Malwarebytes warning

I know a lot of people here like Malwarebytes.
I tried it last night for the first time and thought it
worthwhile to issue a warning: Malwarebytes
grossly oversteps its job and can recklessly label
things malware, with potentially disastrous
results.

I ran the latest version and it found 10 "threats".
No explanations. No uncertainty. It just brought up
the final diagnosis and said let's clean 'em up. Among
the list was no malware at all. What MB did want to
remove were the following:

* The disk imaging executable for BootIt. (MB
called it "Backdoor.Bifrose", even though the
description for a bifrose infection shares nothing
in common with the file MB wanted to delete.)

* Software license in the Registry (Probably from
Visual Studio 6 and certainly not a risk, but a big
problem if deleted. I'd have to completely reinstall
VS6.)

* The Registry entries for Windows Media Player
ActiveX control.

* An entry in the Registry for LowRiskFileTypes.
It's a tweak to stop IE and other browsers from
interfering with downloads.

* The Registry entries I use to stop Windows
from nagging me about updates, AV and Windows
firewall.

Any of these items would have caused problems
if removed. Some of them could have caused big
headaches. I was lucky insofar as I was able
to figure out exactly what these "threats" were.
Most people won't be able to figure it out.

I then tried the latest Microsoft Malicious Software
Removal tool. That worked fine. It found no problems.

AV and malware hunters in general have become
overzealous software with limited usability. Like
xenophobic email servers that block any source
they don't know, this kind of software works well
by being overzealous, but it only *really* works well
for people who do very little with their computer
and can't be bothered with security. If your PC
is an email machine then there's probably no harm
in letting AV or MB nuke it. They might even end up
nuking something that should be nuked. But for anyone
else I think it's time to start taking all of these programs
with a grain of salt -- and be very careful about letting
them "clean up malware" without being very sure of
exactly what they're going to clean up.

I would certainly never try MB again. (I also got
stuck cleaning up junk it left behind in all users
app data. Not the first program with a bad uninstaller,
but still inexcusable.)

"FredW" wrote in message
...
On Sun, 22 Nov 2015 10:47:26 -0500, "Mayayana"
wrote:

I then tried the latest Microsoft Malicious Software
Removal tool. That worked fine. It found no problems.

MMSRT is limited to some specific threats (as you should well know)
and can not be compared with any other av/am product.
It finds no problems because it is not looking for those problems.


AV and malware hunters in general have become
overzealous software with limited usability. Like
xenophobic email servers that block any source
they don't know, this kind of software works well
by being overzealous, but it only *really* works well
for people who do very little with their computer
and can't be bothered with security. If your PC
is an email machine then there's probably no harm
in letting AV or MB nuke it. They might even end up
nuking something that should be nuked. But for anyone
else I think it's time to start taking all of these programs
with a grain of salt -- and be very careful about letting
them "clean up malware" without being very sure of
exactly what they're going to clean up.

I can smell your disappointment included in this description.
But it is so grossly exaggerated, that I can hardly assume
that you are serious in this opinion.


I would certainly never try MB again. (I also got
stuck cleaning up junk it left behind in all users
app data. Not the first program with a bad uninstaller,
but still inexcusable.)

I use my paid MBAM for online-protection, never any problem.


- How do I uninstall Malwarebytes Anti-Malware?
https://support.malwarebytes.org/cus...are-?b_id=6438


I have paid MB too and have never had any problems.


--
http://www.helpforheroes.org.uk/shop/

| AV and malware hunters in general have become
| overzealous software with limited usability. Like
| xenophobic email servers that block any source
| they don't know, this kind of software works well
| by being overzealous, but it only *really* works well
| for people who do very little with their computer
| and can't be bothered with security. If your PC
| is an email machine then there's probably no harm
| in letting AV or MB nuke it. They might even end up
| nuking something that should be nuked. But for anyone
| else I think it's time to start taking all of these programs
| with a grain of salt -- and be very careful about letting
| them "clean up malware" without being very sure of
| exactly what they're going to clean up.
|
| I can smell your disappointment included in this description.
| But it is so grossly exaggerated, that I can hardly assume
| that you are serious in this opinion.
|

I'm by no means the first to talk about this. AV
started out as 1 MB of definitions, updated once
per month. Now it's millions of definitions, updated
in terms of hours and people often run 2 or 3
programs to proetect themselves. Yet it still may
not help with 0-day attacks, which have become
increasingly common. And it's become a resource
drain due to the constant scanning.

