If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#46
|
|||
|
|||
Malwarebytes warning
On 23/11/2015 12:52, Ken1943 wrote:
On Mon, 23 Nov 2015 05:25:29 -0500, Paul wrote: Ken1943 wrote: On Mon, 23 Nov 2015 05:58:18 +0000 (GMT), "Rodney Pont" wrote: On Sun, 22 Nov 2015 21:41:46 -0700, Ken1943 wrote: I don't see any option in MBAM about "registry repair". It's on the Tools menu. There is no registry repair or tools menu in Malwarebytes. It doesn't do that stuff. There's no Tools menu in mine either. I wonder where it came from? Since Windows 7 took the brunt of upgrades from XP, the newsgroup jerks have also moved in. Windows 10 group also. Ken1943 I hope you guys aren't mixing up the MBAM free one-time scanner interface, with the paid real-time protection version of MBAM. What if the interfaces were different ? Paul As far as I know, it is the same download/program with protection turned off/on. Agreed. And I agree there is no Tools menu. (I have the paid version of Malwarebytes Anti-Malware) -- Brian Gregory (in the UK). To email me please remove all the letter vee from my email address. |
Ads |
#47
|
|||
|
|||
Malwarebytes warning
On 23/11/2015 22:13, FredW wrote:
On Mon, 23 Nov 2015 12:33:32 -0700, "Buffalo" wrote: "Ken1943" wrote in message ... I agree that a person should never let any antivirus or anti-malware program removed everything it finds. I have had items detected as malware by MBAM, SAS, Avira,AdwCleaner and others and I am glad I didn't let 'them' fix everything they find. I have a lot of friends who just let their 'protective' programs do whatever they want, and those same folks don't make backups, and yet, they seem to be doing fine. How? It is beyond me! Can MBAM 'fix' problems and cause some programs to not function at all or not properly, YES!!! But, so can almost any other great anti-virus or great anti-malware program. Every so often in the Malwarebytes forum I see Malwarebytes cleaned my computer and now the thing is broken. Malwarebytes has a setting Automatically Quarantine Detected Items I told the powers that be that it should not be checked. "It is there for users that don't know anything" I gave up on that idea Ken1943 I agree with you on that. I make sure I have mine unchecked also, and I check it (to make sure it is still unchecked) after every engine update. + 1 Wait. You make sure threats aren't quarantined!??? Why? -- Brian Gregory (in the UK). To email me please remove all the letter vee from my email address. |
#48
|
|||
|
|||
Malwarebytes warning
| Would you not set PUP and PUM to to be 'fixed' automatically?
I wouldn't let MB fix it automatically, but what I'm saying is that I think most people would, yes. That's why I was warning about it, after seeing how relatively reckless MB is in its assessments. |Even if I saw | the thing it was warning against I still wouldn't have a clue. As others are saying, I think one needs to research whatever MB or even AV wants to fix. They tend to have a very official, melodramatic, even frightening presentation. But worst of all, they also have a dogmatic presentation, giving the impression that they know exactly what they're dealing with. Yet they don't offer to share that information with you. Why not? It seems common sense to me that their database should include blurbs about the claimed malware. By not including such information they're assuming you're not capable of thinking for yourself. You can usually find out a lot by doing searches on malware names and unique strings, like Registry addresses. But it can be tricky. My own experience presents an interesting case. Four of the Registry settings MB wanted to delete were settings that I added deliberately and wanted to be there. That was easy to decide. But most people who add such tweaks would not recognize the associated Registry keys. One, for instance, stops IE (and possibly Firefox) from interfering with downloads of ZIP, EXE, or other potentially executable file types. It stops the irritating behavior of blocking your download and showing a message that claims something like, "your current security settings do not allow downloading this file." Most people who applied that tweak probably don't know how they did it, so they won't know that MB is proposing to remove it. The EXE that MB wanted to remove is an important item that provides disk imaging for BootIt, my boot/partition/imaging utility. But it's just called image.exe, so I didn't immediately know what MB was proposing to delete. Most people wouldn't, except in the case of something like "notepad.exe". The other 5 Registry warnings that MB gave me were far less obvious. MB claimed it was dangerous hijacking software called RegSort. All I could find out about RegSort was from one or two sites that claimed to offer software to remove it. Adding to the mystery, the 5 Registry settings attributed to this RegSort were at worst useless. None was potentially