Malewarebytees Pro - what do you "actually" get over free version and okay with other AV?

Discussion in 'other anti-virus software' started by nine9s, Mar 21, 2013.

Thread Status:
Not open for further replies.
  1. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    What do you over the free version - not just the list on Malwarebytes suite but from people who have used both, does it add more security or is it just fluff over the free version? What are your actually experiences between the two?

    And is its real-time protection compatible with real-time antivirus software like Avast?

    Any other conflicts between Malwarebytes Pro and real time AV like Avast?
     
  2. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Well, you could argue back and forth for pages and pages as to whether you get much more benefit over an AV and whether real-time is necessary or not. There was a time when MBAM handled things like Trojans, PUPs and other issues that traditional AV software wasn't so great at. Now, with behavior blockers, better heuristics and even some HIPs-like measures that many AV vendors use these days, MBAM is more of a "second opinion" than anything else. Real-time vs On-Demand? Well, the only way to look at that is do you want your AV/MBAM kicking in before the malicious file gets to your system, or are you okay with scanning files before executing/opening them?

    MBAM Pro has one major benefit (or pain, depending on how you feel about IP blocking) over the free version. It's built in IP blocker. If an ad is trying to load from a known malicious IP address, it won't load. If a website or link on said website is using a known malicious IP address, it won't load. Now, the biggest issue has always been that if a link on a website is malicious or considering "risky", but the website itself is clean, MBAM will still block the whole website. For instance, MBAM will block the majority of P2P websites even if nothing malicious is there.

    I can't speak for other AV vendors, but Avast works well with it. Sometimes you'll find MBAM and Avast trying to block something at the same time, but I haven't seen any issues come from that happening.
     
  3. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
  4. jo3blac1

    jo3blac1 Registered Member

    Joined:
    Sep 15, 2012
    Posts:
    739
    Location:
    U.S.
    Excellent point. If you don't want to use HIPS or SBIE then by all means MBAM Pro is something that could be used instead.
     
  5. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    I am a fan of the Website Blocking and the Filesystem Protection.
    But I think the one major benefit that Pro has over Free is the frequency of updates. I prefer the realtime increment of every 5 minutes.
    Recently I checked the logs over a three-day period, and observed that updates usually happen every one, two or three hours.
    But... and here's the part that is meaningful to me... on one of those days, there were three updates that happened within 15 minutes, 25 minutes and 5 minutes of the proceeding update.
    That's the kind of updating I like. ;)
    There's an interesting poll you might enjoy right here, nine9s.
    HTH
    I run MBAM Pro along with SBIE and Comodo FW w/D+. ;)
     
  6. m0use0ver

    m0use0ver Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    81
    The free version offers no real time protection, just the fully functioning detect and remove engine.

    The Pro version offers real time protection as new files execute.

    If the following results are anything to go by then the Pro version is worthy addition to any real time protection layered strategy.
    http://threatcenter.crdf.fr/?Stats

    On the flip if that does'nt cut mustard for some then the free version will have high chance of removing malicous code which will inevitably bypass most traditional AV's or new gen suites of most high risk users:thumb:
     
  7. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    Wow, MBAM rocks it again..

    -Based on the first chart -- maybe McAfee is getting better. Who woulda thunk?

    -Kaspersky & Bitdefender near the top -- that is to be expected.

    -Emsisoft lower than I would expect..

    -SAS at the bottom with a useless 9% -- no surprise there.
     
  8. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,135
    Location:
    USA
    What about the Flash Scan option?
     
  9. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA

    That site states, "Once out of the sample, we scan directly with the latest update of antivirus products to show their effectiveness."


    So these results, which are questionable in other areas, because they very from other day zero test sites, are testing manual scanning results it seems. So while Malwarebytes Pro might be great, that particular site does not show how well it detects passively with its real-time engine, or does it in another test?
     
  10. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    Another question please: While Malwarebytes states it is made to work with real time antivirus programs, does it really? Couldn't two real time engines jeopardize the ability of both? That is only thing holding me back at this point.
     
  11. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA

    They cripple our IP blocking by checking samples this way actually so we do a lot worse than in real pro mode which stacks active protection and IP blocking.

    We are not partners with them so I really have no idea what they are testing, only that it seems that we are really good at it even without IP blocking.
     
  12. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    Thanks. What keeps its real-time engine from hurting an antivirus program's real time engine?
     
  13. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    Our code team guys could answer better than me but the simple answer is that we designed it in a way that it can work around other real time scanners. Most other real time scanners have no issue with us and the ones that are trouble can be worked around with exclusions.

    It is a myth that real time scanners always conflict. If this was true you could not install real time backup software and an AV as both also have low level disk integration and in most cases things work just fine.
     
