Jump to content

MBA-M in Safe or Normal Mode


Recommended Posts

I have used MBA-M for several years. Best program going! But I do have a question. I have had many ask me if it should be run in safe mode (like many other removal programs) for better removal or does it work better in normal mode. I remember reading someplace on this forum the correct way to run the program, which I believe was run in normal mode if at all possible because the program is meant to be run in normal mode. It will run in safe mode but since it does not load all of it's drivers in Safe Mode the scan will not be as detailed or as complete.

I have always told others to update first, run quick scan in normal mode, remove all found. If something is found update again and do the full scan to be safe. If the program won't run in normal mode then run in safe mode, have it remove all found, reboot to normal mode and try to run another scan. Am I correct or not?

I would love to see a sticky here with exact instructions on this.

Link to post
Share on other sites

Hey jholland1964,

You are correct. The best and most effective way to scan with MBAM is in normal mode. In situations where you can't scan with MBAM in normal mode, you can try safe mode, but I would definitely recommend scanning in normal mode once you are able to. The reasons are for exactly what you mentioned, not all of the drivers that MBAM needs are loaded in safe mode, preventing it from being as effective as it should be. I hope this helps.

Regards,

swagger

Link to post
Share on other sites
Hey jholland1964,

You are correct. The best and most effective way to scan with MBAM is in normal mode. In situations where you can't scan with MBAM in normal mode, you can try safe mode, but I would definitely recommend scanning in normal mode once you are able to. The reasons are for exactly what you mentioned, not all of the drivers that MBAM needs are loaded in safe mode, preventing it from being as effective as it should be. I hope this helps.

Regards,

swagger

May I make a suggestion of having a sticky someplace easy to find with the full instructions and info such as that above so that it would be easy to find here? It sure would help a lot of people.

Link to post
Share on other sites
  • 2 weeks later...

I recently worked on a PC with XP that had Avast! and Malwarebytes (free) running. It was infected with a fake antivirus program calling itself "SystemTools". Neither Avast! or Malwarebytes prevented the infection and neither could remove it because it filled the desktop with pop-ups. I rebooted the system in Safe Mode and successfully removed SystemTools with Malwarebytes. After rebooting to Normal Mode, another scan revealed no infections. So while Malwarebytes operates best while windows is in Normal Mode, it may not be able to remove some infections in Normal Mode.

The Help window of Malwarebytes does not find anything when Safe Mode is searched. It would be good to add some instructions there about it.

I hope Malwarebytes Pro would have prevented the infection but I don't know for sure.

Link to post
Share on other sites

That is good to hear. I applied for a reseller account a couple weeks ago but have not heard back yet. I want to strongly encourage customers to buy the Pro version to prevent these problems.

I was extremely disappointed that SystemTools got past Avast!. I have used Avast! for over 5 years but I have lost some confidence in it.

Link to post
Share on other sites

I have been testing antivirus software for some time, and honnestly, Avast is always late. The team adds deifnitions for new variants too late.

I now use Antivir free, which is much better concerning that specific point.

Link to post
Share on other sites
I have been testing antivirus software for some time, and honnestly, Avast is always late. The team adds deifnitions for new variants too late.

I now use Antivir free, which is much better concerning that specific point.

How about AVG?

Link to post
Share on other sites

I would not advice avg as it's a major resource hog. Also has to many problems. I had it installed on my dad's computer which I ended up removing it. It sat there and did nothing, but consume memory and cpu usage. The interface crashed every time I opened it. Avg also was a pain to uninstall which I had to hunt everything down with mbam's file assassin to fully get rid of it.

Link to post
Share on other sites
I would not advice avg as it's a major resource hog. Also has to many problems. I had it installed on my dad's computer which I ended up removing it. It sat there and did nothing, but consume memory and cpu usage. The interface crashed every time I opened it. Avg also was a pain to uninstall which I had to hunt everything down with mbam's file assassin to fully get rid of it.

Thanks for sharing!! i see!

Link to post
Share on other sites

I also had no trouble removing Norton fully on two systems, but I know another individual on here who has and you have had trouble too. Hmm. I guess it depends on the system and the programs/configurations on it, or maybe they randomly give systems trouble when users try to remove them... who knows ;)

Link to post
Share on other sites

Actually I don't remember norton being to hard to remove rather then a nightmare on my computer. Way to many problems with it. ;)

They couldn't pay me to install it again. With it's bad firewall, to many infections bypassing it or not wanting to shut down to let something run. It was a mess. Took over 4 hours of trying to shut it down. I don't remember why I wanted it off, but possibly it was blocking something. That was a few years ago and can barely remember. Norton Internet Security 2007 was the last I ever used.

Link to post
Share on other sites

Yeah, I haven't used it in years. I used it a long time ago, then we tried McAfee... then I've used AVG... now I use Kaspersky and for free AV's I recommend Avira, MSE or Avast!.