http://www.infoworld.com/article/300...-programs.html

http://www.theregister.co.uk/2015/11..._anti_malware/


In an attempt to make up for the failing model
of executable byte signatures, programs are now
doing things like watching for suspicious behavior
and jumping the gun with malware warnings. I've
run across a number of cases where extreme security
causes problems for people. Again, people who mainly
just do email usually don't have to worry. But if you
do things like edit your HOSTS file, run VBScripts, edit
the Registry, or do anything at all out of the ordinary,
you're increasingly likely to be dealing with false alarms.
I've even had my own software flagged as a virus and
had to recompile it with minor changes until it no longer
sets off alarms. I know of an MS MVP who had his
software flagged merely because it had a Registry
string embedded.

https://visualstudiomagazine.com/art...safer-now.aspx

If you find these products useful that's fine. I
generally don't. That's a matter of preference. I also
wouldn't leave an inexperienced person with no AV.
If they have no idea how to stay safe they can't
afford to be without it.

My warning is mainly about the danger of false alarms
and overreach. (MB should never suggest removing a
Registry tweak without explanation.) It's less damaging
to a company's reputation to be overzealous than to
miss bugs. But it might not be less damaging
to your system. I detailed 10 false alarms that were
all unfounded, while some would have been damaging,
and left me very confused, if I didn't know what they
were and allowed MB to proceed. The worst part is the
cavalier confidence these program apply, combined
with the militaristic melodrama of naming alleged malware
threats with official sounding names that scare people
MB didn't say "this one might be suspcious". It said "this
one is known malware such and such and should be removed".
Danger! Danger! Will Robinson!

When Avira tagged my own software it did the same
thing. It named the virus! The name turned out to
be a generic term for "we don't know, but we're
suspicious", but it sounded very official and specific.

So what I'm saying is go ahead and use it, but before
letting it clean anything, research that file or Registry
entry to find out what it is and why it might be there.
The fact that you haven't had problems doesn't mean
you won't.

| - How do I uninstall Malwarebytes Anti-Malware?
|
https://support.malwarebytes.org/cus...are-?b_id=6438
|

That's rich. One needs a special cleanup tool
to remove pesky residue from an anti-malware
program. Silly me. I thought that was what the
uninstaller was supposed to do.

"Mayayana"
Sun, 22 Nov 2015 15:47:26 GMT in alt.windows7.general, wrote:

I know a lot of people here like Malwarebytes.
I tried it last night for the first time and thought it
worthwhile to issue a warning: Malwarebytes
grossly oversteps its job and can recklessly label
things malware, with potentially disastrous
results.

I don't know what you mean by oversteps... Overstepping to me would
be if it just went ahead and make executive decisions regarding those
files future without your input. It is subject to a false positive,
as ANY other app AV/AM would.

I ran the latest version and it found 10 "threats".
No explanations. No uncertainty. It just brought up
the final diagnosis and said let's clean 'em up. Among
the list was no malware at all. What MB did want to
remove were the following:

Some of this is an issue of wording. I've gone back and forth with
them for ages over this. I'll explain more detail...

* The disk imaging executable for BootIt. (MB
called it "Backdoor.Bifrose", even though the
description for a bifrose infection shares nothing
in common with the file MB wanted to delete.)

This is a false positive. if you email them a copy of the file and/or
post in the forums, they can resolve this for you and anyone else who
might also be affected by it.

* Software license in the Registry (Probably from
Visual Studio 6 and certainly not a risk, but a big
problem if deleted. I'd have to completely reinstall
VS6.)

Another possible false positive and/or a problem with the newer
registry scanning module has been found. You should report this to
them so that they can look into it. They do try to correct bugs as
they crop up, whenever possible.


* The Registry entries for Windows Media Player
ActiveX control.

This can be ignored in MBAM. is it another tweak you've set yourself?
If so, you can tell MB to ignore it. You didn't specify what it's
'detecting' here, so I can't tell you if it might be a bug or a non
default setting and that's what got MBs interest.

* An entry in the Registry for LowRiskFileTypes.
It's a tweak to stop IE and other browsers from
interfering with downloads.

You can have MB ignore this in the future. The reason the software is
alerting on it is because it's not the default value and for normal
home users, could present a security risk. You know what you're
doing, so it doesn't apply as a risk to you. Tell MB to ignore it and
it won't bother you about this again.