  14. Techwiz

    Techwiz Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    539
    Location:
    United States
    It's true that that some anti-virus vendors have started to include other heuristics and behavior engines to detected these threats, but very few of these applications in my honest opinion stand up to the detection rate of a dedicated anti-malware application like malwarebytes or hitman pro. I've removed more malicious agents over the years using dedicated anti-malware applications than I have with a real time anti-virus. If anything, the anti-virus takes second seat to malwarebytes and hitman pro. I'm running the pro version so that I can have real-time protection, but you really could get by with the free versions of most security applications presuming you practice good habits.
     
  15. qakbot

    qakbot Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    380
    Another TOTALLY WORTHLESS test based on static file scanning. People just wont learn.
     
  16. m0use0ver

    m0use0ver Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    81
    lol, I wonder if you would make the same post if Symantec were #1

    FYI it does hold some value, it it is not definitive results but it shows how some of the mainstream AV's are migrating away from static file recognition and becoming reliant apon their other tools in the their suites to do the work.

    That's all well and good for their computer savvy users but i hate to inform you does nothing but weaken their potential protection for High risk users

    Newsflash, Symantec live support is still extremely busy removing malware code that infected machines protected by their suite!

    Last anyone checked inspite of any fanboyism opinions...the mythical silver bullet has not yet been found to protect against the all to common PEBKAC infection vector.
     
  17. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    I do admit that it is kind of annoying knowing that the way they test is breaking 3 different MBAM technologies, all of which rely on a real attack.
     
  18. true indian

    true indian Registered Member

    Joined:
    Sep 24, 2012
    Posts:
    764
    Location:
    india
    LOL do you even realize that more of the AV vendors these days move towards the protection mode only.

    Some AV's like Avira,Avast,Comodo etc actually show great power with their in house virtualization and detection tactics and cloud.And more leaning towards the real world scenario,who scans their thoroughly infected USB if their clueless about it,most of the users just double click randomly anywhere.

    Sorry no fanboy's here but I bet some AV's will do better when the samples are executed.And besides,who gets a USB containing brand new malware where the AV tends to miss something most of the infected USB;s are either having the autorun/file infector malware so most of these traditional youtube tests and on-demand stuff is pointless in my point of view.

    Actually,AV's are more prone to autorun/file infector type malware in case of USB's because of the various morphs and packers used that bypass their detection.
     
    Last edited: Mar 25, 2013
  19. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    It's great, actually. The ability to scan in several ways is awesome. However, I don't really consider scanning options when measuring how good of a program it is. Updating frequently, being "out of the way" so to speak, and effective malware prevention, detection and cleanup matter far more to me. In these areas, I consider MBAM top-notch whether free or not. A lifetime purchase of MBAM is probably one of the better things you can do to protect general surfers (those not actively looking for trouble).
     
  20. MultiVisions2013

    MultiVisions2013 Registered Member

    Joined:
    Mar 25, 2013
    Posts:
    61
    Location:
    Canada
    As the Emsisoft Distributor for NA I welcome and approve the pairings of Emsisoft and Malwarebytes! What a way to Bulletproof your machine!
     
  21. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA

    Welcome Emsisoft Distributor Guy.

    I've been a fan of Emsisoft for awhile.

    But why is it showing in such a mediocre way on these tests?

    http://threatcenter.crdf.fr/?Stats

    With a Bitdefender engine, why are you not up by Bitdefender?


    Thanks.
     
  22. MultiVisions2013

    MultiVisions2013 Registered Member

    Joined:
    Mar 25, 2013
    Posts:
    61
    Location:
    Canada
    Great Question working with Emsisoft on this one. Not sure if there testing the full product. Ill let you know.
     
  23. MultiVisions2013

    MultiVisions2013 Registered Member

    Joined:
    Mar 25, 2013
    Posts:
    61
    Location:
    Canada
    Hello Frank,

    Many AVs provide different scanners to VT than they use in their desktop software. Also the settings differ. A comparison of VT results doesn't reveal everything about a desktop software capabilities. See VT's message on why their scan results should never be used for comparatives:

    https://www.virustotal.com/de/faq/#statistics

    We're currently working with VT on a fix for our scanner. It seems that the Emsisoft scanner used by VT was not working on many servers of their server farm.The issue should be fixed now but it may take a while to gain a higher ranking on that website chart because it shows an average detection rate over several days.

    Keep an eye on the chart for the next days and see how Emsisoft goes up the ranking day by day.

    Hope that helps!
     
    Last edited: Mar 25, 2013
  24. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    Hello Again Emsisoft Distributor Guy,


    Thank you for your quick response.

    That is good info on the VT tests. I'll check it out.

    But I was referring to the test as mentioned in this thread.

    http://threatcenter.crdf.fr/?Stats

    I know that testers sometimes don't have the settings correct, or that sometimes they are using an old version... and I know that Emsisoft is a very good product.

    But if the test is being run correctly, it seems to me that Emsisoft should do better on this test.


    Thank you,

    -Frank
     
  25. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    MBAM is always effective when used with any AV. With EAM the combo is deadly.:thumb:
     
Loading...
Thread Status:
Not open for further replies.