Getting Started - First Time Use
When you first use Toolset (MBTS), you will need internet access to allow it to validate your license key and you should update all components.
-
Download Toolset with your license key pre-injected using the URL contained in your confirmation email.
-
Extract the MBTS_X.X.X.XXXX.zip package file to the root of a USB flash drive or a dedicated directory within a USB Flash Drive.
Note: Ensure the path where the Toolset is extracted to does not include any ASCII/UNICODE extended set characters.
-
Double click MBTSLauncher.exe from the extracted package.
-
Once the Toolset launches and validates your license, go to Toolbox > MyTools > Check for Updates
-
Download all available updates
For additional information on the features of Toolset and how to use them, please see the latest Toolset User Guide and Issue Scanner Technical Reference.
How do I manually download Toolset?
You can download the latest build of Toolset using the URL in your confirmation email. If needed, use the syntax below to manually obtain Toolset with your product key pre-injected:
-
Standard Download - https://toolset.malwarebytes.com/file/mbts/YOUR-PRODUCT-KEY
-
Full Download - https://toolset.malwarebytes.com/file/mbts_full/YOUR-PRODUCT-KEY
Alternatively, there are generic URLs if the auto-injection system is down/not working correctly.
-
Standard Download (No Key) - https://toolset.malwarebytes.com/file/mbts
-
Full Download (No Key) - https://toolset.malwarebytes.com/file/mbts_full
What is the difference between the Standard and Full download of Toolset?
The Standard download is a smaller package with only the following core components:
- Toolset (Inform, Network Devices Scanner, Portable Scanner, Issue Scanner, and Toolbox)
Additional standalone components can be downloaded as needed when they are executed via the Toolbox or downloaded using the MBTS Updater by going to Toolbox > MyTools > Check for Updates.
The Full download is a larger package with the following core and standalone components:
-
Toolset (Inform, Network Devices Scanner, Portable Scanner, Issue Scanner, and Toolbox)
-
Breach Remediation v2 CLI
-
Breach Remediation v3 CLI
-
AdwCleaner
-
Anti-Bundleware
-
Anti-Rootkit
-
Security for Windows (installer)
-
Support Tool
-
Fab’s AutoBackup Pro v7
How do I update the components of the Toolset?
The Toolset checks for a new release at launch. If one is available, an orange notification banner appears with an option to start an in-place update. For all other components or to manually update, use the MBTS Updater by doing the following:
-
If you have not already done so, launch Toolset
-
Click on the Toolbox component.
-
Go to MyTools and click Check for Updates (aka the MBTS Updater)
-
Select the components you want to update then click Download
-
Follow any additional steps presented.
Any Toolbox item supported by the MBTS Updater can also be updated upon launch. If there is a new version, you have the option to download and use that one OR continue to use the older version.
How do I run a malware scan?
We include a portable version of the security product, the Portable Scanner. To use it, perform the following:
-
If you have not already done so, launch Toolset
-
Click on the Scan component.
-
Click Scan for Malware.
-
Follow any additional steps presented.
By default, a malware scan will always prompt if you want to kill non-essential processes, check for database updates, and perform a Threat scan. If you want to change this default behavior, click on the Settings icon (it looks like a gear) and select Edit Default Scan.
If you want to perform a one-time custom scan, click the Custom Scan button and select the scan options you want to use.
How do I update the malware database/definitions?
By default, we always check for updates when you run a malware scan. Since you may be in situations with no internet access, we highly recommend updating the database/definitions at least once a day on an internet connected PC. You can accomplish that two ways:
-
If you have not already done so, launch Toolset
-
Click on the Scan component.
-
Click the Settings/gear icon next to Breach Remediation and select Run Manual Update
-
Follow any additional steps presented.
OR
-
If you have not already done so, launch Toolset
-
Click on the Toolbox component.
-
Go to MyTools and click Check for Updates (aka the MBTS Updater)
-
Select the Rules component and then click Download
-
Follow any additional steps presented.
How do I scan for malware via Command-Line?
The Portable Scanner and Issue Scanner can be launched from the command line by passing /scan:malware or /scan:issues respectively to MBTS.exe or MBTSLauncher.exe. Below are examples of this:
- Portable Scanner
- MBTSLauncher.exe/scan:malware
- MBTS.exe/scan:malware
- Issue Scanner
- MBTSLauncher.exe/scan:issueso
- MBTS.exe/scan:issues
If you need additional automation or scripting capabilities for malware scans, a Breach Remediation (MBBR) for Windows CLI is included with Toolset. You can find it in the Toolbox under the Remediate section or in the directory structure at the following locations:
- Malwarebytes\MBBRv3\x64\mbbr.exe
- Malwarebytes\MBBRv3\x86\mbbr.exe
- Malwarebytes\MBBRv2\mbbr.exe
Does the Toolset and/or Breach Remediation support offline usage?
Both products support offline usage. Just make sure the Toolset has been validated (required on first use) and updated then you can use it offline for 7 days with version 1.3 and 15 days with version 1.4+. If you are only using the Breach Remediation CLI utility, it supports 15 days of offline usage.
How do I scan and export with Inform from Command-Line?
