Malwarebytes and traditional AV weaknesses

Nice find and they indeed went down afterwards, bought by Webroot a year later. With the marketing department, MB has got right now, I expect the same. 3.0 is simply a disaster.

 

Malwarebytes went down hill a couple years ago. As with most on demands, it was designed originally for post infection clean up. Now it has real time and other features built in but its strength lies in what it was originally designed to do, and that strength is almost depleted. Without relying on the "professional" testing facilities, and or Mbams own PR, all one needs to do, is pre-infect a VM, and watch for themselves, just how much Mbam is not keeping up with any of the other products available today.

 

Remember when WannaCry first came out, all these threat maps were showing the world's landscape? That was purely informational. This Malwarebytes one is kind of reminiscent of that, kind of modeled on that serious, global paradigm, only here, the purpose is to....what? Purchase Malwarebytes?

Quote re: post #17:"...there are certain things that, by default, we do gather, however that information is only used to inform our Research team of what the current threat landscape at large looks like out there to help them better focus on the most significant/prevalent threats affecting most users..."

Nothing to say about Malwarebytes software and detections as I don't use the product. Just a longstanding interest.

Bingo.

 

Just to clarify, Adware is indeed counted. Go to the source map and hover over the "i" next to "Other AVs". It clearly states the numbers include "malware and adware".

 

What I was trying to say is that MB is not a true replacement for AV's, and on top of that their pro-active "anti-ransom" module always performs badly. The only thing good about it is the anti-exploit module. I just don't think MB Premium is worth it, and this map isn't going to change my view.

 

for me it only shows antivirus market share 1.Microsoft Consumer 2. Avast 3.AVG etc.

 

I interpreted that as those who were infected and had one of those core AVs already on the system. Actually, what I gleaned from that is that Microsoft should make its security more friendly to the mass consumer and make clear and in basic language how to manipulate the features. Defender/home version with modifications is pretty strong, but who has the time/inclination to dive into all those scripts, registry mod, etc? A waste, in my opinion. And this is just for Fall CU, not the others. Adware was counted in the dots but it said "not counted" in the text?

With various modifications (enable PUA, enable email scanning, block obfuscated scripts, etc) plus SmartScreen, you wonder whether a full adjunct suite is even necessary, maybe just the scanner part. Just an opinion. I wish Malwarebytes well.

 

Yes it is. "MBAM" (the old 2.x version) was not. But "Malwarebytes" (the new 3.x version) is.

It's marketing hype. Like all marketing schemes, they are biased and should be taken as "fluff", and with a grain of salt.

I like Malwarebytes, but if you look above, I've been critical of that map too.

 

Sometimes. But sadly, many on forums don't do their homework. Instead they are convinced their opinions and personal preferences are fact, and apply to everyone. That is often not the case.

 

Truth? From my standpoint, more like I was charmed into backing down and kind of believed what was said at the time. Malwarebytes detects certain AVs as they're registered in Action Center. The information was also used in this advertising context, exactly what many people find objectionable when it comes to privacy, "anonymity" aside. Feed me and others what we want to hear and then turn around and appear to do exactly what we were questioning down the road. Wrong? I actually prefer the tentacle-munching bot to this.

It's more like that.

 

Yes exactly, they claim it's a replacement, but not according to tests done by MRG. It's very simple, you either block malware or you don't. I also kinda like Malwarebytes overall, it's not a bad tool, but it needs to become a lot better.

 

Well, if you are going to believe MRG and their (or rather their partner, AV Comparative's) synthetic tests, then nothing I say will convince you otherwise. I don't trust any of those labs because, regardless their claims, they are synthetic tests in artificial scenarios. And sadly (except for Microsoft - because they don't need it to entice buyers), 3rd party security providers code their products to score well in those tests so they can use those scores to promote their products.

So instead of scores on synthetic tests, I believe in the real-world results. If Malwarebytes was incapable of performing its designed function, there would be millions and millions of infected Malwarebytes users complaining of infestations with Malwarebytes failing to keep them secure.

