All I have on my Laptop is Malwarebytes' Anti-Malware.

Is my understanding correct that Malwarebytes' Anti-Malware will check my HDD for all malware + Virus?

I do not need any other programs do I except for Malwarebytes' Anti-Malware as it will check for everything that other Anti Virus programs check for, is that right?

I do not want a resident AV running so I would really like to just use Malwarebytes' Anti-Malware only if that is enough. Is it?:blink:

-{ Quote: "All I have on my Laptop is Malwarebytes' Anti-Malware.

Is my understanding correct that Malwarebytes' Anti-Malware will check my HDD for all malware + Virus?

I do not need any other programs do I except for Malwarebytes' Anti-Malware as it will check for everything that other Anti Virus programs check for, is that right?

I do not want a resident AV running so I would really like to just use Malwarebytes' Anti-Malware only if that is enough. Is it?:blink:" }-

No, that is not correct. MBAM is a great program that I would not be without, but it does not detect and prevent all the different types of malware. It is my view that you do need an AV. There are some good free ones.

Regards,
Jerry

+1
Nope its not enough. Its a great antimalware and catches alot of things. You still should have a resident AV. You can try panda cloud AV or any of the other free ones out there. Try a few and see what works best.

Not enough, layered approach or you should get a second hand opinions scanners. Preferably Layered Approach ;)

-{ Quote: "All I have on my Laptop is Malwarebytes' Anti-Malware.

Is my understanding correct that Malwarebytes' Anti-Malware will check my HDD for all malware + Virus?

I do not need any other programs do I except for Malwarebytes' Anti-Malware as it will check for everything that other Anti Virus programs check for, is that right?

I do not want a resident AV running so I would really like to just use Malwarebytes' Anti-Malware only if that is enough. Is it?:blink:" }-


Another vote for "not enough".

If you don't want real-time protection, the free versions of Prevx or Immunet would add another quality scanner.
You might also consider the new Emsisoft Emergency Kit which is free.

If you haven't already done so, add SandboxIE, Keyscrambler, and a good HIPS, perhaps included with a good firewall such as Online Armor.

Running with a Limited User Account is also a good security policy, and common sense plus staying away from XXX websites and those websites offering pirated software will help to avoid nasties.

As others have already suggested, using a layered approach to security is the best policy, and don't forget a good imaging program if all else fails or you get careless.

What you are protecting and the potential danger level do factor in here but we do suggest that MBAM be paired with at least a standalone AV.

Is this a single user PC with UAC that will have the OS and all web facing apps kept up to date or is this a PC with multiple teenage users that are likely to have "fun" with it?

Will this be a surfing/email/apps PC or will this also be used for banking/shopping?


MBAM+AV+LUA(for "dangerous" sessions)+alt browser with script control+keeping up to date is plenty for the average user without the need for excessive hands on maintenance nor the need to google a lot of messages.

thanks bruce:thumb:

In the depths of winter you wouldn't go outside with just a heavy winter coat on no matter how warm the coat was.

If you went into someone's house and the the coat came off.....well..

Layers keep you warm and safe :)

lolzz... but IMO for an experienced user MBAM is enough (even nothing..;))... Because MBAM specializes in taking care of DBD rogues..:)

I've been running fine with only MBAM as my real-time scanner. No infections at all. And it's been almost 8 hours. :)

-{ Quote: "I've been running fine with only MBAM as my real-time scanner. No infections at all. And it's been almost 8 hours. :)" }-
You will stay 8 years like this if you have cs.exe installed..;) ;D

-{ Quote: "You will stay 8 years like this if you have cs.exe installed..;) ;D" }-
Whats that? ;D

-{ Quote: "Whats that? ;D" }-
Common sense ..;) :P :thumb:

-{ Quote: "Common sense ..;) :P :thumb:" }-

But you should always use the latest version :thumb: :D

-{ Quote: "But you should always use the latest version :thumb: :D" }-
yep, patches should always be installed..:-*

Jokes aside I really think you may not need anything in real time other than MBAM and Sandboxie. You can keep a on-demand scanner to check downloaded attachment...:)

-{ Quote: "yep, patches should always be installed..:-*

Jokes aside I really think you may not need anything in real time other than MBAM and Sandboxie. You can keep a on-demand scanner to check downloaded attachment...:)" }-

I guess the more common sense, the less defenses you need. I have wondered about how effective on-demand scanning is though. Would it be too late at that point with some malware? Couldn't some of them wreck the computer if it gets on?

