Malwarebytes and Safe mode

[jav]

ok, guys. I know I am not the one who should tell it to you as the are lots of people more knowledgeable then me.

But I have seen this happening here and many other security forums (and not just once ) and I was doing the same in the past, so just to inform you.

Many of us while helping user who is infected or suspected to be infected recommend them to use our trusty Malwarebytes Anti Malware but at the same time most of us recommend to use it in safe mode.
Theoretically it is great, as safe mode loads only basic drivers and applications so there will be less things (or even malware) to interact with MBAM scan.

But no, it's not recommended to run Malwarebytes in safe mode unless normal mode fails.

Just take a look at those thread, they are from official Malwarebytes forum and aswered by their staff.
And all of them against running Malwarebytes in safe mode unless normal mode fails:
Running MBAM in Safe Mode - Malwarebytes Forum
Should i run MalwareBytes in normal or in safe mode? - Malwarebytes Forum
Should I run Malwarebytes in Safe mode? - Malwarebytes Forum
Safe Mode vs Normal Mode - Malwarebytes Forum
SAFE MODE - Malwarebytes Forum
`Safe Mode` or `Normal Mode` - Malwarebytes Forum

Some quotes:

MBAM works from safemore but it is not designed to work that way .

MBAM will work better from regular mode both in terms of what it detects and what it can remove .

Doing a safemode scan with MBAM should only be done when a regular mode scan fails .

The drivers don't load in safe mode which really hinders MBAM's capabilities. If possible I and others always recommend running it in normal mode. If the scans are taking so long though, I'm guessing you're also using the Full Scan option. This is seldom required as it generally won't detect anything that the Quick Scan doesn't pick up except perhaps minor traces that are harmless (and even that is rare and I've never seen it do so myself).

So just let you know.

 

[nate42nd]

I have used MB in safe mode (with networking) many times. It's recommended on "bleeping" I know that.

Nice links, but it's always worked fine for me. It's depends on what you're infected with I suppose.

 

[jav]

Actually I am not saying that it doesn't work in safe mode.

As you can read from quotes and posts in Malwarebytes,
They say Malwarebytes can work on safe mode, but it works better on normal mode both from detection and removal point of view.

 

[manhunter2826]

What if safe mode is the only option (for boot up)? Will MWB not function as it should?

 

[nate42nd]

Actually I am not saying that it doesn't work in safe mode.

As you can read from quotes and posts in Malwarebytes,
They say Malwarebytes can work on safe mode, but it works better on normal mode both from detection and removal point of view.

Yea, that's good to know. Thanks for the tip man!

 

[nate42nd]

What if safe mode is the only option (for boot up)? Will MWB not function as it should?

That's right, if you read some of those posts, they say it cripples it.

 

[jav]

What if safe mode is the only option (for boot up)? Will MWB not function as it should?

If normal mode fails and your only option is safe mode, you should go with safe mode.

It will function as it should, but still it's functionality will be more limited then normal mode.

1. So your choice will be normal mode (number one priority)
2. If number one fails, safe mode
3. try normal mode again after safe mode cleaning (atleast do quick scan)

Yea, that's good to know. Thanks for the tip man!

no problems.

 

[manhunter2826]

Thanks jav

 

[Corrine]

It is also not necessary to run a Full Scan. Malwarebytes' developers recommend a Quick Scan:

As Marcin said here

The full scan is very thorough, but 99.99% not necessary.

or as Bruce said here:

BTW , full scan has 0 ability to catch live malware and only a slight chance of catching traces

There are other examples by Marcin and Bruce, but you get the picture. For a first-time cleanup scan with MBAM, a full scan is fine. However, for "live malware", all that is needed is a quick scan.

It is also recommended that temp files be cleaned first -- actually a good practice regardless of the anti-malware software being used.

 

[jav]

Yeap,
Thank you Corrine

Thanks jav

You are welcome.

 

[manhunter2826]

Yes, thanks Corrine for that. Temp files? Will ccleaner suffice?

 

[Corrine]

Yes, CCleaner will work. My recommendation is to leave the registry section alone though -- too much of a chance of problems. Although based on an old version of CCleaner, I put this recommendation together for someone I was helping showing my preferences and explaining why some of the areas were not recommended: Tidbits: CCleaner

 

[manhunter2826]

Thanks for that Corrine, and what a lovely guide that is

 

[mitchell64]

It is also not necessary to run a Full Scan. Malwarebytes' developers recommend a Quick Scan:

As Marcin said here

The full scan is very thorough, but 99.99% not necessary.

or as Bruce said here:

BTW , full scan has 0 ability to catch live malware and only a slight chance of catching traces

There are other examples by Marcin and Bruce, but you get the picture. For a first-time cleanup scan with MBAM, a full scan is fine. However, for "live malware", all that is needed is a quick scan.

It is also recommended that temp files be cleaned first -- actually a good practice regardless of the anti-malware software being used.

I have used Malwarebytes to remove a lot of nasties for people & have found everything detected has been picked up in a quick scan.

I have run full scans after the fact and always come back clean.

Edit; BTW thank you Jav for the initial Post

 

[Corrine]

BTW thank you Jav for the initial Post

I agree! Thanks, Jav.

 

[jav]

You are all welcome