harmful. For example, one was a duplicate COM ID for Microsoft's DirectMovie control. Anyone not familiar with Microsoft's system for finding COM objects through the Registry will not understand that key. What it means in practice is that with that key in place I can use either of 2 COM GUIDs to embed a movie control on a webpage, though only on my computer, while normally only one such GUID will work: object id="movie" classid="clsid:1234567ABCD....." object id="movie" classid="clsid:ABCD1234567......" Those numbers are just examples. The long and the short of it is that the duplicate key has no function and carries no risk. It's remotely possible that some quirky but legitimate software put it there, so I'm not going to worry about it. The other 4 "RegSort" settings are also harmless but could possibly serve a purpose, so I also left those in place. With all 5, most people never would have found enough information to make an informed decision. I only figured out enough to know the settings are not a risk. Is RegSort real? Were the MB people fooled into listing it by dubious threat removal software makers? I don't know. I do know that I've never installed RegSort, and that the alleged damage it does is pointless and harmless. So... When you get warnings you just have to hope that someone out there has dealt with what you're dealing with and has written about it.... Then you also have to hope they know what they're talking about. |
#49
|
|||
|
|||
Malwarebytes warning
Mayayana wrote on 11/28/2015 4:12 PM:
As others are saying, I think one needs to research whatever MB or even AV wants to fix. They tend to have a very official, melodramatic, even frightening presentation. But worst of all, they also have a dogmatic presentation, giving the impression that they know exactly what they're dealing with. Yet they don't offer to share that information with you. Why not? It seems common sense to me that their database should include blurbs about the claimed malware. By not including such information they're assuming you're not capable of thinking for yourself. snip So... When you get warnings you just have to hope that someone out there has dealt with what you're dealing with and has written about it.... Then you also have to hope they know what they're talking about. So what's the alternative, not using an A-M or A-V program at all? |
#50
|
|||
|
|||
Malwarebytes warning
| So... When you get warnings you just have to hope that
| someone out there has dealt with what you're dealing with | and has written about it.... Then you also have to hope they | know what they're talking about. | | So what's the alternative, not using an A-M or A-V program at all? I don't use them and haven't for many years. I don't think that's a solution for everyone. But everyone can use them "with a grain of salt". I guess I'd be inclined to think of them like a smoke alarm. They're not particularly intelligent. They're monitors. If you don't have the expertise and the willingness (by disabling javascript, for instance) to avoid malware then it's good to at least have an early warning system. On the other hand, you don't want the sprinklers to go on and flood your house every time you burn toast. Ideally you only need the smoke alarm to be alert when you're not. If I were going to use them myself I'd drastically reduce their functionality. Defaults that scan everything at boot and scan every process seem wasteful to me. I don't see any reason to scan other than new files or unrecognized processes. But I guess that -- the issue of resource usage -- is really a whole other issue. |
#51
|
|||
|
|||
Malwarebytes warning
Mayayana wrote on 11/28/2015 8:03 PM:
| So... When you get warnings you just have to hope that | someone out there has dealt with what you're dealing with | and has written about it.... Then you also have to hope they | know what they're talking about. | | So what's the alternative, not using an A-M or A-V program at all? I don't use them and haven't for many years. I don't think that's a solution for everyone. But everyone can use them "with a grain of salt". I guess I'd be inclined to think of them like a smoke alarm. They're not particularly intelligent. They're monitors. If you don't have the expertise and the willingness (by disabling javascript, for instance) to avoid malware then it's good to at least have an early warning system. On the other hand, you don't want the sprinklers to go on and flood your house every time you burn toast. Ideally you only need the smoke alarm to be alert when you're not. If I were going to use them myself I'd drastically reduce their functionality. Defaults that scan everything at boot and scan every process seem wasteful to me. I don't see any reason to scan other than new files or unrecognized processes. Are you talking about real-time or a scheduled scan? |
#52
|
|||
|
|||
Malwarebytes warning
"Mayayana" wrote in message ...