I don't agree that CS alone is enough. I know a lot of people who have CS who get infected even though they do not click on things that they know little or nothing about including email.
I think the CS only advocates are an infection waiting to happen.

Regards,
Jerry

-{ Quote: "I don't agree that CS alone is enough. I know a lot of people who have CS who get infected even though they do not click on things that they know little or nothing about including email.
I think the CS only advocates are an infection waiting to happen.

Regards,
Jerry" }-
Not alone..!! Sandboxie and MBAM is there to complement it...:)

The problem with "common sense" alone is that it only defines your actions. All it takes is one hacked legit site or one ad supported site that gets a bad ad stream and your "common sense" has been negated by an exploit.

You cant stop your otherwise safe actions from being changed to dangerous ones exterior to your machine so there is a minimal need to protect against the potential consequences.

It sucks but even safe surfing is not completely safe.


I think the best example of this from my own personal experience was on my ISP's home page. It has ads and one of them did attempt to load acrobat and then java and then a trojan. If you can get infected on your ISP's home page then obviously "common sense" is not bullet proof.

-{ Quote: "The problem with "common sense" alone is that it only defines your actions. All it takes is one hacked legit site or one ad supported site that gets a bad ad stream and your "common sense" has been negated by an exploit.

You cant stop your otherwise safe actions from being changed to dangerous ones exterior to your machine so there is a minimal need to protect against the potential consequences.

It sucks but even safe surfing is not completely safe.


I think the best example of this from my own personal experience was on my ISP's home page. It has ads and one of them did attempt to load acrobat and then java and then a trojan. If you can get infected on your ISP's home page then obviously "common sense" is not bullet proof." }-

Very true, but this time in my experience, i think i haven't got infected in a few years ;D
Well, it's only time when my turn comes :lurking:

-{ Quote: "Very true, but this time in my experience, i think i haven't got infected in a few years ;D
Well, it's only time when my turn comes :lurking:" }-

Well, it will give some additional experience of cleaning an infected system, and provide data as to the effectiveness of various applications. Boy, that sounds like fun.;D

Regards,
Jerry

-{ Quote: "+1
Nope its not enough. Its a great antimalware and catches alot of things. You still should have a resident AV. You can try panda cloud AV or any of the other free ones out there. Try a few and see what works best." }-

So why can't Malwarebytes' Anti-Malware catch all malware ? What's wrong with it?

And isn't virus classified as malware?

-{ Quote: "No, that is not correct. MBAM is a great program that I would not be without, but it does not detect and prevent all the different types of malware. It is my view that you do need an AV. There are some good free ones.

Regards,
Jerry" }-

Are you serious? Malwarebytes' Anti-Malware does not detect and prevent all the different types of malware? Why not?:blink: What's wrong with it? Then Malwarebytes' Anti-Malware isn't so good after all if it's missing malware that other scanners will detect!

-{ Quote: "Another vote for "not enough".

If you don't want real-time protection, the free versions of Prevx or Immunet would add another quality scanner.
You might also consider the new Emsisoft Emergency Kit which is free.

If you haven't already done so, add SandboxIE, Keyscrambler, and a good HIPS, perhaps included with a good firewall such as Online Armor.

Running with a Limited User Account is also a good security policy, and common sense plus staying away from XXX websites and those websites offering pirated software will help to avoid nasties.

As others have already suggested, using a layered approach to security is the best policy, and don't forget a good imaging program if all else fails or you get careless." }-

Ok I downloaded the Emsisoft Emergency Kit.

So now I am running Malwarebytes' Anti-Malware + Emsisoft Emergency Kit from a USB stick.

Is that enough now? Those 2 programs?

BTW, I run Sandboxie when I visit websites that may be dodgy.

Also, I tried Keyscrambler once but I deleted it because it doesn't support pasting text. I have 30 character long passwords that I paste into forms but Keyscrambler don't support pasting. Besides, how can I have a keylogger infecting my laptop when I never download any programs and when I am running Malwarebytes' Anti-Malware + Emsisoft Emergency Kit which checks for keyloggers?

