WHat is the difference between MBAM and an AV?

Discussion in 'other anti-virus software' started by Osaban, Mar 11, 2010.

Thread Status:
Not open for further replies.
  1. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,221
    As I couldn't get a straight answer in another thread, people keep using MBAM to clean/judge the miserable performance of some AVs. Question: if MBAM is not an AV, why is it used to judge AVs performances? Moreover why doesn't MBAM participate to AV Comparatives if it is so good with 'on demand scans'? Why would you run MBAM and an AV simultaneously, if MBAM will trash any other AV?
     
  2. Zombini

    Zombini Registered Member

    Joined:
    Jul 11, 2006
    Posts:
    469
    MBAM is a software that is only focused on malware that other AVs miss. Just remember that for every piece of malware that MBAM detects, it misses100s of thousands of others simply because it doesn't even try to detect them.

    If you did a reverse test i.e. use any AV to see how much MBAM detects, you will see that MBAM doesn't detect 99% of the malware out there.

    Conversely, using MBAM to determine how "poor" other AVs are, is a joke IMO.. you (not u personally ofcourse) are using a software that is designed to detect things that others miss, so ofcourse it should show well.
     
  3. tekkaman

    tekkaman Registered Member

    Joined:
    Sep 22, 2008
    Posts:
    164
    Another thing is that Mbam scans the registry. Something that most Avs don't do.
     
  4. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    I agree and MBAM is basically good for good for Rogues...I have never found any virus in ma machine which is missed by my AV and detected by MBAM...Though MBAM detected some keygens as spywares which was not detected by either Norton, KIS and ESET...So i can see no reason to run MBAM alone.

    And its not a full fledged Anti-Virus.
     
  5. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
    well read here........http://forums.malwarebytes.org/index.php?showtopic=30257

     
  6. ESS474

    ESS474 Registered Member

    Joined:
    Jan 13, 2010
    Posts:
    201
    Location:
    S?o Paulo (Brazil)
  7. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    MalwareBytes focuses on the adware/spyware/trojan end of malware, it doesn't detect/remove "viruses" in the traditional sense. Just like other similar products such as SuperAntispyware, Spybot Search and Destroy, AdAware, etc.

    I've never seen MWB detect an actual virus on clients machines. I don't think it has the ability to detect them, such as netsky or bagle or w.32 variants or sqlslammer, etc.

    Whereas AV programs start with covering the "virus" end of things...and many over recent years have added detection for adware/spyware/trojans...some do "OK" in this area, but not as well as dedicated products like MWB.
     
  8. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,221
    Still, nobody answers the question : why is MBAM used to judge AVs tests, not only from TheIgster but several other Internet video testers. I mean really, what kind of game are we playing? The registry, other malware, MBAM detects what others miss, let me put it in a different way: what is south of the south pole?

    To tell you the truth, with all respect to MBAM, I think it is only BS. Let MBAM go through to the wringer of AV Comparatives and then we can talk about what's what. No offence meant to anybody.
     
  9. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    I respectfully disagree since a majority of AV's now offer spyware/adware/trojan/rootkit detection. MBAM is simply another layer of protection that picks up where your AV left off.

    See my response above. It really sounds like you do not understand MBAM's position in the marketplace. As previously stated MBAM is not an AV therefore it will not be tested in AVC's AV tests.
     
  10. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,221
    You certainly do understand what's going on: how on earth an application can be used to judge thoroughly what AVs have missed as a whole, when it should pick up what they (the AVs ) have left off( in terms of not viral infections)? Another layer of protection doesn't/can't judge the whole spectrum of protection in a test.

    TheIgster is right, something else is at least required to give a little more of objectivity.
     
  11. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    To illustrate what MBAM is good at, deliberately infect your computer with the Vundo trojan, and then do a scan with MBAM. :eek:
     
  12. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
    aren't you taking the youtube...fun 'n' frolic type testers and their methodology a tad too seriously .....
    maybe they should use HMP,cureit,a2....something with both av/as scanning capability but then the the tests will become testing :D :D :D
     
  13. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    MBAM is used to judge the effectivness of AV's since a majority of AV's now offer spyware/adware/trojan/rootkit detection. Recently AV testing seems to be popular among individuals performing their own tests using malwaredomainlist. While there is some merit to these tests they are only a small sample and in the end nothing is 100% on any given day. Anyone who is relying on an AV only using an admin account is more than likely to be exploited sooner or later. MBAM in conjunction with an AV is only one way to layer your security. Sandboxes, LUA's, and daily images are other means to layer your security approach.
     