| Would you not set PUP and PUM to to be 'fixed' automatically? I wouldn't let MB fix it automatically, but what I'm saying is that I think most people would, yes. That's why I was warning about it, after seeing how relatively reckless MB is in its assessments. |Even if I saw | the thing it was warning against I still wouldn't have a clue. As others are saying, I think one needs to research whatever MB or even AV wants to fix. They tend to have a very official, melodramatic, even frightening presentation. But worst of all, they also have a dogmatic presentation, giving the impression that they know exactly what they're dealing with. Yet they don't offer to share that information with you. Why not? It seems common sense to me that their database should include blurbs about the claimed malware. By not including such information they're assuming you're not capable of thinking for yourself. You can usually find out a lot by doing searches on malware names and unique strings, like Registry addresses. But it can be tricky. My own experience presents an interesting case. Four of the Registry settings MB wanted to delete were settings that I added deliberately and wanted to be there. That was easy to decide. But most people who add such tweaks would not recognize the associated Registry keys. One, for instance, stops IE (and possibly Firefox) from interfering with downloads of ZIP, EXE, or other potentially executable file types. It stops the irritating behavior of blocking your download and showing a message that claims something like, "your current security settings do not allow downloading this file." Most people who applied that tweak probably don't know how they did it, so they won't know that MB is proposing to remove it. The EXE that MB wanted to remove is an important item that provides disk imaging for BootIt, my boot/partition/imaging utility. But it's just called image.exe, so I didn't immediately know what MB was proposing to delete. Most people wouldn't, except in the case of something like "notepad.exe". The other 5 Registry warnings that MB gave me were far less obvious. MB claimed it was dangerous hijacking software called RegSort. All I could find out about RegSort was from one or two sites that claimed to offer software to remove it. Adding to the mystery, the 5 Registry settings attributed to this RegSort were at worst useless. None was potentially harmful. For example, one was a duplicate COM ID for Microsoft's DirectMovie control. Anyone not familiar with Microsoft's system for finding COM objects through the Registry will not understand that key. What it means in practice is that with that key in place I can use either of 2 COM GUIDs to embed a movie control on a webpage, though only on my computer, while normally only one such GUID will work: object id="movie" classid="clsid:1234567ABCD....." object id="movie" classid="clsid:ABCD1234567......" Those numbers are just examples. The long and the short of it is that the duplicate key has no function and carries no risk. It's remotely possible that some quirky but legitimate software put it there, so I'm not going to worry about it. The other 4 "RegSort" settings are also harmless but could possibly serve a purpose, so I also left those in place. With all 5, most people never would have found enough information to make an informed decision. I only figured out enough to know the settings are not a risk. Is RegSort real? Were the MB people fooled into listing it by dubious threat removal software makers? I don't know. I do know that I've never installed RegSort, and that the alleged damage it does is pointless and harmless. So... When you get warnings you just have to hope that someone out there has dealt with what you're dealing with and has written about it.... Then you also have to hope they know what they're talking about. That goes for basically any of the top anti-virus or anti-malware programs out there, but you seem to be singling MBAM out. I don't give my anti-virus or anti-malware permission to do any deletions automatically, but I do want them to warn me. My anti-virus will attempt to stop the install or download and warn me. -- Buffalo |
#53
|
|||
|
|||
Malwarebytes warning
On 11/28/2015 8:05 PM, Buffalo wrote:
"Mayayana" wrote in message ... | Would you not set PUP and PUM to to be 'fixed' automatically? I wouldn't let MB fix it automatically, but what I'm saying is that I think most people would, yes. That's why I was warning about it, after seeing how relatively reckless MB is in its assessments. |Even if I saw | the thing it was warning against I still wouldn't have a clue. As others are saying, I think one needs to research whatever MB or even AV wants to fix. They tend to have a very official, melodramatic, even frightening presentation. But worst of all, they also have a dogmatic presentation, giving the impression that they know exactly what they're dealing with. Yet they don't offer to share that information with you. Why not? It seems common sense to me that their database should include blurbs about the claimed malware. By not including such information they're assuming you're not capable of thinking for yourself. You can usually find out a lot by doing searches on malware names and unique strings, like Registry addresses. But it can be tricky. My own experience presents an interesting case. Four of the Registry settings MB wanted to delete were settings that I added deliberately and wanted to be there. That was easy to decide. But most people who add such tweaks would not recognize the associated Registry keys. One, for instance, stops IE (and possibly Firefox) from interfering with downloads of ZIP, EXE, or other potentially executable file types. It stops the irritating behavior of blocking your download and showing a message that claims something like, "your current security settings do not allow downloading this file." Most people who applied that tweak probably don't know how