Malwarebytes continually blocks a program

July 23, 2022

We’ve used Malwarebytes Anti-Malware (MBAM) for years and have never had a problem with it conflicting with a particular piece of software on one computer. Until last week, when MBAM decided it didn’t like this software (after years of playing nice together) and decided to quarantine it as soon as we tried to open and run the software. We restored it from quarantine and made sure it was in the Allow List (it was), but it continued to get zapped by MBAM.

A quick internet search didn’t yield any answers that matched our circumstances, so I reached out to the MBAM support team. They were prompt in getting back to me, and with a solution that seems to have worked. This information is for me in case it happens again, and for anyone else who has a problem with a legitimate piece of software getting quarantined by MBAM. The critical steps that I hadn’t done were restarting the computer (twice) AND the second set of steps below. I’ve paraphrased the information I got from MBAM support:

If MBAM is removing something that it shouldn’t, then you can restore it from quarantine:

  1. Open Malwarebytes.
  2. In the Detection History panel on the left, click Total items in quarantine.
  3. Select the checkbox of each detection you wish to restore.
  4. Click Restore.
  5. Restart the computer to complete the restore process.

To prevent MBAM from removing the files again, you need to exclude them from detection:

  1. Open Malwarebytes.
  2. Click Scan to run a threat scan (this can take several minutes).
  3. When the scan is complete, you need to verify each of the items detected. If there are some you want to keep, clear their checkboxes. (In our case, 9 items were detected, all related to this software we wanted to use—the EXE file, the taskbar and desktop shortcuts, a registry item, and a couple of others)
  4. Click Next.
  5. MBAM will ask what you want to do with the unchecked items—select Ignore Always.
  6. Restart the computer for the changes to take effect.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: