Why Malwarebytes, SUPERAntiSpyware is popular?

Discussion in 'other anti-malware software' started by guest, Aug 8, 2008.

Thread Status:
Not open for further replies.
  1. guest

    guest Guest

    Why Malwarebytes, SUPERAntiSpyware is popular?

    Avira, Avg, Norton, Drweb, ... etc
    already has a antispyware protection. Why need it?
     
  2. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Im in two minds about the need for a seperate AM scanner myself. Several years back, AVs did not tend to cover many types of malware, but now the majority do.

    I have not sen any conclusive tests to show AMs are any better at detecting Malware than AVs.

    I pretty much have them all - MBAM, SAS, SAB, A2 and Trojanhunter. I have not used TH for ages, but I sometimes have MBAM, SAS and A2 running in real time if I use F-Secure. Right now, I have KAV2009 running with everything set to max -and with the recent release of the new version of 2009, it runs faster - and I dont have any other AM apps running.

    I believe people use AMs as it gives a feeling of security and may well in reality provide a level of redundancy, but as I say, at the moment, Im not convinced that any AM will improve on my KAV setup.
     
  3. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Me neither.
    Nor have I seen anything conclusive to prove that having detected the malware,they are better equiped (in some cases) to clean it.
    But I believe this to be the case, based mainly on the number of various forum posts around the web along the lines of "My AV told me a trojan was installed, quarantined it, but it keeps coming back..." (plus one experience of my own of this, some years ago.)
    In most of these cases programs like SAS and MBAM fixed the problem.
    And those two in particular are being mentioned more frequently of late in regard to some current malware.
    Some time ago it was Spybot and AdAware that were the "mainstays", and often following that, the user then had to run scripts designed by the malware "helper" to finish off the clean-up.
     
  4. guest

    guest Guest

    Antivirus Firm is a rich and big firm.
    They have 300-500 employed
    They have many advanced automatic malware analizer tools
    They founded a few years ago
    So why do they good job like Malwarebytes,Superantispyware etc.

    or are we wrong? we dont need anti-spyware?
     
  5. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Most big AV's now have AS detection. But you have to remember that no AV has a 100% detection rate. So SAS and MBAM are useful as a second opinion.
    When I clean infected computers, SAS and MBAM almost always find stuff that AV misses.
    So in my opinion, AS are not dead yet...
     
  6. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    I agree. When I clean computers, even if they have an updated av, SAS MBAM alway picks up lots of stuff. Doen't mean they are any better, but running a few more blacklist scanners will cover more things off.
     
  7. guest

    guest Guest

    is emsisoft a2 better than SuperAntispyware or Malwarebytes?
    their signates very huge

    Number of Malware signatures:
    Trojans 1000332
    Dialer 52762
    Worms 96780
    Spyware 62336
    Traces 267562
    Total 1479772
     
  8. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    more signitures doesnt mean better detection. you can have one signiture detecting a whole family of malware.
     
  9. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    430
    Location:
    The Netherlands
    Signatures don't say anything, some companies use 1 signature for 1 piece of malware, even if multiple pieces of malware belong to the same family they will still use 1 signature for each and every separate malware strain. Other companies use 1 signature to clean up entire malware families consisting of many many strains of malware.

    In short.... some companies like to advertise with very big signature numbers.
     
  10. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    Well, antiviruses are very good, but obviously they can't catch 100% of the stuff. Especially spyware, which has become very very common, think of Rogues, for example. While anti-viruses can often deal with more than 99% of malware, and over 95% spyware, the remaining 5% is missed. And that little part can be detected by running another anti-virus app(which would cause conflicts) or anti spyware app(which usually doesn't make conflicts). Obviously the second one is the best choice. However there's no need to run tons of anti spywares.

    About the signature count: IT doesn't really matter. For instance, Norman according to AV-comparatives detected more than 1,300,000 threats, while other avs with lower threats (for ex kaspersky at the time had 570,000 signatures and detect a lot more)
    BTW SAS should detect more than 1,000,000 spyware, and ewido:
    untitled.JPG
    Don't know about mbam though...
     
    Last edited: Aug 8, 2008
  11. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    av's are getting better at spyware detection.
    back in 2003 i had windows ME on my computer and NIS2003.
    6months after getting a new computer my dad's friend reccomended spysweeper back then it was a great program. i decided to install it on the old computer and it found 20 trojans and around 100bits of spyware adware etc. so spyware and trojans where the main reason that computer was so slow. the other reason was windows ME ugh....
    so my new pc got a different AV plus spysweeper.
    that computer has never been infected.
    back then antivirus companies missed all spyware because they werent looking for them. they were looking for traditional file infecting viruses.
    took them awhile to notice the new threat and help combact it.
    malware free since 2003 or 2004.
    people still fall for the spyware tricks to this day and the damage to the OS is getting worse.
    if a friend gets infected i ask them to run a scan with superantispyware free and it always delivers the goods.
     
  12. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    As great as things are now , you have not seen anything yet .

    Between active protection , removing power and scanner weapons we have 4 additional tools on the way that will all dramatically improve our abilities . Speed in which MBAM improves is one of the reasons we are so popular . Another is responce time to new threats . I get far more samples in each day than any one person could ever handle so what I do is prioritize . If every AV already detects something I dont even check it a second further . If next to none do it goes right to the top of the list . In the end this makes MBAM very good at dealing with what the AVs are very bad at . I also spend alot of time working with the HJT forum helpers and doing HJT forum research because the vast majority of samples there are AV bypassing samples and gold to MBAM defs .

    Working smart like this lets us do very well with only the fraction of the employees . At this moment we have three full time employees and two part time .

    I would imagine that watching the underdog win does not hurt us either .
     
  13. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I tried MBAM on some infected PCs( having rougeware) and it worked excellent. :thumb: Both these PCs were having real time AV protection ON.

    Now I changed my mind about AS scanners. IMO it,s necessary to have a real time AS/ AM in addition to AV for ordinary users and I think SAS and MBAM are good choices for this.
     
  14. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Hey Bruce, I've always had the question: are you the head of a (small) team working on samples and defs or is it just you?
     
  15. AKAJohnDoe

    AKAJohnDoe Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    989
    Location:
    127.0.0.1
    I have periodically installed SuperAntiSpyWare, CounterSpy, MBAM, and, in the distant past, even SpyBot Search & Destroy.

    But they never stay installed as they never find anything; for there is nothing for them to find.

    Perhaps it is clean living (computing). Perhaps it is the NAT Router and the software firewall. Perhaps it is Firefox and NoScript.

    In any case, I guess I am glad that there are programs out there for those who need them, and for me to use to validate the integrity of my own system.
     
    Last edited: Aug 11, 2008
  16. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From PC World article Are You Wasting Your Money Buying Antispyware Software?:

    Here are the on-demand detection rates of spyware and adware by various antivirus programs on 83,054 samples. Most AVs are over 90% in the adware and spyware on-demand category.

    Real-time antispyware programs that detect spyware by behavior might be useful, unless you're using a HIPS program or other abnormal behavior detection program that covers the same behavior areas.

    I have recently uninstalled all dedicated antispyware programs, and instead use 3 good AV programs, including one real-time. My HIPS covers most of the behavioral areas that the antispyware programs I'm familiar with covered.
     
  17. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    Defs are almost all me . I have one guy that from time to time does some strings against our link pile and another that researches the link pile to dig up further links .

    Very soon we are starting another full time hunter/defs guy so its only going to get better .

    My goal is to get 5 guys on this by 09 .
     
  18. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    I do not read anything that mentions multiple scanners detecting 90% of samples because that is not reality . I VTed a rooter and a downloader today that both scored a perfect 0/36 and that is the reality we all face . The downloader unleashes hell and has been know of for at least 3 months by all AVs but because of the best packing I have ever seen is never detected by more than 1 or 2 AVs on VT . Malware packing that evades the packer detection of antivir is some good (bad) stuff . While FUD by VT is not common , under 50% is and that is the case for the vast majority of what I see go through it . I do not think they will ever have a major publication where the only samples allowed in are not prescreened and taken directly from live links collected by impartial and independent malware hunters . The reality of a test like that would not make anyone other than the backhats happy .

    One thing that I have noticed and others have mentioned is that most AVs while great at blocking suck at removal when they screw up . MBAM is extensively used in HJT forums because it takes care of that situation by design far better than the AV that let the user down to begin with . We are adding more power to removal all the time and it is getting close to perfect .

    People can say all they want about how non AV+HIPS is dead but the simple truth is that a huge chunk of people surf like fools , never update anything , click on everything and will never know that HIPS do anything other than hold up their pants . These people need an app like MBAM for the many many times their preinstalled AV fails them . $24.95 lifetime VS. multiple $200 trips to the repair shop is simple good math .
     
  19. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    AV performance against malware (not just spyware and adware) collected from a honeypot is found at
    Most Effective Antivirus Tools Against New Malware Binaries. The August 8 stats are based on 3169 samples.
     
  20. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    The topic of this thread is Mbam, SAS, etc, and NOT Mbam versus NO protection whatsoever -- thus calling for $200 repairs (which is FUD to the extreme).

    MBAM I like. Poorly disguised spam & FUD on behalf of ANY security app -- for that I have zero respect.
     
  21. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Actually, the topic is Why Malwarebytes, SUPERAntiSpyware is popular? In my opinion, nosirrah is completely on topic when he states, "$24.95 lifetime VS. multiple $200 trips to the repair shop is simple good math." That's one reason why MBAM is popular. Simple as that. ;)
     
  22. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    My computer classroom has multiple computers for several years, none of them using MBAM. We never have had "$200 trips to the repair shop" because MBAM wasn't present. Not once --much less not "multiple" times as nosirrah's FUD implies.

    I use MBAM on my personal PC & like it a lot. However, my class's computers have safely used a certain AV & a certain HIPS for a very long time, with no MBAM & NO infections that required $200 repair jobs.

    This thread shouldn't become a set-up for ANY vendor's representative to bash competing products.
     
  23. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    Spoken like a real gent. :doubt:

    Of course indirectly speaking, it might do well to take that the MBAM'S statements are a basic generalization from his area of dealing with malware infested peeps and it's a sure bet he's not in a minority that's shared that's witnessed the downright shame of users left with little or no choice but to resort to dishing out more amounts of greenbacks then if their were ready alternatives available to these users.

    EASTER
     
  24. hex_614

    hex_614 Registered Member

    Joined:
    Jul 17, 2008
    Posts:
    155
    Location:
    Manila, Philippines
    because a single product cant handle alone. so im using a combination

    avg 8.0 + norton antibot

    SAS for on demand scanning

    Spywareblaster for add'l protection
     
  25. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    From what you are saying, it seems that MBAM should only be used as a complement to full AV's as it is designed to compliment them.
     
Loading...
Thread Status:
Not open for further replies.