they did it, so they won't know that MB is proposing to remove it. The EXE that MB wanted to remove is an important item that provides disk imaging for BootIt, my boot/partition/imaging utility. But it's just called image.exe, so I didn't immediately know what MB was proposing to delete. Most people wouldn't, except in the case of something like "notepad.exe". The other 5 Registry warnings that MB gave me were far less obvious. MB claimed it was dangerous hijacking software called RegSort. All I could find out about RegSort was from one or two sites that claimed to offer software to remove it. Adding to the mystery, the 5 Registry settings attributed to this RegSort were at worst useless. None was potentially harmful. For example, one was a duplicate COM ID for Microsoft's DirectMovie control. Anyone not familiar with Microsoft's system for finding COM objects through the Registry will not understand that key. What it means in practice is that with that key in place I can use either of 2 COM GUIDs to embed a movie control on a webpage, though only on my computer, while normally only one such GUID will work: object id="movie" classid="clsid:1234567ABCD....." object id="movie" classid="clsid:ABCD1234567......" Those numbers are just examples. The long and the short of it is that the duplicate key has no function and carries no risk. It's remotely possible that some quirky but legitimate software put it there, so I'm not going to worry about it. The other 4 "RegSort" settings are also harmless but could possibly serve a purpose, so I also left those in place. With all 5, most people never would have found enough information to make an informed decision. I only figured out enough to know the settings are not a risk. Is RegSort real? Were the MB people fooled into listing it by dubious threat removal software makers? I don't know. I do know that I've never installed RegSort, and that the alleged damage it does is pointless and harmless. So... When you get warnings you just have to hope that someone out there has dealt with what you're dealing with and has written about it.... Then you also have to hope they know what they're talking about. That goes for basically any of the top anti-virus or anti-malware programs out there, but you seem to be singling MBAM out. I don't give my anti-virus or anti-malware permission to do any deletions automatically, but I do want them to warn me. My anti-virus will attempt to stop the install or download and warn me. Methinks Mayayana is a mite paranoid :-)) Rene |
#54
|
|||
|
|||
Malwarebytes warning
| If I were going to use them myself I'd drastically
| reduce their functionality. Defaults that scan | everything at boot and scan every process seem | wasteful to me. I don't see any reason to scan | other than new files or unrecognized processes. | | Are you talking about real-time or a scheduled scan? I meant real time. When I've looked at AV settings the defaults usually seem to be set up to scan almost constantly. A lot of that seems unnecessary. And scheduled scans would also be unnecessary if there are real time scans. |
#55
|
|||
|
|||
Malwarebytes warning
| That goes for basically any of the top anti-virus or anti-malware programs
| out there, but you seem to be singling MBAM out. I don't have any axe to grind with MB. Until last week I'd never used it. I posted because 1) I had just tried it for the first time, 2) the warnings it came up with were both reckless and presumptuous, while providing no information and 3) I knew from reading this group that a lot of people depend on MB. I've often seen people recommend running it as the first line of defense when there's any sign of funny business. So I figured it was worth posting to point out to people that it might be risky to just trust the recommendations of MB. That's all. If your AV is as bad as what I found with MB then maybe you should post a warning. |
#56
|
|||
|
|||
Malwarebytes warning
In message , Rene Lamontagne
writes: On 11/28/2015 8:05 PM, Buffalo wrote: [] That goes for basically any of the top anti-virus or anti-malware programs out there, but you seem to be singling MBAM out. I don't give my anti-virus or anti-malware permission to do any deletions automatically, but I do want them to warn me. My anti-virus will attempt to stop the install or download and warn me. Methinks Mayayana is a mite paranoid :-)) Rene "Just because you're paranoid, doesn't mean they _aren't_ out to get you" ... (-: I think Mayayana's reaction is because, as he has said - and I'd agree - many on here _do_ seem to suggest it as the first thing to run when there is any sign of possible malware, to the extent that the _impression_ is given that it is something beyond just another AV (or whatever) type resource. (If it _is_, perhaps it would clear the air a bit if some would give an updated explanation of _how_ it differs from all the rest.) Perhaps Charlie+'s revelation that the current free MBAM user interface has been dumbed down. Charlie+, can the version you're using still be downloaded (and made to work with the latest signature files or whatever they're called)? -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf Thankfully, I know where the bodies are buried (the abandoned Television Centre, in the /Blue Peter/ Garden), ... - Eddie Mair, RT 2015/4/25 to 5/1 |
#57
|
|||
|
|||
Malwarebytes warning
"Mayayana" wrote in message ... | That goes for basically any of the top anti-virus or anti-malware programs | out there, but you seem to be singling MBAM out. I don't have any axe to grind with MB. Until last week I'd never used it. I posted because 1) I had just tried it for the first time, 2) the warnings it came up with were both reckless and presumptuous, while providing no information and 3) I knew from reading this group that a lot of people depend on MB. I've often seen people recommend running it as the first line of defense when there's any sign of funny business. So I figured it was worth posting to point out to people that it might be risky to just trust the recommendations of MB. That's all. If your AV is as bad as what I found with MB then maybe you should post a warning. May I tag on here to ask your opinion on CCleaner? -- http://www.helpforheroes.org.uk/shop/ |
