Is Malwarebytes' Anti-Malware Enough?

Many thanks, Bruce.
I wonder about the Dynamic tests done by AV-C. Is that a static test or do they attempt to infect clean systems. That is what I thought was taking place. If I am correct then can't it also be done with A* applications?

I think an important key is how malware is attacked. I have no understanding of the details, but that is the difference between the two type applications we are discussing. So while there is a lot of overlap there are enough differences that require some degree of layering. Is that correct?

Added: I make that statement because of a friend whose computer was infected by Antivir rogue that Norton did not prevent or even detect. But MBAM made short work of it with one Quick Scan. That does not necessarily indicate that MBAM would detect everything Norton would plus more. But I am convinced that rogues are not detected as well by AVs as MBAM.

Thanks again. I know you are busy, but your participation is always a great help.

Regards,
Jerry

 

I am only commenting on old style testing. On a test with hundreds of thousands of samples they are not executing anything, that would take forever * the number of vendors being tested not to mention reimaging every time something makes it through. Any dynamic test where the input is sources instead of samples is real enough IMO as long as their is an attempt to make the input as broad as possible.

Yes, there are dissimilarities in both the "what" and the "how" that allow a "greater than the sum of their parts" scenario. For example if you gave our complete research set to an AV they would not detect more than that AV on its own + our software as only the "what" would be expanded, you need a second dissimilar engine to expand the "how" and "what".

As I brought up earlier though all of this is contingent on computing both the risks your system is forced to take and what you are trying to protect. An XP system with multiple users that is used for online shopping and a single user windows 7 64bit system used for email and surfing require very different levels of security to achieve relatively similar levels of safety.

 

Thank you very much, Bruce. You have been very helpful.

FWIW I have a question on the AV-C forums regarding including MBAM in dynamic testing. Of course this assumes you would agree, and there might be legitimate reasons why you would not. I was wondering about the difficulty of such a test. So far no answer, but I don't expect immediate answers. It might not be practical, but I am wondering if it would be.

Some years a member of Wilders made some test where he tested several AVs and then tested again with an AT

Here are the links. Hope they work.
https://www.wilderssecurity.com/showthread.php?t=83323
https://www.wilderssecurity.com/showthread.php?t=58597

He used Ewido and a squared beta as the ATs. Results were interesting, but I am sure those ATs were different from today's MBAM and similar applications.

I appreciate your help.

Regards,
Jerry

 

I will provide another example: I had scanned a computer with MBAM free(it caught a few malware); then I scanned with Bitdefender rescue CD, which found this:
http://www.bitdefender.com/VIRUS-1000060-en--Win32.Nyxem.E@mm.html

I tried scanning with the Kaspersky rescue CD, but the scan hangs soons after it starts, CPU usage 100% with "scan malfunction" in the logs.