Jump to content

scan finds Reg Organizer items as PUPs


Recommended Posts

To more easily exclude all of the detections for the software, open Malwarebytes and launch a scan by clicking the Scan button on the main dashboard and once it completes, view the results and click the checkbox at the very top left within the column header to clear all of the checkboxes for all of the detections, ensuring that all of the detections belong to the program you wish to exclude, then click Quarantine or Next and when prompted on what to do with the remaining detections (the ones that were unchecked in the list), select the option to always ignore them and they will be added to your Allow List so that they will no longer be detected by real-time protection or future scans.

Keep in mind that this will not exclude any future updates/installers for the program, so I would advise temporarily disabling Malwarebytes' Malware Protection component whenever performing a new install or upgrade/update of the program to a new version to avoid having it blocked and quarantined by Malwarebytes, then perform a scan to ensure that once the new version is installed, no changes have been made that need to be added to the Allow List, then re-enable Malware Protection.

I hope this helps.

Link to post
Share on other sites
12 hours ago, TwinHeadedEagle said:

Hi,

We we done a review of this software and concluded that it falls under our PUP detection criteria. You can ignore the detection and add to exclusions if you personally think this software benefits you.

What exactly you don't like in Reg Organizer? This is a second time when you totally removed all my files with Reg Organizer as a threat! Are you crazy? This is absolutely unacceptable!!!

Link to post
Share on other sites

Hello,

Reg Organizer is not a registry cleaner. It is a space freeing, personal data deletion tool with the applications updating and complete uninstalling functionality.
With the default settings the registry cleanup tool functionality has been removed from the program 3 years ago.
You should disclose which criteria are used to detect this program as PUP.
The legitimate applications should not be marked as malware to increase the number of detections.

Link to post
Share on other sites
1 minute ago, Chemtable said:

The legitimate applications should not be marked as malware to increase the number of detections.

It is not detected as malware but as a PUP. Potentially Unwanted Program.

 

Link to post
Share on other sites
1 minute ago, Porthos said:

It is not detected as malware but as a PUP. Potentially Unwanted Program.

 

There is no difference for the user as MWB just removes the application and reports about fixing 200+ errors, which is the number of the Reg Organizer files including help files, readme.txt, license.txt etc. The more files the program consists of, the more error fixes reported!

Currently the users of our application (developed since 2001) asking why are they suddenly get "protected" from Reg Organizer that they have been using for a long time. We are awaiting the official information about the PUP criteria violated to disclose this situation in our blog post and IT resources.

Link to post
Share on other sites
17 minutes ago, Chemtable said:

Currently the users of our application (developed since 2001) asking why are they suddenly get "protected" from Reg Organizer that they have been using for a long time. We are awaiting the official information about the PUP criteria violated to disclose this situation in our blog post and IT resources.

I am just the messenger just posting the relevant info that is available from the company. I have no dog in this "fight".

17 minutes ago, Chemtable said:

There is no difference for the user as MWB just removes the application and reports about fixing 200+ errors

Actually the option is there to ignore always. It is the users choice on what to do. It is not automatic. If a user wishes to keep it, PUP's are always optional detection's.

As just a volunteer I have no opinion on the merits of the software.

I do suggest you give Malwarebytes an opportunity to re evaluate by emailing pup@malwarebytes.com

 

Edited by Porthos
Link to post
Share on other sites
  • Staff
1 hour ago, Chemtable said:

There is no difference for the user as MWB just removes the application and reports about fixing 200+ errors, which is the number of the Reg Organizer files including help files, readme.txt, license.txt etc. The more files the program consists of, the more error fixes reported!

Currently the users of our application (developed since 2001) asking why are they suddenly get "protected" from Reg Organizer that they have been using for a long time. We are awaiting the official information about the PUP criteria violated to disclose this situation in our blog post and IT resources.

If you represent the company, contact pup@malwarebytes.com to discuss your software.

Link to post
Share on other sites
  • Root Admin

I do not work in the Research Team that reviews programs such as this that in most cases the only reason we've even looked at them in the first place is that users have contacted us asking if the program is malware or a PUP.

The information below is from my own observations as I have actually never heard of or used the program before.

 

1 hour ago, Chemtable said:

Hello,

Reg Organizer is not a registry cleaner. It is a space freeing, personal data deletion tool with the applications updating and complete uninstalling functionality.
With the default settings the registry cleanup tool functionality has been removed from the program 3 years ago.
You should disclose which criteria are used to detect this program as PUP.
The legitimate applications should not be marked as malware to increase the number of detections.

