Ask Leo! #627 – Trusting Your Security Software, Second Hand Access, The Mess That Is Event Viewer, and more…


Should I Accept My Security Software's Recommendation of What to Remove?

I downloaded the Malwarebytes you suggested and did a scan. It showed more than 330 things which it asked whether to remove. Do I just accept that these are things that should be removed? The things recommended for removal are listed below. Some of the sentences include microsoft explorer, lenovo browser guard, etc, which when I look at them I am uncertain about deleting because I do not know if I am deleting something that's important.

Do I just delete whatever Malwarebytes asks to delete every time it makes such suggestions?

<~300 entries, mostly registry-related, snipped>

This is one of those questions we never think about until someone asks.

What we're really asking is, "Do I trust my security software to make the right recommendations?"

And the answer, as it is so many times, is: it depends.

Continue Reading: Should I Accept My Security Software's Recommendation of What to Remove?

How Do I Get the Password for a Computer I Purchased at a Garage Sale?

I purchased a computer at garage sale but they did not know main password. Is there a way I can get this free? Hope I did not throw my money away.

I'm going to assume that by "main password" you mean the Windows log-in password.

I'll show you how you can bypass that on most computers and set your own – it's really not that hard.

Then I'll tell you why you really don't want to do what I suspect you're planning to do.

You probably have a very useful machine, even if you can't log in to it right away.

Continue Reading: How Do I Get the Password for a Computer I Purchased at a Garage Sale?

What is Event Viewer, and Why Does It Have So Many Errors?

In an ideal world, you'd never care about Event Viewer.

In an ideal world, software and hardware would always work, always meet expectations, and there'd never be a need to try to figure out why things are happening the way they are. In even a slightly less ideal world, we'd be able to rely on Event Viewer for clear and consistent information about what your system and all the applications running on it are experiencing.

Sadly, we do not live in an ideal world, or even a world only slightly less than ideal. While Event Viewer can be a source of excellent clues into system failures and behavior, it can also be a frustrating, incomprehensible mess.

And scammers are leveraging that confusing mess to their advantage.

Continue Reading: What is Event Viewer, and Why Does It Have So Many Errors?


Become a Patron on Patreon

Previous Issue

Glossary Term


A virus is a computer program written by someone, with the presumed intent of spreading and causing grief. Like a human virus, a virus makes the infected computer "sick": it causes poor performance, crashes, lost files and data, or more.

Also like a human virus, a computer virus replicates itself. Just as you can copy a file from one disk to another and have copies on both disks, a computer virus is in part defined by its ability to make copies of itself. Exactly how a virus does this depends on its type, but can include propagation over removable media such as USB drives, networks, or network-based activities such as user downloads.

Glossary Terms are featured selections from The Ask Leo! Glossary.
Have a term you'd like defined? Submit it here.

Featured Comments

Should I Accept My Security Software's Recommendation of What to Remove?

Ray Smith writes:

"Given that I trust Malwarebytes, my default answer is easy. Yes: when it recommends something be deleted, it's probably safe to delete it." - I disagree. Incorrect detections are not at all uncommon, as you can see from the company's own forum:

Sometimes, as you said, incorrect detections can cause major problems - as was the case a couple of years ago when Malwarebytes broke tens of thousands of machines:

"As many of you are aware, we suffered a false positive earlier today which caused many of our users' systems to be rendered inoperable."

To be clear, I'm in no way criticizing Malwarebytes: like death and taxes, false positives are inevitable. It does mean, however, that it's not a good idea to blindly allow your security apps to delete things. Instead, it's better to first do some research. And in some cases, simply uninstalling a program in the usual way may be a better option that allowing a security app to delete it.

Lenovo Browser Guard - mentioned at the start of your post - is neither malware nor a PUP:

"Q: Why does my antivirus program display a warning about Lenovo Browser Guard?

A: The way Browser Guard operates to protect your settings can in some cases be mistaken for being suspicious activity by some antivirus programs. Since antivirus programs take the road of caution when they cannot fully determine if a file is a threat or not they prompt the user to investigate the file to ensure it is something they want.

Q: Is Browser Guard so called malware?

A: No, that an antivirus program may prompt the user about Browser Guard should not be a cause of alarm. All the program does is to stop other pieces of software from changing the user's browser settings without the user's consent."

If somebody doesn't need/want it installed, the best course of action is to simply uninstall it.

Leo writes:

At the conceptual level I actually agree. Researching proposed removals would be the safest thing to do. The problem is that it's neither practical or pragmatic for the average computer user to do so, or to understand the results of that research if they do.

While bad things can happen, they don't happen that often, in my experience.

The best protection, in my opinion, remains a solid backup. Should disaster happen (of any kind), a restore should clean it right up. I think it's more important that everyone have a backup strategy in place than it is to expect them all to be able to knowledgeably and reliably research the random items reported by their security software.

Yeppers writes:

Ray Smith, you must be psychic. A day after your above reply to me, I scan my PC using Malwarebytes Anti-Malware (MAM) - and, for the very first time, it detected two malicious items. What a coincidence! And this is a PC I use just for online banking and is therefore kept very clean.

In my slight state of panic, I clicked on the Remove button -- and thinking shortly afterward I shouldn't have done that, concerned that I prematurely deleted the two threats from quarantine. It turned out the Remove button only moved the threats to quarantine. Then, remembering your internet link, Ray, I went to the MAM forum and discovered that my two threats were in fact false positives. (Reason: Microsoft forgot to digitally sign two of their own files.) Hooray! These same false positives had caused havoc to many PC's in the corporate world. Fortunately for me, because these were corporate clients who were adversely impacted, MAM investigated the problem quickly. A sigh of relief from me, because I had been thinking I would have to go through the trouble of restoring my PC using a disk image backup.

So I thought: no problem. I'll just restore those two threats, and I'll be done. Unfortunately, MAM wouldn't restore the two files. (It turns out that many users in the corporate world couldn't restore them either. Some users couldn't even re-boot their PC's, which was a problem I didn't have, thank God.) So, I used a restore point to return the two files to the registry. Fortunately, restore point completed successfully (it doesn't always). Unfortunately, I then discovered that restore point corrupted MAM and Norton, my real time anti-malware software (an occasional side effect when using restore point.) So for a short period of time, I had to connect with the internet without any protection in order to reinstall my anti-malware software. Finally, after some double-checking, I was done. I hope everything is okay now.

Moral of the story: I had said be careful about deleting items from quarantine. Be careful also about transferring items into quarantine in the first place - because you may not be able to restore them if the 'threats' turn out to be false positives. (Unfortunately for me, my inclination is to quarantine potential threats asap.) And, oh yeah, stay calm.

Thanks, Leo, for a very timely article -- and to you, Ray, for some very timely and on-target advice.

The Ask Leo! Tip of the Day

A feature exclusively available to Ask Leo! Patrons.

Leo's Books

Backing Up 101 Saved! - Backing Up with Macrium Reflect - 2nd Edition Saved! Backing Up With EaseUS Todo
Saved! - Backing Up with Windows 7 Backup Saved! - Backing Up with Windows 8 Backup
Just Do This: Back Up! The Ask Leo! Guide to Internet Safety The Ask Leo! Guide to Routine Maintenance Maintaining Windows XP - A Practical Guide

More Ask Leo!

Facebook - YouTube - Google+ - Twitter
Amazon - GoodReads


Need more help with or have questions about the newsletter? Check out the newsletter administration page.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at for their own FREE subscription!

Newsletter contents Copyright © 2016,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC