Is Malwarebytes' Anti-Malware Enough?

+1

 

If you have imaging in place, it's more than enough. If not, than no.

If your hobby is computer security programs, it's not even close to being enough

 

That's what I want, on-demand, not realtime AV as it bogs down and slows down my Laptop.

I only download and install programs very rarely, and if I do, I get them from filehippo or softpedia, so I doubt I will ever get a virus anyway.

And I use firefix + noscript. And when I visit dodgy websites I run sandboxie. So I don't feel I need a realtime AV.

So I just use BMAM + Emergency kit to check my Laptop every few days.

 

Haven't you heard? That's not good enough and you need an extra layer.

 

Sorry I missed that you were using sandboxie. You should be good with those two demand scanners.

 

I use Sandboxie, and at the moment am using Avast and MBAM real-time with no drag.

 

Sandboxie on x64 is useless. It can only 'recommend' applications not to do things to your system. It's like asking a drug addict to please, please, please stop doing drugs.

 

MBAM is a specialist.
AV is a generalist.

They have different purposes.

MBAM is a sniper while AV's are the Abrams division.

 

From what I have read, this statement is not accurate. From the developer:

"It should be noted, however, that even with this disadvantage, the 64-bit edition of Sandboxie is still an adequate front line of defense against most types of malicious software.

Additionally, in order to compensate for this disadvantage, the 64-bit edition of Sandboxie enables the Drop Rights setting by default. This setting may need to be disabled before software can be installed into a sandbox."

 

the reality is, no one has proven that it isnt enough by itself. I mean they say it wont be but yet it is the best at issues after the fact? Doesnt make sense. I personally think you can run it in real time by itself and do a weekly scan and be as protected as the rest of the so-rans around here.

 

I agree with trjam, but the question is - if the vendor itself is hesitant in promoting it as a standalone product, why would you risk it? they obviously have no deal cut out with other AV vendors to promote MBAM in this way right?

 

Even though I don't use a realtime blacklist I will say that MBAM has helped me cleanup many other PC's more so than any other AM/AV with rogue security apps being the majority of infections.

 

+1
MBAM is excellent at picking some of the trojans and fake av's that normal AV's miss. It does good job on real time as well. It speaks up before my AV does. I wouldn't use it as a stand alone though. I've used most of the other AM and MBAM has also been consistant.

 

So, have any of you had a case where MBAM failed to detect some malware, but some other Antivirus/antimalware did?

 

I agree, where is the proof? I personally think that MBAM as well as Prevx may actually be better then some AVs in real time.

 

I sometimes see where a member has conducted a test or tests. How about using MBAM against the same malware that was used against AVs?
Evidently various trojans and other malware can be obtained. How about someone who has the time and expertise running a comparative test with MBAM vs Avast for example?

Regards,
Jerry

 

LOL, i think this arguing is non sense, the simple answer is just NOT!

 

That would be good.

I'm sure that MBAM misses some malware that other software would catch; I am not so certain that there is ONE other anti-virus that would catch most of the stuff MBAM misses. In other words, an anti-virus in addition to MBAM may only bring negligible benifit; and thus some other software other than anti-virus may be best to use with MBAM.

 

How about running some host intrusion prevention system together with malwarebytes. I am running, for instance, defensewall alongside malwarebytes, acronis and virus total uploader just in case, very smooth, easy to use, safe and cheap in the long run.

regards
boris

 

Not on my computer, but on one belonging to a friend.
He has MBAM full version.
He installed the new version of Ad-aware with Viper and on the initial scan it found malware missed by Malwarebytes.

I can't recall what was found, but he tells me Ad-aware dealt with it effectively.
Now he uses MBAM full with real-time protection and also scans with Ad-aware just to be sure.

 

If some here are capable of testing AVs against Malware why can't you test MBAM against the same samples? For me that would be significant even if you would be accused of conducting junk tests.

If a system is exposed to even 20 random samples with only an AV or MBAM installed at a time the results would be very interesting.

Who has the courage, time, and expertise?

I wonder if IBK could give us some insight when he is available?

Regards,
Jerry

 

These tests where A versus B all it really tells me is that if A hits the sample and B doesn't means that B hasn't seen the sample as yet and hasn't been added to their defs.

A better test would be to check for dregs left behind after a cleanup by A and B.

 

But if one gets infected what does it matter if it was lack of updates or whatever? Update frequency is important, although it alone is not the criterion.

My own desire is not so much cleanup or detection after the fact, but prevention. That is the reason I run applications real time.
Although I have not had an attempte intrusion in years, when I did it was not the AT that alerted, but the AVs. In those cases I was using Norton, or BD, and in one case Kaspersky. I Don't recall the AT application, but it was not MBAM.

Regards,
Jerry

 

Er, AT stands for ??

 

The 3 big problems with testing are:

A static sample cant tell you if its source would have been blocked (exploit, URL, IP......).
A static test says nothing about the difference between static and life execution (sometimes it is a lot).
A sample even 3 days old is kind of useless in a test let alone malware from years ago.

Testing is starting to move from "right click folder of 500,000 samples" to live source testing so the results should be getting a little more real.

One thing to keep in mind about AV and A*, it is not only about the what, it is also about the how. One hitting and one missing may not have anything to do with the type of infection but instead how it is attacked. This is one of the reasons layered should work better as you are combining both different defs and different tech.