- Feb 11, 2011
- 1,009
These might be of use to some. You can find them in the MBAM help file.
Malwarebytes Anti-Malware supports a variety of command line parameters, which can be used from either a command prompt, batch file or script. (Note: some of these parameters are available in the PRO version only.)
mbam.exe <parameters>
(where parameters is one or more of the following)
/errorsilent: suppresses all critical errors and writes the last error to <root-drive>\mbam-error.txt where <root-drive> is the hard drive where Windows is installed, also known as the System Drive.
Example:
mbam.exe /errorsilent will suppress all errors when the program is running.
/proxy <required server> <optional port> <optional username> <optional password>: allows the user to update through a proxy server. Leave blank to remove any proxy settings previously set.
Examples:
mbam.exe /proxy will remove the proxy settings.
mbam.exe /proxy proxy.com 80 will use proxy.com on port 80 with no credentials.
mbam.exe /proxy proxy.com 80 admin password will use proxy.com with the specified credentials.
/logtofolder <optional path>: allows the user to save all log files to the specified folder. If this folder does not exist, Malwarebytes Anti-Malware attempts to create it. If the path is blank, changes are reverted to default settings. These logs do not show up on the Logs tab.
Example:
mbam.exe /logtofolder C:\mbam_log_files will save all future log files to the location C:\mbam_log_files.
Note: Protection logs created by the protection module will be saved to the same location you select
/logtofile <optional path>: allows the user to save all log files to the specified file. If this file does not exist, Malwarebytes Anti-Malware attempts to create it. Newest entries are appended to top of the file. If the path is blank, changes are reverted to default settings. This log does not show up on the Logs tab.
Example:
mbam.exe /logtofile C:\mbam_log_files\mbam-log.txt will save all future log files to the location C:\mbam_log_files\mbam-log.txt.
Limitations: The path, in the above case C:\mbam_log_files, must exist. This option will not create folders if they don't exist, only the log file.
Note: Protection logs created by the protection module will always still only be saved to the default location
/register: allows the user to register the program without displaying the main dialog box.
Examples:
mbam.exe /register 12345-67890 AAAA-BBBB-CCCC-DDDD will register the product using the license key passed in the parameters.
Limitations: Protection must be enabled using the program user interface if it is to be enabled before the system restarts.
/developer: this command line parameter is used to execute the program in developer mode and will create a log with encrypted information on items detected in a scan. It is used for reporting false positives and allows the researchers to determine why an item is being detected.
Example: mbam.exe /developer will start the program with detailed detection information.
Note: When reporting a false positive, please be sure to use the /developer switch and provide the resulting log to the researchers.
/update <optional -silent>: allows the user to update the product and database.
Examples:
mbam.exe /update will attempt to update the database or program, depending on settings.
mbam.exe /update -silent will attempt to update the database or program silently. The -silent switch will not function in the Free version.
/scan <optional -quick or -full or -flash> <optional -silent> <optional -remove> < optional -terminate> <optional -reboot> <optional -log>: initiates a scan with the selected options.
Parameters:
-quick: initiates a quick scan.
-full: initiates a full scan using saved drives in the registry.
-flash: initiates a flash scan of memory and heuristics only.
-terminate: closes the program after a scan completes and no threats were found (cannot be used with -silent). If an item is detected, the program remains open so that the user can decide whether or not to remove the detected threat(s). The -terminate switch will not function in the Free version.
-log: overrides the save log checkmark on the settings tab. If the Automatically save log after scan completes option is unchecked, a log file will still be saved when the -log parameter is used.
-silent: hides the GUI while scanning (does not need to be used with -terminate). The -silent switch will not function in the Free version.
-reboot: reboots the computer if necessary, only valid if -remove is used. The -reboot switch will not function in the Free version.
-remove: automatically removes threats and saves a log file. Unless -silent is specified, GUI stays open. The -remove switch will not function in the Free version.
Examples:
mbam.exe /scan will run a default scan.
mbam.exe /scan -full will run a full scan.
mbam.exe /scan -flash -terminate will run a flash scan and terminate if no objects are detected.
mbam.exe /scan -quick -log -silent -remove -reboot will run a quick scan silently, save logs, automatically remove threats, and reboot if necessary.
Limitations:
-terminate parameter cannot be used with the -silent parameter since the program will automatically terminate when the -silent parameter is used.
-reboot parameter is only valid if used with the -remove parameter.
/schedule <options /update or /scan -quick or /scan -full or /scan -flash> <options /realtime or /hourly or /daily or /weekly or /monthly or /once or /onreboot>: these items allow the user to choose the frequency for the scheduled update or scan to occur:
<optional /starting mm/dd/yyyy hh:mm:ss>: this item allows the user to set the time for the scheduled scan or update to start.
For /realtime omit this - the current time is assumed.
For /random - this item selects a random time to set the scheduled scan or update to occur. /random may only be used with /hourly or /daily and randomizes the Hour and Minute or Hour and Minute and Second respectively
Limitations: Not supported with /onreboot for scans or /realtime or /onreboot for updates.
<optional /every X where X is a number for the frequency of the scan or update to occur, this is required for every option except /monthly,/once and /onreboot> <optional /recover X where X is the number of hours for the scan or update to attempt to run again if the computer was unavailable during the scheduled time, this is not valid with /onreboot or /realtime>
<optional /wakefromsleep>: may be used with a scan or an update. Malwarebytes Anti-Malware will attempt to wake the computer from sleep to perform the scheduled scan or update.
Limitations: Not supported with /onreboot for scans or /realtime or /onreboot for updates.
<optional /flash executes a Flash Scan after a successful update
Note: only used with /update>
Examples:
/schedule /scan -quick -remove -terminate -log /daily /starting 08/10/2010 23:00:00 /every 1 /silent /wakefromsleep will schedule silent daily Quick Scan starting on August 10th, 2010 at 11:00PM that will repeat every 1 day, remove threats, reboot if necessary, force the creation of a scan log and will attempt to wake the computer from sleep to perform the scan.
/schedule /update /flash /realtime /every 5 will schedule an update to occur in real-time once every 5 minutes and set a Flash Scan to occur after each successful update.
/unschedule <optional /all or /all -update or /all -scan>.
Note: You can remove individual scans or updates by not including the /all switch and specifying the exact switches used to create the scan or update
/all removes all scheduled scans and updates.
/all -update removes all scheduled updates.
/all -scan removes all scheduled scans.
Examples:
/unschedule /all will delete all scheduled updates and scans
/unschedule /all -scan will delete all scheduled scans
/unschedule /all -update will delete all scheduled updates
/unschedule /scan -quick -remove -terminate -log /daily /starting 08/10/2010 23:00:00 /every 1 /silent will delete a scheduled silent daily Quick Scan that was set to start on August 10th, 2010 at 11:00PM that was set to repeat every 1 day, remove threats, reboot if necessary, and force the creation of a scan log.
/unschedule /update /flash /realtime /every 5 will delete a scheduled update that was to occur in real-time once every 5 minutes and with a Flash Scan set to occur after each successful update.
/setpassword sets or changes the password to access certain features of the product. Quotes are required around the password you wish to set if it contains any non alpha-numeric characters and the actual character " is not allowed within the password itself.
Examples:
/setpassword "malwarebytes" sets the password to malwarebytes
/setpassword "newpassword" "oldpassword" changes the password from oldpassword to newpassword
/setpassword "P^@" sets the password to P^@
/clearpassword <password>: removes the password.
Examples:
/clearpassword "malwarebytes" removes all password protection if the password was malwarebytes
/clearpassword "P^@" removes all password protection if the password was P^@
