What is the difference between MBAM and an AntiVirus?

Discussion in 'other anti-virus software' started by berryracer, Nov 9, 2012.

Thread Status:
Not open for further replies.
  1. berryracer

    berryracer Suspended Member

    Joined:
    Jan 24, 2008
    Posts:
    1,640
    Location:
    Dubai, UAE
    I don't get it, why does it complement an AV? Why would I need it if I have KAV for example which is one of the best for catching viruses?

    What does MBAM catch and what does it not? Because on their forums, they tell you not to rely on it as a substitution to an Antivirus?

    I'm confused
     
  2. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,696
    Location:
    Zagreb, Croatia
    MBAM is not on-access but on-execution scanner.
     
  3. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
  4. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    .

    forums malwarebytes post #6
     
  5. berryracer

    berryracer Suspended Member

    Joined:
    Jan 24, 2008
    Posts:
    1,640
    Location:
    Dubai, UAE
    This is by far the best and easiest to understand explanation I've read so far

    thanks bro
     
  6. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA

    Very interesting.

    We now just need nosirrah to come up and further explain, verify, or clarify this info.
     
  7. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    What is posted here is basically correct. MBAM wont scan script/text type files. We stop the IPs involved and the dropped executable payload instead.

    The other difference between MBAM and an AV is asymmetrical research. Since we complement your existing AV we target the malware that the AVs tend to have trouble blocking. We do go after everything new that we find but we will work harder at getting 0day detection up on the malware most AVs always miss at 0hour.

    Our IP blocking is also designed to complement your firewall as it does not analyze traffic, it simply blocks all connections (in both directions) to our IP blocklist no matter which form those connections take. It does not matter if it is a web page on a blocked IP or a file upload to a blocked IP, it is simply denied.
     
  8. phyniks

    phyniks Registered Member

    Joined:
    Jun 3, 2011
    Posts:
    258
    My experience:
    I ve scanned lots of infected syestem with MBM
    those system had been scanned and cleaned by some antiviruses(such as ESET,Avira,Avast)
    During the scan with MBM, the resident antivirus was also checking the same files, and surprisingly it was the antivirus which found some new traces of the malware (these traces wre usually in System Volume Information)
    checking these files with Virus Total proved they are malwares,but they were not active.
    besides.MBM found some traces which the antivirus could not detect.
    First of all I thought it is the weakness of the antivirus(firstly happened using avast) but I experienced the case with other antiviruses.
    I dont know why those files(remnants) were not picked during antivirus scan,but as far as I know,MBM would be a good supplenet scanner.
     
  9. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    System Volume is basically an archive. Contains system restore points and the like. Most AV scans with default setting will bypass System Volume to speed up the scan. Most AV scan settings can be modified to scan everything if desired. This is not a bad idea to do occasionally.

    MBAM scans also ignore select archive files:

    MBAM doesn't scan the contents of archive files (ZIP, RAR, 7z, CAB, LZH, CHM, JAR, TAR, LZA, etc)
     
Loading...
Thread Status:
Not open for further replies.