I agree, this sort of detection should be rephrased so as to properly
inform the user exactly what's going on and why MB has alerted them
to it.

* The Registry entries I use to stop Windows
from nagging me about updates, AV and Windows
firewall.

See previous answer. The *same* applies here for the very *same*
reasons.

Any of these items would have caused problems
if removed. Some of them could have caused big
headaches. I was lucky insofar as I was able
to figure out exactly what these "threats" were.
Most people won't be able to figure it out.

Not all of the items would have caused problems as in system
instability if removed, although some programs might have been
affected in a negative way. You're exaggerating a bit here. The last
three items would cause you unwanted nag screens and nothing more.
That is why you disabled them, right?


--
Error: Creative signature file missing

In message ,
Diesel writes:
[]
You can have MB ignore this in the future. The reason the software is
alerting on it is because it's not the default value and for normal
home users, could present a security risk. You know what you're
doing, so it doesn't apply as a risk to you. Tell MB to ignore it and
it won't bother you about this again.
[]
Hmm. So, a "normal home user" has to not change _any_ default in order
to not be bugged by MB - or if does, has to tell MB for each such
change?

I can see both sides of this "argument", but must admit I'm closer to
Mayayana on this one (-:!
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Can you open your mind without it falling out?

On 22/11/2015 16:47, Mayayana wrote:
I know a lot of people here like Malwarebytes.
I tried it last night for the first time and thought it
worthwhile to issue a warning: Malwarebytes
grossly oversteps its job and can recklessly label
things malware, with potentially disastrous
results.

I ran the latest version and it found 10 "threats".
No explanations. No uncertainty. It just brought up
the final diagnosis and said let's clean 'em up. Among
the list was no malware at all. What MB did want to
remove were the following:

* The disk imaging executable for BootIt. (MB
called it "Backdoor.Bifrose", even though the
description for a bifrose infection shares nothing
in common with the file MB wanted to delete.)

* Software license in the Registry (Probably from
Visual Studio 6 and certainly not a risk, but a big
problem if deleted. I'd have to completely reinstall
VS6.)

* The Registry entries for Windows Media Player
ActiveX control.

* An entry in the Registry for LowRiskFileTypes.
It's a tweak to stop IE and other browsers from
interfering with downloads.

* The Registry entries I use to stop Windows
from nagging me about updates, AV and Windows
firewall.

Any of these items would have caused problems
if removed. Some of them could have caused big
headaches. I was lucky insofar as I was able
to figure out exactly what these "threats" were.
Most people won't be able to figure it out.

I then tried the latest Microsoft Malicious Software
Removal tool. That worked fine. It found no problems.

AV and malware hunters in general have become
overzealous software with limited usability. Like
xenophobic email servers that block any source
they don't know, this kind of software works well
by being overzealous, but it only *really* works well
for people who do very little with their computer
and can't be bothered with security. If your PC
is an email machine then there's probably no harm
in letting AV or MB nuke it. They might even end up
nuking something that should be nuked. But for anyone
else I think it's time to start taking all of these programs
with a grain of salt -- and be very careful about letting
them "clean up malware" without being very sure of
exactly what they're going to clean up.

I would certainly never try MB again. (I also got
stuck cleaning up junk it left behind in all users
app data. Not the first program with a bad uninstaller,
but still inexcusable.)





When I run it on our pc's, it finds mostly unimportant thingies, like
some advertising issues. I always kill them.
When I ran it on our server (file server, FTP server, printer server,
Web server etc) it found a lot of entries. All very dangerous - what
Malwarebytes said, but all were useful applications that run on the server.
So I uninstalled it from our server, will never run it there again, but
will still use on our pc's.
Using the free version, though.
I use Emsisoft (paid version) to protect our pc's from malware.

Fokke

In message , FredW
writes:
On Sun, 22 Nov 2015 13:02:59 -0500, "Mayayana"
wrote:
[]
If they have no idea how to stay safe they can't
afford to be without it.

So if your are stupid you are free to use it, but when you are not a
dummy you should not use av and/or am software?

Really ???

That's not what he said. He said that those who know little or nothing
of AV matters _should_ use AV software. Those who know a little more
about computing in general should still use it, but - since they are
likely to make changes that the noobs (not stupid, just noobs) won't
make, they are more likely to encounter unexpected side-effects (false
positives, for short).
[]
https://support.malwarebytes.org/cus.../1835311-how-d
o-i-uninstall-malwarebytes-anti-malware-?b_id=6438
|

That's rich. One needs a special cleanup tool
to remove pesky residue from an anti-malware
program. Silly me. I thought that was what the
uninstaller was supposed to do.