-{ Quote: "What you are protecting and the potential danger level do factor in here but we do suggest that MBAM be paired with at least a standalone AV.

Is this a single user PC with UAC that will have the OS and all web facing apps kept up to date or is this a PC with multiple teenage users that are likely to have "fun" with it?

Will this be a surfing/email/apps PC or will this also be used for banking/shopping?


MBAM+AV+LUA(for "dangerous" sessions)+alt browser with script control+keeping up to date is plenty for the average user without the need for excessive hands on maintenance nor the need to google a lot of messages." }-

Banking also.

-{ Quote: "Are you serious? Malwarebytes' Anti-Malware does not detect and prevent all the different types of malware? Why not?:blink: What's wrong with it? Then Malwarebytes' Anti-Malware isn't so good after all if it's missing malware that other scanners will detect!" }-

Ask Bruce in post 19. I can't answer the question, but from years here on Wilders I am sure of my answer.
In my opinion MBAM is the best overall Anti-malware application of its type.
Regards,
Jerry

-{ Quote: "Ask Bruce in post 19. I can't answer the question, but from years here on Wilders I am sure of my answer.
In my opinion MBAM is the best overall Anti-malware application of its type.
Regards,
Jerry" }-

If it's the "best" why are people telling me it's not enough and that I need other malware scanners to detect stuff that MBAM misses? That confuses me:blink:

Then it's not so good after all if other scanners can detect malware that MBAM misses.

I am happy I learned about this now as I had been falsely relying on MBAM alone, which I now realise is not so good after all as it misses some infections that other scanners detect.

-{ Quote: "If it's the "best" why are people telling me it's not enough and that I need other malware scanners to detect stuff that MBAM misses? That confuses me:blink:

Then it's not so good after all if other scanners can detect malware that MBAM misses.

I am happy I learned about this now as I had been falsely relying on MBAM alone, which I now realise is not so good after all as it misses some infections that other scanners detect." }-


MBAM is excellent, but no single antivirus/antispyware application can catch everything. This is why a "second opinion" scanner is recommended- to work WITH Malwarebytes- to augment it's capabilities with those featured in a second AV/AM.
Likewise, while scanning is the traditional method for locating the bad stuff, other types of security applications add to the total protection package.

Just as malware scanners do their part, also contributing are a good and properly configured firewall, an effective and properly configured HIPS (if not included in the firewall), sandboxing, whole system virtualization, an effective backup strategy, LUA, SRP, and common sense.

All of the above are "layers" of protection, and with this "layered" defense, you employ a variety of tactics to thwart malware.

Reading this thread, you have been given excellent advice and numerous suggestions for securing your computer; you should be thankful.

-{ Quote: "If it's the "best" why are people telling me it's not enough and that I need other malware scanners to detect stuff that MBAM misses? That confuses me:blink:

Then it's not so good after all if other scanners can detect malware that MBAM misses.

I am happy I learned about this now as I had been falsely relying on MBAM alone, which I now realise is not so good after all as it misses some infections that other scanners detect." }-

What I can tell you is there is no single scanner that detects all malware. For that reason most use a layered approach.
If you check various test organizations you will see that no AV is perfect. I rely on AV Comparatives to provide the best information regarding the detection rates of AVs. You might check that site as you desire.
http://www.av-comparatives.org/

I don't know of a test organization that provides a complete test of the various AM applications such as SAS and MBAM.

Sorry I cannot offer more help, but that is about all I know about the subject.

Regards,
Jerry

but you can layer away and still be missing the one layer out of them all, that detects the specific malware. Keep in mind, the more blankets you add the more weight you may add.

Me? Pick one good one and enjoy your computer.

layer is good;)

Most of the MBAM team are members of the antimalware community and we have always suggested a layered approach, that does not go away just because we have a product.

Personally I have always liked the idea of eliminating single points of failure. Even if its just MBAM + AV it is unlikely that an attack or error will leave your system naked.

bruce you have Nod32 antivirus?

