What is mbam?

The genuine mbam.sys file is a software component of Malwarebytes by Malwarebytes.
Malwarebytes Is a suite of security applications that protect computers against malware, spyware, rootkits, and vulnerability exploits. Mbam.sys is a driver file that belongs to Malwarebytes Anti-Malware. This is not a critical Windows component and may be removed if known to cause problems, however, removing this file may cause problems while running Malwarebytes.

Malwarebytes is a security software suite that is comprised of four independent modules, namely: anti-malware, anti-ransomware, anti-exploit, and malicious website protection. The modules automatically detect and remove threats that may be known or unknown to the user. The program was first released in 2006 and is currently available as two versions: free and paid. The latter provides additional security features and layers of protection. Malwarebytes supports the Windows, Mac OS X, and Android platforms.

Malwarebytes is an American company that develops Internet security software specialized for home users. Malwarebytes was informally founded in 2004 by founder Marcin Kleczynski while working as a computer technician during his teenage years. The company was incorporated in 2008 along with co-founder, Bruce Harrison, and went on to reportedly make $600,000 in their first year despite the duo never having met personally. The company claimed to have removed 5 billion pieces of malware by 2013. Malwarebytes is currently headquartered in Santa Clara, California, USA.

MbAM stands for Malwarebytes Anti-Malware system driver

Mbam.sys is a Windows driver. A driver is a small software program that allows your computer to communicate with hardware or connected devices. This means that a driver has direct access to the internals of the operating system, hardware etc. The free file information forum can help you determine if mbam.sys is a Windows system file or if it belongs to an application that you can trust.

Run a free scan to check for mbam drivers in need of updating

Mbam.sys file information

The process known as Malwarebytes Anti-Malware or MBAMProtector or Malwarebytes Real-Time Protection belongs to software MBAMProtector or Malwarebytes Anti-Malware version or Malwarebytes' Anti-Malware or MBAMProtection by Malwarebytes (

Description: Mbam.sys is not essential for the Windows OS and causes relatively few problems. Mbam.sys is located in the C:\Windows\System32\drivers folder. Known file sizes on Windows 10/8/7/XP are 22,856 bytes (57% of all occurrences) or 23,256 bytes. 
The driver can be started or stopped from Services in the Control Panel or by other programs. The program has no visible window. You can uninstall this program in the Control Panel. It is digitally signed. Mbam.sys is not a Windows core file. The file is a Verisign signed file. There is no detailed description of this service. mbam.sys appears to be a compressed file. Therefore the technical security rating is 8% dangerous; but you should also compare this rating with the user reviews.

Uninstalling this variant: If you have any problems with mbam.sys, you may also uninstall the associated program (Start > Control Panel > Uninstall a Program > Malwarebytes Anti-Malware Version) or visit the website.

Recommended: Identify mbam.sys related errors

Important: Some malware disguises itself as mbam.sys, particularly when not located in the C:\Windows\System32\drivers folder. Therefore, you should check the mbam.sys process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer's security. This was one of the Top Download Picks of The Washington Post and PC World.


User Comments

part of Malwarebytes┬┤ Anti-malware
  me   (further information)
seems to be needed if you have Malware-bytes┬┤ Anti-malware

Summary: Average user rating of mbam.sys: based on 2 votes with 2 user comments. One user thinks mbam.sys is essential for Windows or an installed application. One user thinks it's neither essential nor dangerous.

Do you have additional information? Help other users!

Best practices for resolving mbam issues

A clean and tidy computer is the key requirement for avoiding problems with mbam. This means running a scan for malware, cleaning your hard drive using 1cleanmgr and 2sfc /scannow, 3uninstalling programs that you no longer need, checking for Autostart programs (using 4msconfig) and enabling Windows' 5Automatic Update. Always remember to perform periodic backups, or at least to set restore points.

Should you experience an actual problem, try to recall the last thing you did, or the last thing you installed before the problem appeared for the first time. Use the 6resmon command to identify the processes that are causing your problem. Even for serious problems, rather than reinstalling Windows, you are better off repairing of your installation or, for Windows 8 and later versions, executing the 7DISM.exe /Online /Cleanup-image /Restorehealth command. This allows you to repair the operating system without losing data.

To help you analyze the mbam.sys process on your computer, the following programs have proven to be helpful: ASecurity Task Manager displays all running Windows tasks, including embedded hidden processes, such as keyboard and browser monitoring or Autostart entries. A unique security risk rating indicates the likelihood of the process being potential spyware, malware or a Trojan. BMalwarebytes Anti-Malware detects and removes sleeping spyware, adware, Trojans, keyloggers, malware and trackers from your hard drive.

Other processes

mbam.sys [all]