No, generally one does not need a special cleanup tool.
YOU need a special cleanup tool after YOU made a mess of things.

I think he's entitled to expect the software's own uninstaller to, er,
uninstall - and to be offended at being told he'd "made a mess of
things" when it doesn't. It ought not to be possible to "make a mess of
things" by just using the software, not to the extent that the
uninstaller doesn't uninstall, anyway.

I tried to help you, but all you do is keeping complaining and
complaining about your ignorant use of anti-malware software.

Why did you not put YOUR home-made false positives in Malware Exclusions
(problem solved) and kept using MBAM in stead of complaining that MBAM
did not work for you, while millions of other users have no problems?

Problem hidden, not "solved". Where the false positives are to do with
the software he's written himself, I think it's a reasonable compromise
on both sides for AM software authors to request other software authors
to _report_ false positives (not just put them in exclusions). But where
they are do to with reasonably widely-known software, ...

Anyhow I know now that I cannot expect any meaningful contribution from
you in any discussion of security software.

That's a bit sweeping. You don't _agree_ with him: fair enough, he
doesn't agree with you; that doesn't mean either of you won't make
_useful_ (as opposed to "meaningful") contributions to such discussions.

I find that (very) disappointing!

Have a nice day.


--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Wisdom is the ability to cope. - the late (AB of C) Michael Ramsey,
quoted by Stephen Fry (RT 24-30 August 2013)

| I don't know what you mean by oversteps... Overstepping to me would
| be if it just went ahead and make executive decisions regarding those
| files future without your input. It is subject to a false positive,
| as ANY other app AV/AM would.
|

By overstep I mean saying xyz.exe is known
malware when the program really doesn't know.
It should inform the user as best it can: "This
may be suspicious". It shouldn't be tagging
things like security settings in the Registry as
malware. If it can't provide an informative
explanation of why the setting might be risky
then that item should be left out of the "threat"
list.

When I first started using computers I used to
run Norton System Works. It would find the usual
142 problems and I'd be delighted to get them all
fixed. I felt like I had my own Special Forces attack
squad. It never occurred to me that some of the
"problems" might be frivolous or even problematic
to fix. No doubt a lot of inexperienced people feel
the same way about such programs as MB. Worse,
those programs encourage trust with their tough-
guy-against-evil style of presentation.

If I were an average computer user I would have
told MB to fix all the problems it found. It gave no
indication that my computer might survive if I didn't
fix them. I might have never figured out that the
resulting problems were actually caused by MB.

| This is a false positive. if you email them a copy of the file and/or
| post in the forums, they can resolve this for you and anyone else who
| might also be affected by it.
|

In my experience it doesn't work that way. When
Avira tagged my own EXE I wrote to them. I got
back a robo-email telling me to upload the problem
EXE. But it wasn't a problem EXE. Avira was tagging
6 of my EXEs. And if they issued a fix for those I'd
be back in the same boat next time I compiled a
new version. So I wrote back to say that what was
needed was to re-assess how they're tagging EXEs
altogether, and that their catchall category they
call "TR/Dropper.Gen" was a problem. I would have
been happy to work with them, but they never
responded to that email. I've had to put notes on
my own website as I find out about such problems.

The same would be true for the BootIt EXE. Even
if MB responds, in a few months I'll probably have a
BootIt update. Depending on people to essentially
run beta test software is not a way to design
malware hunters.

In any case, all of that is beside the point. It's
not for me that I started this thread. It's for the
people who might be a bit too trusting and
enthusiastic with AV/mawlare products.

|
| * The Registry entries for Windows Media Player
| ActiveX control.
|
| This can be ignored in MBAM. is it another tweak you've set yourself?

A tweak? No. Windows Media Player ActiveX
control is pre-installed on all Windows systems.
It's a core component. The Registry key is
the HKCR\CLSID COM key that allows software
to find and use the control in order to play media
files. Without that entry the control -- and thus
some software -- would break. MB called it a
"Rogue.Regsort", which a bit of research indicates
may be very nasty ransomware. (MB didn't say
the setting *might* be Rogue.Regsort. MB said it
*is* Rogue.Regsort and marked it for removal.)