And there aren't! Just as there are not millions and millions of Windows Defender users complaining. Why? Because contrary to what the competition and testing labs want readers to believe, these programs are quite capable of providing the necessary protection users need - assuming of course, the users (ALWAYS the weakest link in security) keep their computers fully updated and they avoid being "click-happy" on unsolicited links, popups, downloads and attachments - steps they MUST take regardless their primary security solution of choice.

 

well imo it's just a matter of time. win 10 out of the box provides decent protection for the average user. so the more will migrate to win10 the less 3rd party antivirus customers will be, maybe in corporate environment but for home users 3rd party will be like 15-20% imo

 

I agree. This is especially true due to the fact W10 does provide decent protection at no additional cost - and without nagging users to pay for pro versions. This is all good because Microsoft knows if they fail to protect their users, the bashings will be relentless, as it was with XP.

 

That's not the point. I don't care about that MRG is using "zero day" malware that people may or may not encounter in real life. It's about the technical abilities of a product. If other big name AV's can stop the 400+ samples that MRG is using, then so should MB, especially now they claim to be an AV replacement. I was especially shocked by the poor detection of ransomware.

 

It is exactly the point.

400 is just a number. Bigger numbers don't mean squat. If product A can stop 1000 threats, but 500 are threats are only seen in synthetic lab tests, then the number means squat. It is just a marketing scam - like toilet paper claims of "more sheets per roll", even though the roll is narrower, the paper thinner, and it tears more easily.

Again, if your logic made any sense, there would be millions and millions of infected Malwarebytes and Windows Defender users out there. And that is just NOT happening.

 

No, it seems like you don't understand my logic. I agree with you that there are aren't millions of infected users out there, and it's easy to stay safe by simply using common sense. Actually, I haven't even patched Windows in 8 years, and haven't used a real-time AV for over 10 years, and still no infection.

But if MB fails to detect most of the 400 samples it's simply not good enough from a technical point of view, and that's what matters to me. I'm not saying that it won't do a good job in keeping most systems clean. But what if you do encounter new ransomware variants? I wouldn't count on MB at the moment.

 

I understand your logic completely. You simply refuse to accept that it's invalid. You only believe in numbers, or what you want to believe. I believe the real-world facts.

If Pesticide A can kill 10,000 bugs while Pesticide B can only kill 5,000, does that automatically mean Pesticide A is better? NO!!!!! It only matters if those bugs are found in your yard. What good is a pesticide in the Netherlands if it is designed to kill bugs in the Amazon Rain Forest? What good is the pesticide if it is designed to kill bugs that are extinct or only found in labs?

But more importantly, in relation to this discussion:

Then (1) I would question your lack of common sense because common sense says to, at the very least, keep your OS current. (2) you admitting you don't even use a real-time AV demonstrates your lack of experience in this area - not a criticism, just an observation. And finally (3), you agreeing there are not millions of infected users proves my point and contradicts and invalids your own claims about "the technical abilities of the product". You speak with forked tongue, Rasheed. So I'm done here.

 

Who says that MRG is only testing with zero day malware? They also use "in the wild" malware, and Win Defender and MB have performed quite badly in the past. In real life you never know what malware you are going to encounter (via exploit or manual install), so it makes sense to use an AV with the best detection rates. Everyone knows this, it's a no-brainer, except for you.

I use HIPS/sandbox/AE and it hasn't got anything to do with lack of experience, what a joke. I have my reasons not to patch Windows, it has often broken things in the past. Obviously, I wouldn't recommend NOT to patch, however my "experiment" has showed me that it's not easy to exploit Windows OS bugs.

The fact that people don't get infected with MB and Win Defender installed, doesn't mean those tools are actually doing a good job. Perhaps those people never even encountered malware? Perhaps they are not so trigger happy? If product A can block advanced malware, and product B doesn't, it means it's technically not as advanced as product A. Another no-brainer, end of story.