The Malwarebytes Support Tool command line version is used to cleanup and remove Malwarebytes business products including their files, settings, and license information. Consult with Malwarebytes support before running the support tool or try removing Malwarebytes software by using the Malwarebytes Nebula console. For more information, see Delete endpoints in Nebula.
To remove Malwarebytes software from a Windows endpoint, download the Support Tool, then run it from the Command Prompt. In the Command Prompt, you can use switches to specify how you want to remove the Malwarebytes software. A list of switches and instructions on how to use them are in this article.
Note: Before running the Malwarebytes Business Support Tool, it is recommended to do the following:
- Disable Self-Protection Module in Malwarebytes Nebula policy settings.
- Disable Tamper Protection in Malwarebytes Nebula policy settings.
- Disable Tamper Protection in Windows Security settings if Malwarebytes is not registered in Windows Action Center.
If Tamper Protection cannot be disabled, removal may not occur or may require additional steps. If you have forgotten your Tamper Protection Password, use our Nebula Discovery & Deployment tool to remove Malwarebytes. You will need an admin's Nebula console credentials.
If you require additional assistance after performing the steps below, contact Support.
Download and run the Malwarebytes Business Support Tool
- Click here to download the latest version of Malwarebytes Business Support Command Line Tool and save it to the desktop.
- Open Command Prompt as an administrator.
- In the command window, type in cd C:\Users\(name of username)\desktop or cd %userprofile%\desktop
- Run the following command to clean the Malwarebytes agent when Tamper Protection is disabled:
- mbstcmd-1.0.12.251.exe /y /cleanup /noreboot /nopr
- Reboot the endpoint.
- Verify the following directories are removed. If they are not, remove them manually:
- C:\Program Files\Malwarebytes Endpoint Agent
- C:\ProgramData\Malwarebytes Endpoint Agent
- C:\Program Files\Malwarebytes
- C:\ProgramData\Malwarebytes
Watch this video to run the Malwarebytes Business Support Tool:
Command line switches
Here is a list of switches you can use to execute the Malwarebytes Business Support Tool:
- /y
- Accepts the EULA. Without this command you will not be able to run the tool.
- /cleanup
- Uninstalls all versions of Malwarebytes products it finds on the machine.
- Does not reinstall or reactivate the Malwarebytes installation.
- Generates output (mbst-clean-results.txt) to the directory where the Support Tool was run from.
- Forces a reboot to perform post-reboot cleanup.
- Forces a reboot to perform post-reboot cleanup if /noreboot is removed.
- See the example below for using the tool with the Nebula Endpoint Agent or Endpoint Security.
- /noreboot
- Optional: Prevents unscheduled reboots after cleanup. Recommended for Servers.
- /nopr
- Optional: Ensures there is no post reboot cleanup.
- The Post Reboot Cleanup execution is intended to run subsequent to a reboot.
- If the /nopr switch is used prior to reboot, re-running the tool before a reboot will trigger the post-reboot operation prematurely and attempts to remove files still in use, or locked by the operating system.