You can perform an Inform Export silently from the command line by passing the following arguments to MBTS.exe or MBTSLauncher.exe:
- /scan:inform /LogFile:”Path to file” - Silently runs an Inform operation and outputs the results in plain text to the file specified.
- If /LogFile is not specified, then the exported text file is saved to the following location: %UserProfile%\Desktop\Inform_%COMPUTERNAME%_%DATE&TIME%.txt
- If only a file name is specified for /LogFile (e.g. "Inform Log File.log"), then the specified file will be saved to %MBTS_ROOT% (aka the directory where MBTSLauncher.exe is stored).
How do I use AdwCleaner?
AdwCleaner is included as a standalone component designed to remove adware, toolbars, and more. You can run it by doing the following:
-
If you have not already done so, launch Toolset
-
Click on the Toolbox component.
-
Go to Remediate and click on AdwCleaner
-
Follow any additional steps presented.
How do I use Anti-Bundleware?
Anti-Bundleware is a standalone tool designed to remove unneeded bundled software and junkware. You can use it by doing the following:
-
If you have not already done so, launch Toolset
-
Click on the Toolbox component.
-
Go to Remediate and click on Anti-Bundleware Scanner Beta
-
Follow any additional steps presented.
How do I scan for local network devices?
Toolset includes a Network Devices scanner to perform a detailed local network device inventory scan. To use it, perform the following:
-
If you have not already done so, launch Toolset.
-
Click on the Inform component.
-
Go to Network then click Start Scan under Network Discovery
-
Follow any additional steps presented.
How do I scan for SMART Attribute and Disk Errors of a disk drive?
The Disk Drive Issue Scanner of the Issue Scanner performs this function. Please note that only failures or issues will be presented, but you can see the full details by clicking on the Scan Report. To use the Issue Scanner, perform the following:
-
If you have not already done so, launch Toolset
-
Click on the Scan component.
-
Click on Scan for Issues
-
Follow any additional steps presented.
For additional information on the Issue Scanner, please see the latest Issue Scanner Technical Reference.
How do I add tools?
The MyTools component of Toolset allows you to bring along additional tools, scripts, and batch files in to the UI.
-
If you have not already done so, launch Toolset
-
Click on the Toolbox component.
-
Go to MyTools and click MyTools Editor
-
Click the + icon to add a tool
-
To import a directory of tools, click the Batch import button instead (looks like a download icon)
-
- Complete the Create Tool form and click Save
For more details on how to use the MyTools feature, including advanced features like variables and batch tool importing, check out the latest Toolset User Guide.
How do I access the Toolset if I have forgotten my Startup Password?
You can recover access by doing the following:
-
Delete the Toolset license file at "\Malwarebytes\MBTS\Data\Configuration\mbts-license.dat"
-
Relaunch the Toolset
-
Enter your Toolset license key and click Verify
Are There Command Line options for running Toolset?
Yes, command line options are available to utilize some components of Toolset quickly for automation and/or scripting purposes. These options can be passed to MBTSLauncher.exe or MBTS.exe. Below is a list of those options and their applicable syntax:
- /password:”Your Startup Password” - Suppress prompt for your Startup Password.
- /scan:inform /LogFile:”Path to file” - Silently runs an Inform operation and outputs the results in plain text to the file specified.
- If /LogFile is not specified, then the exported text file is saved to the following location:
%UserProfile%||Desktop||Inform_%COMPUTERNAME%_%DATE&TIME%.txt - If only a file name is specified for /LogFile (e.g. "Inform Log File.log"), then the specified file will be saved to %MBTS_ROOT% (aka the directory where MBTSLauncher.exe is stored).
- If /LogFile is not specified, then the exported text file is saved to the following location:
- /scan:malware - Scans for malware with the Portable Scanner using the current Default Scan settings. These settings can be changed using the MBTS.exe GUI (Scan > Settings icon > Edit Default Scan).
- /scan:issues – Scans for issues with the Issue Scanner.
- /repair:network – Performs a Network Reset.
- /repair:wmi – Performs a WMI Reset.
- /toolbox:”Name of Tool” – Launches the specified tool in quotes from the Toolbox or MyTools.
- /LogLevel:<0-5> – Launches Toolset with a specified logging level output for the “DebugLogging.txt” file. This is used for troubleshooting the Portable Scanner. The default loglevel is 1 (ERRORS) and is used if no log level is specified. The following is a definition of each log level:
- 0-none
- 1 – Events marked as Errors only are logged
- 2 – Events marked as Errors and Warnings are logged
- 3 – Events marked as Errors, Warnings, and Info are logged
- 4 – Events marked as Errors, Warnings, Info, and Debug are logged
- 5 – Events marked as Errors, Warnings, Info, Debug, and Trace are logged
- The DebugLogging.txt file is stored in the following locations depending on the architecture of the operating system:
- 64-Bit (x64) - Malwarebytes||MBTS||x64||DebugLogging.txt
- 32-Bit (x86) - Malwarebytes||MBTS||DebugLogging.txt
Note: MBTS.exe and MBTSLauncher.exe are not a console applications. They will not send output to the console window once they execute.
How do I get technical support?
Please start a new topic in the Toolset area of the Forums (Malwarebytes Techbench > Toolset) or email our team the details at techbench@malwarebytes.com.