There are many systems in my house but the only "family" machine is set up with MBAM pro + Avira pro and LUA for browsing sessions. I obviously keep everything up to date. In the case of this system this is "enough" as there is minimal risk and nothing to protect.

I have a dedicated machine for financial transactions and that is locked down with policies and anti-execution.

Our users seem to like MSE + MBAM, Avira + MBAM and NOD32 + MBAM. We are seeing more and more Avast + MBAM users as well.

nice to know bruce:thumb:

i have Mbam Pro+PE Guard+WinPatrol Plus

-{ Quote: "MBAM is excellent, but no single antivirus/antispyware application can catch everything. This is why a "second opinion" scanner is recommended- to work WITH Malwarebytes- to augment it's capabilities with those featured in a second AV/AM.
Likewise, while scanning is the traditional method for locating the bad stuff, other types of security applications add to the total protection package.

Just as malware scanners do their part, also contributing are a good and properly configured firewall, an effective and properly configured HIPS (if not included in the firewall), sandboxing, whole system virtualization, an effective backup strategy, LUA, SRP, and common sense.

All of the above are "layers" of protection, and with this "layered" defense, you employ a variety of tactics to thwart malware.

Reading this thread, you have been given excellent advice and numerous suggestions for securing your computer; you should be thankful." }-

I year ya, thanks.

I now use EmergencyKitScanner in addition to MBAM.

-{ Quote: "but you can layer away and still be missing the one layer out of them all, that detects the specific malware. Keep in mind, the more blankets you add the more weight you may add.

Me? Pick one good one and enjoy your computer." }-

I wonder what that "good one" is according to you ;D hehe

-{ Quote: "There are many systems in my house but the only "family" machine is set up with MBAM pro + Avira pro and LUA for browsing sessions. I obviously keep everything up to date. In the case of this system this is "enough" as there is minimal risk and nothing to protect.

I have a dedicated machine for financial transactions and that is locked down with policies and anti-execution.

Our users seem to like MSE + MBAM, Avira + MBAM and NOD32 + MBAM. We are seeing more and more Avast + MBAM users as well." }-

But what about all the 100s of new malware and virus that is released every day onto the internet? Those scanner won't detect them for hours, sometimes days, before they learn about the new malware and add it to their definition. Right or wrong?

Both right and wrong actually. Many definitions are smart enough to predict future variations or collective malware protection tech thus detecting malware yet to be coded. IP protection does the same as most new malware will come in through know black listed IP addresses.

AV software does work a bit differently yet also is very good at predicting malware yet to be known and/or coded.

That being said there is always malare so new or changed that it is unlikely its 0hour will have good detection. This actually is the very reason we added IP protection to MBAM, it affords very good defense against these new threats.

-{ Quote: "Both right and wrong actually. Many definitions are smart enough to predict future variations or collective malware protection tech thus detecting malware yet to be coded. IP protection does the same as most new malware will come in through know black listed IP addresses.

AV software does work a bit differently yet also is very good at predicting malware yet to be known and/or coded.

That being said there is always malare so new or changed that it is unlikely its 0hour will have good detection. This actually is the very reason we added IP protection to MBAM, it affords very good defense against these new threats." }-

There seem to be many who do not run MBAM, or similar applications, real time but instead depend upon periodic scans.

I would appear to me that it is wiser to run MBAM real time to intercept malware that the AV does not detect. I would rather prevent than clean.
I am not too sure why some prefer to run MBAM on demand, but it has never loaded my system, even the laptop with 1 gig of RAM. The very small price of MBAM is worth it to be able to prevent malware.

Regards,
Jerry

-{ Quote: "There seem to be many who do not run MBAM, or similar applications, real time but instead depend upon periodic scans.

I would appear to me that it is wiser to run MBAM real time to intercept malware that the AV does not detect. I would rather prevent than clean.
I am not too sure why some prefer to run MBAM on demand, but it has never loaded my system, even the laptop with 1 gig of RAM. The very small price of MBAM is worth it to be able to prevent malware.

Regards,
Jerry" }-
Probably because they don't own a license? :P
I could be in this group :D

-{ Quote: "Probably because they don't own a license? :P
I could be in this group :D" }-

Now is a good time to change.;D The cost of a license is very little for a lifetime.

