WHat is the difference between MBAM and an AV?

As I couldn't get a straight answer in another thread, people keep using MBAM to clean/judge the miserable performance of some AVs. Question: if MBAM is not an AV, why is it used to judge AVs performances? Moreover why doesn't MBAM participate to AV Comparatives if it is so good with 'on demand scans'? Why would you run MBAM and an AV simultaneously, if MBAM will trash any other AV?

 

MBAM is a software that is only focused on malware that other AVs miss. Just remember that for every piece of malware that MBAM detects, it misses100s of thousands of others simply because it doesn't even try to detect them.

If you did a reverse test i.e. use any AV to see how much MBAM detects, you will see that MBAM doesn't detect 99% of the malware out there.

Conversely, using MBAM to determine how "poor" other AVs are, is a joke IMO.. you (not u personally ofcourse) are using a software that is designed to detect things that others miss, so ofcourse it should show well.

 

Another thing is that Mbam scans the registry. Something that most Avs don't do.

 

I agree and MBAM is basically good for good for Rogues...I have never found any virus in ma machine which is missed by my AV and detected by MBAM...Though MBAM detected some keygens as spywares which was not detected by either Norton, KIS and ESET...So i can see no reason to run MBAM alone.

And its not a full fledged Anti-Virus.

 

well read here........http://forums.malwarebytes.org/index.php?showtopic=30257

 

Signification of anti-malware for me = detect all type of malwares.


MBAM not detect exploits in pages or malicious PDF.

See here:

http://forums.malwarebytes.org/index.php?showtopic=41706&st=0&p=206871&#entry206871

 

MalwareBytes focuses on the adware/spyware/trojan end of malware, it doesn't detect/remove "viruses" in the traditional sense. Just like other similar products such as SuperAntispyware, Spybot Search and Destroy, AdAware, etc.

I've never seen MWB detect an actual virus on clients machines. I don't think it has the ability to detect them, such as netsky or bagle or w.32 variants or sqlslammer, etc.

Whereas AV programs start with covering the "virus" end of things...and many over recent years have added detection for adware/spyware/trojans...some do "OK" in this area, but not as well as dedicated products like MWB.

 

Still, nobody answers the question : why is MBAM used to judge AVs tests, not only from TheIgster but several other Internet video testers. I mean really, what kind of game are we playing? The registry, other malware, MBAM detects what others miss, let me put it in a different way: what is south of the south pole?

To tell you the truth, with all respect to MBAM, I think it is only BS. Let MBAM go through to the wringer of AV Comparatives and then we can talk about what's what. No offence meant to anybody.

 

I respectfully disagree since a majority of AV's now offer spyware/adware/trojan/rootkit detection. MBAM is simply another layer of protection that picks up where your AV left off.

See my response above. It really sounds like you do not understand MBAM's position in the marketplace. As previously stated MBAM is not an AV therefore it will not be tested in AVC's AV tests.

 

You certainly do understand what's going on: how on earth an application can be used to judge thoroughly what AVs have missed as a whole, when it should pick up what they (the AVs ) have left off( in terms of not viral infections)? Another layer of protection doesn't/can't judge the whole spectrum of protection in a test.

TheIgster is right, something else is at least required to give a little more of objectivity.

 

To illustrate what MBAM is good at, deliberately infect your computer with the Vundo trojan, and then do a scan with MBAM.

 

aren't you taking the youtube...fun 'n' frolic type testers and their methodology a tad too seriously .....
maybe they should use HMP,cureit,a2....something with both av/as scanning capability but then the the tests will become testing

 

MBAM is used to judge the effectivness of AV's since a majority of AV's now offer spyware/adware/trojan/rootkit detection. Recently AV testing seems to be popular among individuals performing their own tests using malwaredomainlist. While there is some merit to these tests they are only a small sample and in the end nothing is 100% on any given day. Anyone who is relying on an AV only using an admin account is more than likely to be exploited sooner or later. MBAM in conjunction with an AV is only one way to layer your security. Sandboxes, LUA's, and daily images are other means to layer your security approach.