I personally didn't have any trouble with Norton really, but I know others who have.

Link to post
Share on other sites

Well this thread has taken an unexpected turn. I posted to request information on running MBA-M in safe mode and I asked that serious consideration be given to providing a sticky be placed someplace prominently on this forum concerning the proper running of the program...normal or safe... because I sure haven't been able to find anyplace on here, and I HAVE searched throughout this forum for the answer multiple times. I received one reply on my assumption that it should generally always be run in Normal Mode if possible in 11 days and I sincerely thank swagger for taking the time to do that.

Now the thread has veered off into what problems people have with various AV programs, and what is good and what is bad about various ones.

Evidently the "powers that be" here don't care about those of us who regularly recommend this superior programs on different clean up forums but who don't have the "official" answer on how to run, why to run in normal mode and what safe mode runs do and don't do. If we had full, thorough and complete information on this we could give this info when we tell people to run the program, but nobody cares enough to provide it.

Link to post
Share on other sites
jholland1964:

I believe your answer is in Post #4. Malwarebytes is designed to run in Normal Mode; however, it will run with some features in Safe Mode. Some types of infections are easier to remove in Safe Mode because they are designed to operate in Normal Mode.

If you will see I did note that in my reply above

I received one reply on my assumption that it should generally always be run in Normal Mode if possible in 11 days and I sincerely thank swagger for taking the time to do that.

I posted again because of the sudden turn of the thread to something that has nothing to do with my original post or my request that clear, concise instructions be made a sticky someplace on this site so that people don't have to keep searching for instructions on the proper running of this superior program.

Link to post
Share on other sites
I posted again because of the sudden turn of the thread to something that has nothing to do with my original post or my request that clear, concise instructions be made a sticky someplace on this site so that people don't have to keep searching for instructions on the proper running of this superior program.

I entered a suggestion for "Safe Mode" operation to be included in the program's help file. Currently, there is no mention of it. Having it on this forum is not so good because infected computers often cannot access the internet and most often should be disconnected from the internet.

Link to post
Share on other sites

For most infections and sophisticated malwares, safe mode is not required, or should even not be used (considering Bagle, for example, who damages safe mode registry keys), so this suggestion cannot apply to every situation, it needs to be analyzed first, depending on which malware is inside. Safe mode shouldn't be recommended every time.

MBAM is designed to unload infections in normal mode. For some specific malware with anti-MBAM capabilities (which are not always successful), some tools like rkill from Grinler can unload malicious processes and enable MBAM to run and destroy the malware again, for example.

Link to post
Share on other sites
I entered a suggestion for "Safe Mode" operation to be included in the program's help file. Currently, there is no mention of it. Having it on this forum is not so good because infected computers often cannot access the internet and most often should be disconnected from the internet.

I did not make this request as a person in need of clean up, of a person with the idea of sending somebody here for instructions.

I made this request as one who assists in clean up and removal of infections from computers at four different clean up forums. At all four we always recommend the use of MBA-M, and if possible in Normal Mode as it was designed to do.

We don't send people to this forum for instructions, we post instructions directly to them on our forums. But at least three or four times a week somebody, without correct knowledge or information, will jump in AFTER we have given instructions, and make a post similar to..."you should do all these steps in Safe Mode". Then we must backtrack with the original poster and tell them this is not the way MBA-M should be run if at all possible. Then we get an argument from the errant poster about it.

We all would like a simple, concise way of being able to say to the person giving incorrect information, with a link to post for proof, which would say..."As noted at Malwarebytes' MBA-M should be run in Normal Mode at all times if possible and here is why" but right now all we can say is the program is designed to be run in normal mode because it does not load all of it's drivers in safe mode. Then we always get the question...how do you know, where does it say that, who told you this and the final..."Everybody knows you need to clean a computer in Safe Mode."

Link to post
Share on other sites
I think part of the information is only known by developers, which can't post detailed specifications, to avoid malwares getting efficient when attacking MBAM.

I don't want secret or technical information. I just am asking for a link/sticky that I can to point to which says how to run it and why certain things should or should not be done.

99.9% of the average home computer users wouldn't understand technical information anyway, I know I wouldn't. That is not what I am requesting, I don't want technical information. I would just like to have an EASY link to point to when I receive these questions and be able to say, "this is their program and this is how THEY say to run it" and "that is why I am telling you to run it this way".

Something very simple, not technical explanations but simple, user friendly language, which would read:

Instructions on the Correct Running Of MBA-M. Then how to run it. Why it should be run in Normal Mode. When it can be run in Safe Mode and instructions on what to do AFTER running in Safe Mode.

Then when helpers such as myself receive these questions/comments on to "should be run or not run in safe mode" we can quote this sticky and actually Link to it, On This Board which is the actual board for the program itself.

Where else would one check to get the most accurate information but from the actual website of the program in question?

I don't understand why people don't understand my questions or comments.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.