So yes, I can ignore it. But most people won't
know to look up that particular GUID in the Registry.
Even if they did they're unlikely to understand the
values they find.

| Not all of the items would have caused problems as in system
| instability if removed, although some programs might have been
| affected in a negative way. You're exaggerating a bit here. The last
| three items would cause you unwanted nag screens and nothing more.
| That is why you disabled them, right?

Yes. And another would have stopped my disk
imaging software from working. Another would
have prevented me using some libraries in my
software, for lack of a license. Another would
have broken Windows Media Player. Worse, none
of those would have been obviously caused by
MB, so I likely would have spent a long time trying
to figure out what was broken. How much
damage does it need to do before you'd count
it as a problem? While your points make some sense
*for you* personally, I think you're making excuses
for a product that you feel some loyalty toward.
There's really just no excuse for things like labelling
a Microsoft ActiveX control Registry setting as
ransomware.... Well, except maybe if it's those
Win10 nagware settings.

| Using the free version, though.
| I use Emsisoft (paid version) to protect our pc's from malware.
|

I'm not sure which I was using. It was free
but it loaded with a box checked to "enable
premium trial".

On Sun, 22 Nov 2015 18:42:11 +0000, J. P. Gilliver (John) wrote:
Hmm. So, a "normal home user" has to not change _any_ default in order
to not be bugged by MB - or if does, has to tell MB for each such
change?


I am a normal home user, I have not had to change any defaults, and I
have not been bugged by Malwarebytes.

--
Stan Brown, Oak Road Systems, Tompkins County, New York, USA
http://BrownMath.com/
http://OakRoadSystems.com/
Shikata ga nai...

On Sun, 22 Nov 2015 16:43:07 -0500 "Stan Brown"
wrote in article MPG.30bc00f2d87d37bd98f296
@news.individual.net

I am a normal home user, I have not had to change any defaults, and I
have not been bugged by Malwarebytes.


There have been many suggestions over the years NOT to touch the
Registry repair in MBAM (or anywhere else). I don't have the OP's
post, but I believe he complained about registry damage. Best to
avoid letting MBAM touch it.

Jason wrote on 11/22/2015 5:53 PM:
On Sun, 22 Nov 2015 16:43:07 -0500 "Stan Brown"
wrote in article MPG.30bc00f2d87d37bd98f296
@news.individual.net

I am a normal home user, I have not had to change any defaults, and I
have not been bugged by Malwarebytes.


There have been many suggestions over the years NOT to touch the
Registry repair in MBAM (or anywhere else). I don't have the OP's
post, but I believe he complained about registry damage. Best to
avoid letting MBAM touch it.


I don't see any option in MBAM about "registry repair".

On 22/11/2015 15:47, Mayayana wrote:
I know a lot of people here like Malwarebytes.
I tried it last night for the first time and thought it
worthwhile to issue a warning: Malwarebytes
grossly oversteps its job and can recklessly label
things malware, with potentially disastrous
results.

I ran the latest version and it found 10 "threats".
No explanations. No uncertainty. It just brought up
the final diagnosis and said let's clean 'em up. Among
the list was no malware at all. What MB did want to
remove were the following:

* The disk imaging executable for BootIt. (MB
called it "Backdoor.Bifrose", even though the
description for a bifrose infection shares nothing
in common with the file MB wanted to delete.)

* Software license in the Registry (Probably from
Visual Studio 6 and certainly not a risk, but a big
problem if deleted. I'd have to completely reinstall
VS6.)

* The Registry entries for Windows Media Player
ActiveX control.

* An entry in the Registry for LowRiskFileTypes.
It's a tweak to stop IE and other browsers from
interfering with downloads.

* The Registry entries I use to stop Windows
from nagging me about updates, AV and Windows
firewall.

Any of these items would have caused problems
if removed. Some of them could have caused big
headaches. I was lucky insofar as I was able
to figure out exactly what these "threats" were.
Most people won't be able to figure it out.

I then tried the latest Microsoft Malicious Software
Removal tool. That worked fine. It found no problems.

AV and malware hunters in general have become
overzealous software with limited usability. Like
xenophobic email servers that block any source
they don't know, this kind of software works well
by being overzealous, but it only *really* works well
for people who do very little with their computer
and can't be bothered with security. If your PC
is an email machine then there's probably no harm
in letting AV or MB nuke it. They might even end up
nuking something that should be nuked. But for anyone
else I think it's time to start taking all of these programs
with a grain of salt -- and be very careful about letting
them "clean up malware" without being very sure of
exactly what they're going to clean up.

