When ever I want to test a program (beta or not) I install and run it in a virtual machine. I have an old rootkit program (Sophos Anti-Rootkit v1.5.4 year:2010) which seems satisfactory, but rather than download and install their new free version 2.9 (which seemed overly extensive, i.e. doing more than just rootkit), I decided to try out this Malwarebytes beta v2021.05.22.03.
I also monitor what is installed (and deleted) using Regshot 1.9. As it turns out, there is no uninstall for the beta, so if one wanted to remove it completely, such programs as Regshot are indispensable.
After testing the beta and looking at my Regshot output, I was shocked to find it deleted all drivers in the Registry (luckily these are re-created by Windows on re-boot as they are critical)
HKLM\DRIVERS
HKLM\DRIVERS\DriverDatabase
HKLM\DRIVERS\DriverDatabase\DeviceIds
HKLM\DRIVERS\DriverDatabase\DriverFiles
HKLM\DRIVERS\DriverDatabase\DriverInfFiles
HKLM\DRIVERS\DriverDatabase\DriverPackages
Values deleted: 30275
I then went and checked at what exact stage this happened, and identified it occurs at the start of the program when it asks to update the malware definitions. It might be pecular to my virtual environment and the Win10 edition I used - but even so, this is more than a 'bug'. Obviously I didn't install the beta on my host computer.
The virtual environment was VMware Player 16, running 64-bit Microsoft Windows 10 Enterprise Evaluation, Version 10.0.10240 Build 10240, codenamed "Threshold 1", the first release of Windows 10.
I have attached the Regshotx64.txt (6.5MB) output for Malwarebytes software engineers to look at if they wish.
Regshotx64.txt