Malwarebyes corporation has released beta version of anti-rootkit, Malwarebytes Anti-Rootkit (MBAR) for public testing and feedback. MBAR is standalone tool, no installation is required -scans for Rootkits in drivers, Master Boot Records (MBRs), and Volume Boot Records (VBR). Malwarebytes boasts their anti-Rootkit tool can detect and remove most sophisticated rootkits. MBAR uses same Malwarebytes Chameleon technologies which MBAM uses to protect from modification or removal by malware.

Malwarebytes Anti-Rootkit to delete latest Rootkits and Repair damage caused by them

Using Malrwarebytes Anti-Rootkit:

1. Download the program zip file, extract its contents to a folder. Better you create a MBAR folder and extracts files into it.

2. Run mbar.exe, and click Next on wizard and update the database (internet connection is required).

3. Once the database with current malware definitions are downloaded, click “Next” and start the scanning.

Malwarebytes Anti-Rootkit scan progress

4. Scan process may take a while, once the scan is finished, if threats are detected click on “Cleanup” to remove them and restart the System.

Use cleanup button to remove detected rootkits by MBAR

What to do if System settings and services not work after cleanup/with the use of the tool?

5. If no threats were found during the scan, restart the Computer and make sure crucial system services like Windows Update and Windows Firewall are functioning as usual if not, restore internet connectivity and fix other above mentioned issues with fixdamage.exe tool that can found in MBAR folder. You need to restart your Computer after running this tool.

Link between Malwarebytes Anti-malware and Malwarebytes Anti-Rootkit

MBAR stores quarantined items at location which MBAM stores its quarantined items, this new tool uses MBAM’s Ignore list also. So to manage Quarantine and Ignore List user has no option but to install MBAM on his Computer.

MBAR is in beta, has been tested by Malwarebytes and proven to be effective against some well known Rootkits. Use this tool at your own risk.