Realtime protection of MBAM and SAS Pro

Discussion in 'other anti-malware software' started by disinter1, Dec 2, 2009.

Thread Status:
Not open for further replies.
  1. disinter1

    disinter1 Guest

    I got attacked yesterday and had to reformat my computer, SAS Pro protection came up and blocked it but when I restarted the virus still took over my computer and had disabled SAS and Avira. Question is what and how do realtime protection in SAS and MBAM differ? Which is more reliable?
     
  2. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Hi disinter1,
    It would be of interest to know what other security you were using. Sorry I cannot answer the question. I have SAS Pro, and MBAM free, but do not run them except on-demand. My signature gives my security set up.
    Thanks,

    Regards,
    Jerry
     
  3. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    From reading the forum, the MBAM real-time protection features an IP blocker which will prevent you from visiting sites that MBAM has identified as malicious.

    How were you attacked, were you unaware while browsing or was it from an external drive for example?

    If either of the above, you could install something like www.threatfire.com which is free and prevents any significant changes/damage to your system. Test after test, this does well. I'd feel more protected with this alone, and running a regular on-demand scan with another program ( www.hitmanpro.com for example).

    If browsing, I'd install the free version of www.sandboxie.com. Nothing will bust out of your browser, or whatever else you run as sandboxed. Just make sure you configure it to recover downloaded files from your specified download area (eg. set firefox to download files to desktop, sandboxie to recover from desktop), and to allow you to create bookmarks, and you're set.
     
  4. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    About reliability, I don't think there is any definite answer. All depends on the sites you're surfing (one person may visit games/european sites, another might spend more time downloading videos from rapidshare) and pure luck (did you think the installation file was safe but wasn't).

    Person has product X and says it's the best since sliced bread, another person has product X and gets hammered by malware every week.
     
  5. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    406
    I too am curious to read comparisions between the two... but the forum rules apparently don't permit A vs b threads.

    In any event, I absolutely do not want to read about ThreatFire or (noted, before jmonge inevitably chimes in) Defensewall in this thread.
     
  6. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    From forum searches, not sure if many people here are using the paid products of both. Seems most use it as an on-demand scan.

    I'm interested though in how both perform in real-time, especially MBAM's IP blocking.
     
  7. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    From my experience, SAS puts merely a few dll's in IE to prevent a few things from happening. It seems realtime of these might be a joke to some. On 200x/XP/Vista/7 Rising PC Doctor (FREE) seems to do the job just as well as per IE. Anyone still use IE?

    Dave
     
  8. ako

    ako Registered Member

    Joined:
    Nov 16, 2006
    Posts:
    627
  9. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    very interesting test;)
     
  10. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    I came to the realization that programs like SAS and MBAM (I have licenses for both) need to be combined with programs that do not rely on signatures or heuristics like HIPS programs such as Malware Defender or DefenseWall and system hardening. There is just too much malware out there for signature based programs to keep up with. I rely on programs like SAS and MBAM more as scanners than for up front protection.
     
    Last edited: Dec 3, 2009
  11. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,123
    Location:
    USA
    .
    I cannot specifically answer your question, but I am interested in the issue of self protection in general. MBAM is regularly targeted by malware which prevents it from installing or running. Many AS and AV programs are rendered useless by malware. Prevx 3.0 is the only program I'm aware of at the moment that has settings for self-protection. It would be really interesting to see how it resists attack depending on the level of self protection enabled.
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    @G1111 i agree 100%
     
  13. disinter1

    disinter1 Guest

    Yeah, I was downloading cd's on a site i go to often, and BAM! got attacked and avira alerted me and then shortly after SAS alerted me, then I restarted then SAS and Avira were both disabled. My computer was being controlled by these viruses/spyware and it was scary man! But I think I need a hips and sandbox just to complete my safety online.
     
  14. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    To answer your original question, I wouldn't describe either as reliable real-time protection, but between the two, I would select MBAM over SAS just from sheer weight of forum member's input. I would definitely suggest to you a product such as GeSWall.
     
Loading...
Thread Status:
Not open for further replies.