Regards,
Jerry

-{ Quote: "Now is a good time to change.;D The cost of a license is very little for a lifetime.

Regards,
Jerry" }-
Oh well, it's true, cheap for a top notch AV and lifetime license ::)
BUT, i'm still too young to make transactions online ;) HEHEHEHE

-{ Quote: "If it's the "best" why are people telling me it's not enough and that I need other malware scanners to detect stuff that MBAM misses? That confuses me:blink:

Then it's not so good after all if other scanners can detect malware that MBAM misses.

I am happy I learned about this now as I had been falsely relying on MBAM alone, which I now realise is not so good after all as it misses some infections that other scanners detect." }-

MBAM focuses on the threats traditional antivirus programs regularly miss and not on what traditional antivirus programs are already good at ;)

And the most important fact, no AV is 100% bullet proof ;)
That's why you can't put all your trust in 1 layer ;D

You should add a free AV - but there is no need for 23 AM/AV tools :) Don't listen to the wilders freaks ;D

-{ Quote: "You should add a free AV - but there is no need for 23 AM/AV tools :) Don't listen to the wilders freaks ;D" }-

I added a free AV, Emsisoft emergency kit.

You know that Emergency kit is only on demand. Not to be one of the wilders freaks but you may want to add a realtime AV. Something free, of course, like AVast, avira, avg, panda cloud...etc.

MBAM real time this is me.....;D

-{ Quote: "And the most important fact, no AV is 100% bullet proof ;)
That's why you can't put all your trust in 1 layer ;D" }-
+1 8)

-{ Quote: "All I have on my Laptop is Malwarebytes' Anti-Malware.

Is my understanding correct that Malwarebytes' Anti-Malware will check my HDD for all malware + Virus?

I do not need any other programs do I except for Malwarebytes' Anti-Malware as it will check for everything that other Anti Virus programs check for, is that right?

I do not want a resident AV running so I would really like to just use Malwarebytes' Anti-Malware only if that is enough. Is it?:blink:" }-

If you have imaging in place, it's more than enough. If not, than no.

If your hobby is computer security programs, it's not even close to being enough :shifty:

-{ Quote: "You know that Emergency kit is only on demand. Not to be one of the wilders freaks but you may want to add a realtime AV. Something free, of course, like AVast, avira, avg, panda cloud...etc." }-

That's what I want, on-demand, not realtime AV as it bogs down and slows down my Laptop.

I only download and install programs very rarely, and if I do, I get them from filehippo or softpedia, so I doubt I will ever get a virus anyway.

And I use firefix + noscript. And when I visit dodgy websites I run sandboxie. So I don't feel I need a realtime AV.

So I just use BMAM + Emergency kit to check my Laptop every few days.

-{ Quote: "MBAM real time this is me.....;D" }-

Haven't you heard? That's not good enough and you need an extra layer.

Sorry I missed that you were using sandboxie. You should be good with those two demand scanners.

I use Sandboxie, and at the moment am using Avast and MBAM real-time with no drag.

Sandboxie on x64 is useless. It can only 'recommend' applications not to do things to your system. It's like asking a drug addict to please, please, please stop doing drugs.

MBAM is a specialist.
AV is a generalist.

They have different purposes.

MBAM is a sniper while AV's are the Abrams division.

-{ Quote: "Sandboxie on x64 is useless. It can only 'recommend' applications not to do things to your system. It's like asking a drug addict to please, please, please stop doing drugs." }-

From what I have read, this statement is not accurate. From the developer:

"It should be noted, however, that even with this disadvantage, the 64-bit edition of Sandboxie is still an adequate front line of defense against most types of malicious software.

Additionally, in order to compensate for this disadvantage, the 64-bit edition of Sandboxie enables the Drop Rights setting by default. This setting may need to be disabled before software can be installed into a sandbox."

the reality is, no one has proven that it isnt enough by itself. I mean they say it wont be but yet it is the best at issues after the fact? Doesnt make sense. I personally think you can run it in real time by itself and do a weekly scan and be as protected as the rest of the so-rans around here.

I agree with trjam, but the question is - if the vendor itself is hesitant in promoting it as a standalone product, why would you risk it? they obviously have no deal cut out with other AV vendors to promote MBAM in this way right?