#58
|
|||
|
|||
Malwarebytes warning - now CCleaner
In message , Ophelia
writes: [] May I tag on here to ask your opinion on CCleaner? Hello again (-:! In general, and particularly on this 'group, it's unwise to tag on with that sort of change, since (in this case) those who have views on CCleaner may have dropped out of what seems to be a pro/anti Malwarebytes thread. But anyway: the general consensus here seems to be that CC is in general a Good Thing, as long as you don't use its registry cleaning facility. And that's more because there is strong feeling here that registry cleaners in general should be avoided, rather than that CC's one is bad. Registry Cleaners: views range from the extreme of "don't touch them with a bargepole, they're all snake-oil", to the moderate of "cleaning the registry rarely gives any perceptible benefit, and can break your system - sometimes in ways that won't show up for sufficiently long that you won't associate the breakage with having run the registry cleaner". (There _are_ a few with even more moderate views - ranging from actually in favour, to at least "they've never done me any harm"; however, such views are rarely expressed because they always trigger a response from the more rabid antis. Just watch how even this post will.) -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf While no one was paying attention, weather reports became accurate and the news became fiction. Did not see that coming. - Scott Adams, 2015 |
#59
|
|||
|
|||
Malwarebytes warning
In message , FredW
writes: On Sat, 28 Nov 2015 22:50:21 -0500, "Mayayana" wrote: | That goes for basically any of the top anti-virus or anti-malware programs | out there, but you seem to be singling MBAM out. I don't have any axe to grind with MB. Until last week I'd never used it. I posted because 1) I had [] That is NOT all. You never used MBAM (the REAL name) while other people use it all the Let's not let what he calls it divert the discussion: I had no trouble understanding him. time without any problems. And then YOU come and YOU have problems! Because you did some very funny things on your computer, NO other people will ever do and MBAM reacted on that, you start complaining about the 1. It's rather arrogant to say no-one else will EVER do what he did. 2. Granted, some of what he did involves his own software - but at least one of the things he did was just change how something Microsoft runs (I forget what - might have been how something updates). That, at least, is something that people might well do - often via utilities, so they wouldn't recognise the registry change that it involves (and in some cases might not realise it involved a registry change at all). way MBAM tells you that you have funny things on your computer. You are only complaining because you are annoyed that MBAM tells you that you are doing those funny things. You admit that MBAM is right, but still you keep complaining for the sake of complaining. No, he didn't "admit" (emotive word!) that MBAM (or MB) was right. And he's not complaining for the sake of complaining: he reported his experiences, on first using it, for what he thinks is the benefit of others who might also try it for the first time. You might not agree with what he says, but that doesn't make it any less valid than those here - of whom there are several - who suggest MBAM as the first thing to try for a variety of reported problems. So because MBAM does not react in wording YOU want, you start warning that people should not trust MBAM. (Even one of the MBAM supporters has agreed that how it presents things could be bettered - and that he [that supporter] has been telling MBAM so for a while [with, I think, no result].) I know now that your opinion on MBAM (and others) is totally biased and based on NO serious consideration at all. You can "know" that if you wish )-:. All we learn from your experiences is that MBAM works properly. I certainly don't learn that from his experiences. Pleas stop spreading FUD on MBAM and others, it makes you look silly and most prejudiced. The counter could be "please stop praising MBAM to the skies above all others"; that would be an exaggeration of your position, but no more so than your assessment of Mayayana's position. :-( )-: indeed. When this discussion gets away from the personal sniping, there is actually some useful information being revealed he Mayayana's pointing out that MB is perhaps a little over-zealous (and over-certain) in how it reports some things, and those responding to him in some places mitigating what he says by explaining things. -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf "Dook, that was great but I think the line needs awe. Can you do it again, giving it just a little awe?" "Sure, George," said Wayne and looking up at the cross said: "Aw, truly this man is the son of God." (recounted in Radio Times, 30 March-5 April 2013.) |
#60
|
|||
|
|||
Malwarebytes warning - now CCleaner
"J. P. Gilliver (John)" wrote in message ... In message , Ophelia writes: [] May I tag on here to ask your opinion on CCleaner? Hello again (-:! In general, and particularly on this 'group, it's unwise to tag on with that sort of change, since (in this case) those who have views on CCleaner may have dropped out of what seems to be a pro/anti Malwarebytes thread. But anyway: the general consensus here seems to be that CC is in general a Good Thing, as long as you don't use its registry cleaning facility. Ahh! I run both each day before I close down!! So! I have stopped using it as of NOW! Thanks very much! -- http://www.helpforheroes.org.uk/shop/ |
Thread Tools | |
Display Modes | Rate This Thread |
|
|