I would certainly never try MB again. (I also got
stuck cleaning up junk it left behind in all users
app data. Not the first program with a bad uninstaller,
but still inexcusable.)


Too some extent I agree.

But most (not quite all I admit) of the things it regards as unwanted
that could well be wanted are things that only a experienced user would
have. As an experienced user one would be well equipped to spot them and
exclude them from any further detection.

--

Brian Gregory (in the UK).
To email me please remove all the letter vee from my email address.

On 22/11/2015 18:02, Mayayana wrote:
| AV and malware hunters in general have become
| overzealous software with limited usability. Like
| xenophobic email servers that block any source
| they don't know, this kind of software works well
| by being overzealous, but it only *really* works well
| for people who do very little with their computer
| and can't be bothered with security. If your PC
| is an email machine then there's probably no harm
| in letting AV or MB nuke it. They might even end up
| nuking something that should be nuked. But for anyone
| else I think it's time to start taking all of these programs
| with a grain of salt -- and be very careful about letting
| them "clean up malware" without being very sure of
| exactly what they're going to clean up.
|
| I can smell your disappointment included in this description.
| But it is so grossly exaggerated, that I can hardly assume
| that you are serious in this opinion.
|

I'm by no means the first to talk about this. AV
started out as 1 MB of definitions, updated once
per month. Now it's millions of definitions, updated
in terms of hours and people often run 2 or 3
programs to proetect themselves. Yet it still may
not help with 0-day attacks, which have become
increasingly common. And it's become a resource
drain due to the constant scanning.

http://www.infoworld.com/article/300...-programs.html

http://www.theregister.co.uk/2015/11..._anti_malware/


In an attempt to make up for the failing model
of executable byte signatures, programs are now
doing things like watching for suspicious behavior
and jumping the gun with malware warnings. I've
run across a number of cases where extreme security
causes problems for people. Again, people who mainly
just do email usually don't have to worry. But if you
do things like edit your HOSTS file, run VBScripts, edit
the Registry, or do anything at all out of the ordinary,
you're increasingly likely to be dealing with false alarms.
I've even had my own software flagged as a virus and
had to recompile it with minor changes until it no longer
sets off alarms. I know of an MS MVP who had his
software flagged merely because it had a Registry
string embedded.

https://visualstudiomagazine.com/art...safer-now.aspx

If you find these products useful that's fine. I
generally don't. That's a matter of preference. I also
wouldn't leave an inexperienced person with no AV.
If they have no idea how to stay safe they can't
afford to be without it.

My warning is mainly about the danger of false alarms
and overreach. (MB should never suggest removing a
Registry tweak without explanation.) It's less damaging
to a company's reputation to be overzealous than to
miss bugs. But it might not be less damaging
to your system. I detailed 10 false alarms that were
all unfounded, while some would have been damaging,
and left me very confused, if I didn't know what they
were and allowed MB to proceed. The worst part is the
cavalier confidence these program apply, combined
with the militaristic melodrama of naming alleged malware
threats with official sounding names that scare people
MB didn't say "this one might be suspcious". It said "this
one is known malware such and such and should be removed".
Danger! Danger! Will Robinson!

When Avira tagged my own software it did the same
thing. It named the virus! The name turned out to
be a generic term for "we don't know, but we're
suspicious", but it sounded very official and specific.

So what I'm saying is go ahead and use it, but before
letting it clean anything, research that file or Registry
entry to find out what it is and why it might be there.
The fact that you haven't had problems doesn't mean
you won't.

| - How do I uninstall Malwarebytes Anti-Malware?
|
https://support.malwarebytes.org/cus...are-?b_id=6438
|

That's rich. One needs a special cleanup tool
to remove pesky residue from an anti-malware
program. Silly me. I thought that was what the
uninstaller was supposed to do.



Just Uninstalling will work fine, but like many programs it will leave
various options, settings and, I think, your quarentined files etc so
that if you choose to reinstall they are available again.

--

Brian Gregory (in the UK).
To email me please remove all the letter vee from my email address.

| I don't see any option in MBAM about "registry repair".

Out of 10 false positives I had, 9 were registry.
Some were settings that MB deemed unwise, like
turning off Windows update nags. Others it claimed
were actual malware. That included the Windows
Media Player COM key and the software license
keys. Presumably it wanted to delete those.