  14. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,221
    What does this mean really? Can you please explain your thoughts? I'm asking yet again why is MBAM used as reference in testing AVs with general malware, when it has a restricted range of detections itself? It has nothing to do with how good or bad MBAM is, why not use ASquared, HitmanPro, SuperAntiSpyware, etc.
     
  15. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    It is possible for the independent testers to use SAS, HMP, and other "anti-malware" tools instead of MBAM. However MBAM has proven itself as a premier tool so people tend to use it as the reference.
     
  16. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
    well that's the tester's prerogative.....

    @EliteKiller...congrats on the 1000 post :D
     
    Last edited: Mar 11, 2010
  17. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,221
    Well let me tell you that you can't have it both ways: "MBAM is not an AV" (very good alibi) and "it will not be tested by AV Comparatives". By the same token don't use MBAM to judge AVs performances: potatoes and onions are different, I should think onions and potatoes aren't very similar either.
     
  18. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    You can read this post here:

    https://www.wilderssecurity.com/showpost.php?p=1637346&postcount=23

    I already gave you the answer.
     
  19. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    I agree with the comments MBAM is an exceptional layer to have. I'd even go as far as saying those who have a habit of downloading problem files that are mostly spyware (family members using facebook etc), they'll probably, and I emphasize the probably, have more success with MBAM alone than with an AV.

    Friend of mine uses facebook and never seems to get severe threats, just junk which slows down her system and MBAM always cleans up what the AV (used three leading AVs) doesn't get. With MBAM alone, I'm sure she'd have no problems, as the AV is always silent.

    But Osaban is mentioning, why are many tests doing a scan with MBAM and judging the effectiveness of an AV.

    Compare say an AV 'A' which detects say three severe files (which give a user full control of PC), but misses several less severe threats. And an AV 'B' which detects several less severe threats, but misses the three severe threats which would cause major problems to a user (personal information stolen etc).

    In small tests, AV 'B' wins (detects a total of 7 compared to 3), but if it were me and my system, I'd say AV 'A' wins (detects 3 severe threats).

    This testing procedure is difficult. I'll leave it to AV-C, PC Security Labs etc to perform the larger tests. IMO, I would like to see AV-C and others group/rank threats into severity (but this would be extremely difficult to do, I imagine). So instead of AV 'A' missing 30 files, did this comprise of '20 rootkits and 10 spyware', while AV 'B' for example, miss 50 files, but did this comprise of less severe threats (50 spyware).
     
  20. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,221
  21. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    This is a must-have tool in malware cleaners' pockets.

    That is wrong to do (judge the performance of an antivirus) because of another program.

    AV-Comparatives is Antivirus comparatives . It was you who mentioned MBAM is not an antivirus .

    I think you got the answer.

    Cheers!
     
  22. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    The way I see it, is because the video AV tests that I've seen aren't really testing antivirus, in the traditional, classical meaning of the word, so much as testing anti-malware. Just look at the stuff that they are downloading, it's pretty much all trojans and worms and rogues and rootkits.

    And that isn't necessarily a bad thing. If you look at pretty much any of the sites that keep tallies on the spread of current malware, very little of it these days are classical, strict-definition viruses.

    Back to Malwarebytes... it's isn't an antivirus, but it is very good at detecting the things these folks are testing, which is trojans and rogues. I would add that if they wanted to be complete they should probably test for rootkits also with one of the stronger rootkit detection tools as rootkits are pretty popular these days. But most of these folks aren't spending hours doing these informal tests.
     
  23. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
    running in circles....aren't we !
    av=mbam≠av......:D :D :D
     
  24. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    To make this short and sweet because otherwise we'll be discussing MBAM is not an AV all day, here goes: People use MBAM to judge AV products because far too many of them give it more of a reputation than it really deserves. They think MBAM is some sort of godly software that, if it didn't detect something, they'd almost rather blame the malware creator for being undetectable than MBAM for not catching it.

    Fact is, MBAM is just an AM, there's no magic, it's not the cream of the crop. No AV or AM is, they all miss something, which is why you don't rely solely on it to protect you.
     
  25. ESS474

    ESS474 Registered Member

    Joined:
    Jan 13, 2010
    Posts:
    201
    Location:
    S?o Paulo (Brazil)
    (foto.jpg) my ESET detected as PHP/C99Shell.W and Malwarebytes not make nothing here.

    I send it for Novirusthanks.

    I respect MBAM but i never will use it alone.


    PHP.png
     
Loading...
Thread Status:
Not open for further replies.