Even though I don't use a realtime blacklist I will say that MBAM has helped me cleanup many other PC's more so than any other AM/AV with rogue security apps being the majority of infections.

+1
MBAM is excellent at picking some of the trojans and fake av's that normal AV's miss. It does good job on real time as well. It speaks up before my AV does. I wouldn't use it as a stand alone though. I've used most of the other AM and MBAM has also been consistant.

So, have any of you had a case where MBAM failed to detect some malware, but some other Antivirus/antimalware did?

-{ Quote: "So, have any of you had a case where MBAM failed to detect some malware, but some other Antivirus/antimalware did?" }-
I agree, where is the proof? I personally think that MBAM as well as Prevx may actually be better then some AVs in real time.

-{ Quote: "I agree, where is the proof? I personally think that MBAM as well as Prevx may actually be better then some AVs in real time." }-

I sometimes see where a member has conducted a test or tests. How about using MBAM against the same malware that was used against AVs?
Evidently various trojans and other malware can be obtained. How about someone who has the time and expertise running a comparative test with MBAM vs Avast for example?

Regards,
Jerry

LOL, i think this arguing is non sense, the simple answer is just NOT! ;D :thumb:

-{ Quote: "I sometimes see where a member has conducted a test or tests. How about using MBAM against the same malware that was used against AVs?
Evidently various trojans and other malware can be obtained. How about someone who has the time and expertise running a comparative test with MBAM vs Avast for example?

Regards,
Jerry" }-

That would be good.

I'm sure that MBAM misses some malware that other software would catch; I am not so certain that there is ONE other anti-virus that would catch most of the stuff MBAM misses. In other words, an anti-virus in addition to MBAM may only bring negligible benifit; and thus some other software other than anti-virus may be best to use with MBAM.

How about running some host intrusion prevention system together with malwarebytes. I am running, for instance, defensewall alongside malwarebytes, acronis and virus total uploader just in case, very smooth, easy to use, safe and cheap in the long run.

regards
boris

-{ Quote: "So, have any of you had a case where MBAM failed to detect some malware, but some other Antivirus/antimalware did?" }-


Not on my computer, but on one belonging to a friend.
He has MBAM full version.
He installed the new version of Ad-aware with Viper and on the initial scan it found malware missed by Malwarebytes.

I can't recall what was found, but he tells me Ad-aware dealt with it effectively.
Now he uses MBAM full with real-time protection and also scans with Ad-aware just to be sure.

If some here are capable of testing AVs against Malware why can't you test MBAM against the same samples? For me that would be significant even if you would be accused of conducting junk tests.

If a system is exposed to even 20 random samples with only an AV or MBAM installed at a time the results would be very interesting.

Who has the courage, time, and expertise?

I wonder if IBK could give us some insight when he is available?

Regards,
Jerry

These tests where A versus B all it really tells me is that if A hits the sample and B doesn't means that B hasn't seen the sample as yet and hasn't been added to their defs.

A better test would be to check for dregs left behind after a cleanup by A and B.

-{ Quote: "These tests where A versus B all it really tells me is that if A hits the sample and B doesn't means that B hasn't seen the sample as yet and hasn't been added to their defs.

A better test would be to check for dregs left behind after a cleanup by A and B." }-

But if one gets infected what does it matter if it was lack of updates or whatever? Update frequency is important, although it alone is not the criterion.

My own desire is not so much cleanup or detection after the fact, but prevention. That is the reason I run applications real time.
Although I have not had an attempte intrusion in years, when I did it was not the AT that alerted, but the AVs. In those cases I was using Norton, or BD, and in one case Kaspersky. I Don't recall the AT application, but it was not MBAM.

Regards,
Jerry

Er, AT stands for ??

The 3 big problems with testing are:

A static sample cant tell you if its source would have been blocked (exploit, URL, IP......).
A static test says nothing about the difference between static and life execution (sometimes it is a lot).
A sample even 3 days old is kind of useless in a test let alone malware from years ago.

Testing is starting to move from "right click folder of 500,000 samples" to live source testing so the results should be getting a little more real.

One thing to keep in mind about AV and A*, it is not only about the what, it is also about the how. One hitting and one missing may not have anything to do with the type of infection but instead how it is attacked. This is one of the reasons layered should work better as you are combining both different defs and different tech.

