwarebytes to automatically restore detections that were quarantined but were later found to be false-positive detections. When a detection is restored, a notification displays in the in-app notification center, and the event can be reviewed in detection History reports. This setting is On by default. If this setting is off, false-positive detections must be restored manually.
Windows startup
Available to paid and trial users.
Define how Malwarebytes behaves when your computer starts. Your computer may launch several applications at startup, initiating processes which need Malwarebytes launch timing to be adjusted. Keep this feature On for Malwarebytes to launch in the background when Windows starts.
Descriptions for each Advanced setting are as follows:
- Launch Malwarebytes in the background when Windows starts up: Malwarebytes and Real-Time Protection layers start when Windows operating system starts. If disabled, Malwarebytes and Real-Time Protection layers do not start with Windows, but can be started manually by launching Malwarebytes.
- Delay Real-Time Protection when Malwarebytes starts: When the startup of system services used by Malwarebytes conflicts with services required by other applications at boot time, enable this setting, and adjust the delay timing. The delay setting is adjustable from 15-180 seconds, in increments of 15 seconds.
- Enable self-protection module: This setting controls whether Malwarebytes creates a safe zone to prevent malicious manipulation of the program and its components. Check this box to introduce a one-time delay as the self-protection module is enabled.
- Enable self-protection module early start: When enabled, the self-protection module starts earlier in the computer's boot process. This changes the order of services and drivers associated with your computer's startup.
Scan options
Available to paid, trial, and free users.
Configure the Malwarebytes rules used for running manual scans on your devicely. For information about setting scheduled scans, see Set up automatic scans in Malwarebytes for Windows.
- Scan for rootkits: A specific set of rules is used during scans to determine if rootkits are present on your device. Rootkits are malicious software that can modify operating system files and hide their presence. Toggling this setting on will make scans more intensive and effective, but increase the time to complete them. By default, this setting is Off.
- Scan within archives: When enabled, Malwarebytes scans two levels deep within archive zip, rar, 7z, cab and msi files. If disabled, archives are excluded from scans. By default, this setting is On.
- Use artificial intelligence to detect threats (scans may take longer): Toggling On to supplement existing detection methods by using machine learning to identify malicious files.
- Use expert system algorithms to identify malicious files: Toggle On to supplement existing detection methods by using expert system algorithms to identify malicious files. Available for paid and trial users.
Windows Security Center
Available to paid and trial users.
Malwarebytes Premium and Trial versions register as a security solution on your Windows device by default. If kept enabled, your Windows operating system recognizes Malwarebytes as your security solution. If you run any other anti-virus software, you may need to register that program with Windows Security Center separately.
Potentially unwanted items
Available to paid, trial, and free users.
Malwarebytes detects non-malicious software called Potentially Unwanted Programs (PUPs) and Potentially Unwanted Modifications (PUMs). PUPs appear in the form of toolbars and other software usually installed on your computer as part of a bundle. PUMs are usually related to the Windows registry. Configure how you want Malwarebytes to handle PUP and PUM detections during scans and Real-Time Protection events:
- Detect Potentially Unwanted Programs (PUPs): Use the drop down menu to select Ignore Detection, Warn User, or Always (recommended).
- Detect Potentially Unwanted Modifications: Use the drop down menu to select Ignore Detection, Warn User, or Always (recommended).
Brute Force Protection
Available to paid and trial users.
Brute Force Protection (BFP) monitors Microsoft's Remote Desktop Protocol, protecting your devices from suspicious connections via remote devices. It temporarily blocks IP addresses with suspicious login attempts and notifies you of the blocks. BFP is available only for Malwarebytes for Windows and Malwarebytes for Teams users. Learn how to enable Brute Force Protection.
Exploit Protection
Available to paid and trial users.
Exploit Protection shields legitimate programs from potential vulnerability exploitation, by detecting and blocking attacks that go undetected by other security apps. This feature has the following options:
- Block potentially malicious email attachments (Outlook desktop only): Blocks malicious file attachments sent through your Outlook app.
- Block penetration testing attacks: Blocks exploits used by third-party tests.
Click Manage protected applications to review a list of your protected apps. Apps protected by Malwarebytes appear under the Default tab, while apps you manually add display under the Custom tab.
To add apps to Exploit Protection:
- Click the Custom tab.
- Click Add. This opens a new window.
- Enter an app name in the Application name field.
- Click Browse to select the app file you want to add.
- Use the drop-down menu to select a Program type. If you are unsure of the type of program, select Other.
- Click the blue Add button to save your entry.
The entry appears under the Custom tab where you can toggle protection on or off. Hover your cursor over the entry and click the pencil icon to edit, or click the trash icon to delete the entry.
Click Advanced Settings to view and configure additional details of Exploit Protection. Use the check boxes to enable or disable protections for specific protection layers, and the tabs to change views between different protection categories. We recommend only changing advanced settings when requested by a Malwarebytes Support representative. Incorrect settings may result in impaired protection.
Return to the Malwarebytes for Windows guide.