 

What does this mean really? Can you please explain your thoughts? I'm asking yet again why is MBAM used as reference in testing AVs with general malware, when it has a restricted range of detections itself? It has nothing to do with how good or bad MBAM is, why not use ASquared, HitmanPro, SuperAntiSpyware, etc.

 

It is possible for the independent testers to use SAS, HMP, and other "anti-malware" tools instead of MBAM. However MBAM has proven itself as a premier tool so people tend to use it as the reference.

 

well that's the tester's prerogative.....

@EliteKiller...congrats on the 1000 post

 

Well let me tell you that you can't have it both ways: "MBAM is not an AV" (very good alibi) and "it will not be tested by AV Comparatives". By the same token don't use MBAM to judge AVs performances: potatoes and onions are different, I should think onions and potatoes aren't very similar either.

 

You can read this post here:

https://www.wilderssecurity.com/showpost.php?p=1637346&postcount=23

I already gave you the answer.

 

I agree with the comments MBAM is an exceptional layer to have. I'd even go as far as saying those who have a habit of downloading problem files that are mostly spyware (family members using facebook etc), they'll probably, and I emphasize the probably, have more success with MBAM alone than with an AV.

Friend of mine uses facebook and never seems to get severe threats, just junk which slows down her system and MBAM always cleans up what the AV (used three leading AVs) doesn't get. With MBAM alone, I'm sure she'd have no problems, as the AV is always silent.

But Osaban is mentioning, why are many tests doing a scan with MBAM and judging the effectiveness of an AV.

Compare say an AV 'A' which detects say three severe files (which give a user full control of PC), but misses several less severe threats. And an AV 'B' which detects several less severe threats, but misses the three severe threats which would cause major problems to a user (personal information stolen etc).

In small tests, AV 'B' wins (detects a total of 7 compared to 3), but if it were me and my system, I'd say AV 'A' wins (detects 3 severe threats).

This testing procedure is difficult. I'll leave it to AV-C, PC Security Labs etc to perform the larger tests. IMO, I would like to see AV-C and others group/rank threats into severity (but this would be extremely difficult to do, I imagine). So instead of AV 'A' missing 30 files, did this comprise of '20 rootkits and 10 spyware', while AV 'B' for example, miss 50 files, but did this comprise of less severe threats (50 spyware).

 

Which is not pertinent to my thread.

 

This is a must-have tool in malware cleaners' pockets.

That is wrong to do (judge the performance of an antivirus) because of another program.

AV-Comparatives is Antivirus comparatives . It was you who mentioned MBAM is not an antivirus .

I think you got the answer.

Cheers!

 

The way I see it, is because the video AV tests that I've seen aren't really testing antivirus, in the traditional, classical meaning of the word, so much as testing anti-malware. Just look at the stuff that they are downloading, it's pretty much all trojans and worms and rogues and rootkits.

And that isn't necessarily a bad thing. If you look at pretty much any of the sites that keep tallies on the spread of current malware, very little of it these days are classical, strict-definition viruses.

Back to Malwarebytes... it's isn't an antivirus, but it is very good at detecting the things these folks are testing, which is trojans and rogues. I would add that if they wanted to be complete they should probably test for rootkits also with one of the stronger rootkit detection tools as rootkits are pretty popular these days. But most of these folks aren't spending hours doing these informal tests.

 

running in circles....aren't we !
av=mbam≠av......

 

To make this short and sweet because otherwise we'll be discussing MBAM is not an AV all day, here goes: People use MBAM to judge AV products because far too many of them give it more of a reputation than it really deserves. They think MBAM is some sort of godly software that, if it didn't detect something, they'd almost rather blame the malware creator for being undetectable than MBAM for not catching it.

Fact is, MBAM is just an AM, there's no magic, it's not the cream of the crop. No AV or AM is, they all miss something, which is why you don't rely solely on it to protect you.

 

(foto.jpg) my ESET detected as PHP/C99Shell.W and Malwarebytes not make nothing here.

I send it for Novirusthanks.

I respect MBAM but i never will use it alone.