-{ Quote: "The 3 big problems with testing are:

A static sample cant tell you if its source would have been blocked (exploit, URL, IP......).
A static test says nothing about the difference between static and life execution (sometimes it is a lot).
A sample even 3 days old is kind of useless in a test let alone malware from years ago.

Testing is starting to move from "right click folder of 500,000 samples" to live source testing so the results should be getting a little more real.

One thing to keep in mind about AV and A*, it is not only about the what, it is also about the how. One hitting and one missing may not have anything to do with the type of infection but instead how it is attacked. This is one of the reasons layered should work better as you are combining both different defs and different tech." }-

Many thanks, Bruce.
I wonder about the Dynamic tests done by AV-C. Is that a static test or do they attempt to infect clean systems. That is what I thought was taking place. If I am correct then can't it also be done with A* applications?

I think an important key is how malware is attacked. I have no understanding of the details, but that is the difference between the two type applications we are discussing. So while there is a lot of overlap there are enough differences that require some degree of layering. Is that correct?

Added: I make that statement because of a friend whose computer was infected by Antivir rogue that Norton did not prevent or even detect. But MBAM made short work of it with one Quick Scan. That does not necessarily indicate that MBAM would detect everything Norton would plus more. But I am convinced that rogues are not detected as well by AVs as MBAM.

Thanks again. I know you are busy, but your participation is always a great help.

Regards,
Jerry

-{ Quote: "I wonder about the Dynamic tests done by AV-C. Is that a static test or do they attempt to infect clean systems. That is what I thought was taking place. If I am correct then can't it also be done with A* applications?" }-

I am only commenting on old style testing. On a test with hundreds of thousands of samples they are not executing anything, that would take forever * the number of vendors being tested not to mention reimaging every time something makes it through. Any dynamic test where the input is sources instead of samples is real enough IMO as long as their is an attempt to make the input as broad as possible.

-{ Quote: "I think an important key is how malware is attacked. I have no understanding of the details, but that is the difference between the two type applications we are discussing. So while there is a lot of overlap there are enough differences that require some degree of layering. Is that correct?" }-

Yes, there are dissimilarities in both the "what" and the "how" that allow a "greater than the sum of their parts" scenario. For example if you gave our complete research set to an AV they would not detect more than that AV on its own + our software as only the "what" would be expanded, you need a second dissimilar engine to expand the "how" and "what".

As I brought up earlier though all of this is contingent on computing both the risks your system is forced to take and what you are trying to protect. An XP system with multiple users that is used for online shopping and a single user windows 7 64bit system used for email and surfing require very different levels of security to achieve relatively similar levels of safety.

Thank you very much, Bruce. You have been very helpful.

FWIW I have a question on the AV-C forums regarding including MBAM in dynamic testing. Of course this assumes you would agree, and there might be legitimate reasons why you would not. I was wondering about the difficulty of such a test. So far no answer, but I don't expect immediate answers. It might not be practical, but I am wondering if it would be.

Some years a member of Wilders made some test where he tested several AVs and then tested again with an AT

Here are the links. Hope they work.
http://www.wilderssecurity.com/showthread.php?t=83323
http://www.wilderssecurity.com/showthread.php?t=58597

He used Ewido and a squared beta as the ATs. Results were interesting, but I am sure those ATs were different from today's MBAM and similar applications.

I appreciate your help.

Regards,
Jerry

-{ Quote: "Not on my computer, but on one belonging to a friend.
He has MBAM full version.
He installed the new version of Ad-aware with Viper and on the initial scan it found malware missed by Malwarebytes.

I can't recall what was found, but he tells me Ad-aware dealt with it effectively.
Now he uses MBAM full with real-time protection and also scans with Ad-aware just to be sure." }-

I will provide another example: I had scanned a computer with MBAM free(it caught a few malware); then I scanned with Bitdefender rescue CD, which found this:
http://www.bitdefender.com/VIRUS-1000060-en--Win32.Nyxem.E@mm.html

I tried scanning with the Kaspersky rescue CD, but the scan hangs soons after it starts, CPU usage 100% with "scan malfunction" in the logs.