Malwarebytes and traditional AV weaknesses

Discussion in 'other anti-malware software' started by Sampei Nihira, Oct 27, 2017.

  1. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,334
    Location:
    Italy
    Immagine.jpg

    https://www.malwarebytes.com/remediationmap/
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    Without knowing what was actually detected and what version and settings of the competitive AV were used, such comparison is not credible IMHO.
     
  3. plat1098

    plat1098 Guest

    OK, well this would justify, to Malwarebytes at least, in saying it "catches" what your antivirus misses in its advertisement. Showing Microsoft at the top of the list with weaknesses, this was compiled prior to the Fall update, right? Maybe many don't know how to optimally configure security or don't want to know. Still believe Mbytes is a complement to primary security and rather than twiddling with the antivirus controls, the Mbytes interface makes it more convenient. But this depiction--meh.
     
  4. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,868
    Location:
    UK
    I don't know about anyone else but I find that map difficult to see.
     
  5. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,334
    Location:
    Italy
    Hi Stapp.
    The map needs WebGL.
     
  6. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,061
    Location:
    DC Metro Area
    "...Traditional Antivirus Failed to Protect Nearly 40 Percent of Users Using Two or More AV Solutions from All Malware Attacks...

    ...SANTA CLARA, Calif., Oct. 26, 2017 /PRNewswire/ -- Malwarebytes™, the leader in advanced malware prevention and remediation solutions, released new data on the efficacy of traditional antivirus (AV) solutions today. The research, Mapping Traditional AV Detection Failures, details how traditional AV solutions performed from January through June 2017, based on real-world remediation scans performed by Malwarebytes. Nearly 40 percent (39.18 percent) of all malware attacks cleaned by Malwarebytes on endpoints with an AV installed occurred on endpoints that had two or more of these AV solutions registered. About 39 percent (39.16 percent) of attacks on endpoints with a non-OS bundled AV installed occurred on an endpoint running one of the four leading traditional AV solutions..."

    https://www.prnewswire.com/news-rel...tions-from-all-malware-attacks-300543625.html
     
  7. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,868
    Location:
    UK
    I had tried that, but it is still too dark for me to see anything apart from shadows !!

    Will try a few more things.
     
  8. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,040
    Location:
    Nebraska, USA
    It might be easier if you follow the link to the source and see the original as it populates.

    I am not sure it is credible (or may "applicable" is a better choice of words) for the normal user either - but not because I have any connections (real or perceived) for a competing product.

    (1) If you follow the link, it goes to a "Business" Solutions page. Must of us are "Home" users not "Business" users.
    (2) It is reporting malware and adware Malwarebytes found the others missed. Adware, by definition, is NOT automatically malicious, unwanted or damaging.
    (3) The map is created by Malwarebytes so there is at least the appearance of bias.​

    In their defense, they do clearly state,
    They have not expressed any conclusions based on the displayed data, neither should we.
     
  9. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,868
    Location:
    UK
    Of course I was looking at the source, where did you think I was looking :)
     
  10. plat1098

    plat1098 Guest

    What is PRnewswire as per @hawki's post? Public relations, looks like. Sponsored? Huh? Answer me! Wonder how the data was compiled as telemetry was a big discussion deal before. Adware/pups weren't counted, it says but extrapolating it to more than double without anything else is ?. OK, it is what it is. How many will now purchase Mbytes based on this info? That interests me more but I'm probably in an empty room there, as usual. :)
     
  11. plat1098

    plat1098 Guest

    People will draw conclusions despite the disclaimer. Very clever. Very.
     
  12. ance

    ance formerly: fmon

    Joined:
    May 5, 2013
    Posts:
    1,360
    I bet most of them are false positives because I always had a lot of them when using Malwarebytes ... :geek:
     
  13. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,040
    Location:
    Nebraska, USA
    :( How about the map the OP inserted in his post - since you said, "that map" and did not stipulate that you looked at the source map too?

    But "of course" I guess everyone is supposed to automagically know what you meant? :rolleyes:

    Ain't that the truth? And marketing and PR departments rely, and do their thing, based on that fact too.
     
  14. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,061
    Location:
    DC Metro Area
    PRnewswire is the major media outlet for official corporate news releases.

    The post links to Malwarebytes press release announcing its study and findings.
     
  15. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    Malwarebytes has published a blog post discussing their remediation map.
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    The problem is that MBAM always scores badly in most AV tests, and last time I checked they called themselves "a replacement for AV's", so I wonder what's up with that.
     
  17. plat1098

    plat1098 Guest

    No, Rasheed, it actually wasn't about Mbytes' performance on testing. It was more like kind of smelling out an elaborate marketing ploy based on a map with findings and very little explanation. The door to telemetry was opened by someone else far more savvy and experienced; in fact, this question was posed on Malwarebytes' forums with a solemn denial of any privacy evasions.

    https://forums.malwarebytes.com/top...bout-copyrights/?tab=comments#comment-1108109

    Not about Malwarebytes the product, not here. More like another semi-amusing example of the contortions of the marketing sector trying not to be in-your-face advertising, with what looks like serious and scientific presentations of the product. You ever play that old game Twister? Something like that.
     
  18. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,040
    Location:
    Nebraska, USA
    It is not even included in many of those tests and regardless what any of those tests conductors claim, they are synthetic and don't reflect real-world scenarios.

    None have Malwarebytes - just another reason I don't pay attention to those tests.
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Then it seems I'm wrong, but let me correct myself by saying it always comes in last place in tests done by MRG. I have no reason not to believe in MRG, I think most of their tests are quite interesting.
     
  20. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,040
    Location:
    Nebraska, USA
    I never heard of MRG (not that that means anything conclusive - but I do try to stay on top of what's relevant). But I would not put much faith in them either. I note they are "partnered" With AV Comparatives so not sure MRG is an "independent" review site anyway.

    But plat is right - this is not about Malwarebytes performance on testing.
     
  21. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    MRG is a UK-based security research and testing company, but I believe they're not partnered with AV-C. My understanding is that they're two different testing organisations.
     
    Last edited: Oct 29, 2017
  22. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,040
    Location:
    Nebraska, USA
    Yes they are. If you follow your either of your links to near bottom of their page it lists their partners and shows AV Comparatives, PCMAG and others.
     
  23. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,417
    Location:
    Slovakia
    Every AV could do this, but only THEY did. They are getting more pathetic every time. I really hope they bankrupt soon, I despise MalwareBytes, just like IoBit, they are the same. :cautious:

    P.S.: When you point at the detections, most of them are clearly PUPs, cheats or hack tools (warez), not malware.
     

    Attached Files:

    Last edited: Oct 29, 2017
  24. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    I seem to recall Prevx did something similar but without a map. Using the Wayback Machine, I found this home page from October 2009.
     
  25. mekelek

    mekelek Registered Member

    Joined:
    May 5, 2017
    Posts:
    518
    Location:
    Hungary
    Kaspersky default settings doesn't include PUP detection, Malwarebytes is a PUP king and only 3 PCs? lmaoo
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.