Malwarebytes Free Removes Windows Update Registry Key

Topic

New Reply

I’ve just updated two Win7 x64 SP1 computers from Malwarebytes Free 3.3.1 to Malwarebytes Free 3.4.4. In BOTH instances, the update process removed the registry key that denotes antimalware program compatibility to receive Windows security updates and .NET security updates as well. Restoring the key brought back full WU functionality.

The exact process was:

1. Launch Malwarebytes free and go into the Settings panel.

2. Once there, click on the “Install Application Updates” button, which launched the program updater to check for new versions. This is NOT to be confused with the downloading and installing of definition updates which uses another completely separate process.

3. A new version was found, so I allowed the installation of said update to proceed.

4. Once the update finished, I was presented with a free 14 day trial of the premium version. I promptly went back into the Settings panel and clicked on the “Account Details” tab where I promptly clicked the button to deactivate the free trial, and provided a reason why I deactivated said trial.

5. Upon rebooting, I discovered that the registry key for antimalware program compatibility was completely gone. I then proceeded to recreate it and viola, I’m now all set.

Said registry compatibility key is as follows: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\QualityCompat. In the key, there should be a REG_DWORD labeled “cadca5fe-87d3-4b96-b7fb-a231484277cc” and its value should be set to zero (0).

This is just intended as a heads up for everyone, since we’re at MS-DEFCON 3 as I write this.

How did I find out this happened? I went to install Windows updates this past Thursday the 8th of March after seeing that we’d been moved by Da Boss to DEFCON 3, and I was suddenly missing the .NET and Windows Monthly Rollup that had been there just a few days before.

After looking for the compatibility key on a second Win7 machine with the specs mentioned above and finding it present, I proceeded with updating Malwarebytes 3.3.1 Free as detailed above. Immediately after completing the update procedure, I checked for the registry key and it was GONE, thus proving that Malwarebytes’ program update procedure erased the registry key, not the definition update procedure. By the way, the update procedure on the second machine was done earlier this morning, the 10th of March Pacific Daylight Time. The update on the first machine was done back on Wednesday the 7th of March.

If someone has seen reports of this on the Malwarebytes forums, please feel free to post a link here to help everyone else out.

R/

Bob99

10 users thanked author for this post.

Fred, MrJimPhelps, Microfix, JDeC, HiFlyer, SueW, jburk07, MrBrian, Kirsty, woody

Reply | Quote

Replies

Thanks for the warning :). However, the problem didn’t happen for me for either of the two computers that I installed Malwarebytes Free 3.4.4 on. In case it matters, I uninstalled the older version first, and manually installed v3.4.4.

3 users thanked author for this post.

jburk07, satrow, Microfix

Reply | Quote

Similar here, though I did an in-place upgrade of MBAM Free. I didn’t check the reg key until days after the upgrade and later reboot of Windows (I upgraded late on in a 45 day uptime Windows session) and the manually inserted key is still there.

W7x64 SP1 with no active A/V.

1 user thanked author for this post.

jburk07

Reply | Quote

As mentioned in step 3, I let the program do its own uninstall and reinstall, so that may be the difference by itself!

Reply | Quote

See my link here is the duplicate topic – I think I found an answer

2 users thanked author for this post.

Lori, Elly

Reply | Quote

Updated Windows 10 Home 64b (windows10.0-kb4088776-x64, Intel I7-gen.6) with an elevated account, my Malwarebytes lifetime licence was gone, so had to reregister; + the Quality-key in the registry was gone too, and did not reappear after reboot, so I had to set this key manually too.

With the registry settings for Spectre enabled, there still is a conciderable loss in speed; this microcodefix in the Micr0$oft-update(s?). Don’t have a clue whare and what is causing this loss in performance.

Is there anybody who has a suggestion?, please pass it on, thanks.
regards Fred

* _ ... _ *

Reply | Quote

I removed Malwarebytes Free from the computer it was installed on rather updating Malwarebytes to the next version.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

No need to uninstall a perfectly good program due to the update process.

As @PKCano mentions in post # 174890 above which refers the reader to another post, he found that after installing the newer version of Malwarebytes and then downgrading it from the full edition free two week trial to the plain ol’ free edition, the registry key was removed, thereby indicating that Malwarebytes had removed it during the downgrade. He also states in the post he refers you to that after rebooting his machine, the registry key had returned, suggesting that it had been put back there by his installed default anti-malware solution, Trend Micro Internet Security.

I did not have that happen because of one of the settings in my free anti-malware solution being mis-applied by me. :-[  That situation was remedied as soon as I discovered it. B-)

To ensure the registry key gets replaced (or never removed by the Malwarebytes downgrade process in the first place), make sure your installed default anti-malware solution monitors individual program behavior as well as scanning files downloaded onto your computer and/or opened up on your computer.

Reply | Quote

MalwareBytes Free is not needed on the system. When MalwareBytes sorts out  registry key removal, it will be installed again.

There are currently issues with Microsoft updating. If MalwareBytes removes the registry key, it will be unclear what program package caused an error: MalwareByte installation or Windows update.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

Since I started this topic, I thought I’d try to find a solution or a reason for the behavior. I think I may have, finally! Turns out, Malwarebytes REMOVES the registry key if it’s set to not be registered with Windows Security Center, as seen in this post from their forums: https://forums.malwarebytes.com/topic/224593-ms-required-qualitycompat-key/?do=findComment&comment=1224553

When downgrading the installation from the full 2 week trial to the free version, Malwarebytes probably removes the key because, in the free edition, registering with the Windows Action Center is an option that’s greyed out at the bottom of the Application tab of the Settings menu item. That option is listed as Premium Only.

By the way, this will probably happen if the installation is downgraded to the free edition from the full edition after the expiration (for any reason probably) of any paid subscription anyone might have.

So, for now, the key will have to be reinstalled either manually by the user or by a default anti-malware program already installed on the computer and set to monitor changes in system settings, as noted by anonymous in post #176530 above this one.

Sorry for the bad news, @geekdom.

Hopefully Malwarebytes will change this behavior by their next program update or Microsoft will relent for the other versions of Windows besides Windows 10, in which case this whole thing becomes a moot point.

2 users thanked author for this post.

MrBrian, Elly

Reply | Quote

Bob99 wrote:

Sorry for the bad news, @geekdom.

Things change and no doubt there will be other choices, if not now, then later.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote