I saw the recommendation to run Malwarebytes in normal mode in another post but they left no supporting documentation and I couldn't find an official reference to it until reading your linked article in the Malwarebytes Forum.
I also found this contribution from exile360 particularly interesting
If there are multiple user accounts on the PC, MBAM will need to be run (at least a quick scan) on each to scan each respective registry because it currently contains no method to load alternate user hives the way that Spybot Search & Destroy and some other tools do.
Regarding scanning all user accounts, it isn't on the homepage or anything, but is recommended by the experts and developers of MBAM and has been by them many times here on the forum. It generally isn't necessary to do so to kill the actual infections themselves as most infections affect all user accounts and can be killed that way, it simply helps to make sure you remove any traces in the registry that might be left over in individual users' profiles.
Thanks for the "Official" recommendation.
Main Topics
Browse All Topics





by: willcompPosted on 2009-10-31 at 10:04:47ID: 25710487
When either CF or MBAM has to be run in safe mode a followup scan should be done in normal mode. I've only found it necessary to run CF in safe mode a couple of times.
You are absolutely correct that neither should be run in safe mode unless they cannot be run in normal mode after using registry scripts and/or other guidance from BleepingComputer.