Quote

Main Features

  • Using Reg Organizer to uninstall programs and remove its traces will help remove unwanted applications and their traces, thereby preventing littering up the registry and computer disks. This is very useful because not all programs delete their leftover and configuration files in the system registry after removal. This feature is powered by the Full Uninstall™ technology, developed by our experts.

Sure seems like Registry cleaning. Do you have any whitepapers or other engineering documentation proving these registry entries are causing an issue? Even very extensive programs that leave behind thousand of registry entries from a poor uninstaller still do not impact the user as proven over and over by many Experts including Microsoft. If an entry is causing an issue then one would remove that single entry and not scan and remove dozens or hundreds of unrelated keys or values that are not causing an issue.

Quote

With the automatic cleanup feature, you can delete large amount of unnecessary information and free up space on the system disk.

That is rather nebulous at best. As even a slightly experienced computer user, one that reads that would have to immediately ask themselves what that even means. I've been doing Enterprise and Consumer computer support now for 30 years and it's not immediately evident to me what the website means by that statement.

Quote

This is useful, for example, in the case where an application does not have an uninstall tool and after it has been "manually" deleted, unwanted files remain in the registry

More statements about unneeded Registry cleaning. As for "unwanted files" - though the Registry supports blobs such as certificates it is extremely rare for any program to install "files, aka blobs" in the Registry.

 

Direct quote from Microsoft
https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities

Summary


This article describes the Microsoft support policy for customers who use registry cleaning utilities that rely on unsupported methods to extract or modify the contents of a Windows Registry.

The Windows registry is a database of settings for all hardware, software, and user preferences on your computer that controls how Windows interacts with your hardware and applications. Windows continually references the registry in the background and it is not designed to be accessed or edited.

Some products such as registry cleaning utilities suggest that the registry needs regular maintenance or cleaning.  However, serious issues can occur when you modify the registry incorrectly using these types of utilities. These issues might require users to reinstall the operating system due to instability. Microsoft cannot guarantee that these problems can be solved without a reinstallation of the Operating System as the extent of the changes made by registry cleaning utilities varies from application to application. 
  • Microsoft is not responsible for issues caused by using a registry cleaning utility. We strongly recommend that you only change values in the registry that you understand or have been instructed to change by a source you trust, and that you back up the registry before making any changes.
  • Microsoft cannot guarantee that problems resulting from the use of a registry cleaning utility can be solved. Issues caused by these utilities may not be repairable and lost data may not be recoverable. 

 

 

Straight from the creator of the Windows Registry. If they are telling you not to use such tools then that alone would classify as PUP (Possibly Unwanted Program) - if you so choose to use the program then that is your personal choice. Information on adding an exclusion to prevent the removal was provided above. One could also change the PUP settings to Warn only and not remove.

 

Quote

Viewing registry files (*.reg) before importing their contents will enable you to examine the data before importing. When you view a reg file that you want to import, its contents are displayed as a tree in Reg Organizer. This allows you to visualize all the keys that will be imported into the registry.

One can easily right click on any .reg file and select edit and it will open in notepad by default showing exactly what would be imported too. We're not telling people not to buy or use the program. We're simply pointing out that for many operations it is not needed and for some others there are built-in tools to Windows to already perform the function. An example below could potentially be a good feature depending on it functions.

Quote

Tracking registry keys will help monitor the actions of any program and see all changes made to the registry in detail.

 

 

I went ahead and installed the program. I have not scanned anything yet and the program already tells me I have problems. That alone is a bit disingenuous of the program to say so without a scan. My assumption is that some type of extremely fast prescan is run each time the program starts.

 

image.png

You claim that Registry Cleaning was removed from the program but the Settings indicate they're still there and some are enabled by default

image.png

The program even has custom areas of the Registry to ignore from cleaning

image.png

image.png

Full default settings and this is Registry Cleaning which Microsoft, others, and myself have said for many years now that one should not be randomly cleaning the Registry

image.png

image.png

image.png

 

 

Again, I do not work on the team that reviews applications. These are my own observations after installing and running the program.
If you're a company representative for Reg Organizer you can email pup@malwarebytes.com to work with them about having the product removed from the listing.

 

As I see it much of the program is related to unneeded registry cleaning. There are some features that the built-in Windows Disk Cleanup will do the same thing.
There are a few features for the Registry that are unique and not related to cleaning but users should really read and review if that is enough functionality for them to pay for it.

 

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.