Jump to content

General AV Effectiveness...?


Recommended Posts

To what extent is MBAM - in particular the active protection paid version - effective against malware in the most general sense? By this I mean to include all "malware" - i.e. viruses, worms, trojans, keyloggers, rootkits, etc.......

Does one truly "need" an AV app in addition to MBAM...?

The use of layered protection may well be the "best" protection but, numerous protection apps have a overall effect of reducing system perfomance. The risk/reward scenario for the additional protection raises questions as to what incremental gain each layer is relative to the system performance reduction. Hence, what level total malware protection does MBAM achieve and to what degree is a system unprotected without additional security apps.....?

Link to post
Share on other sites

Greetings Galileo.

One of the keys behind using a layered approach to security is picking the right software. They need to get along well and be low on resource usage. You can have a look at my signature to see what I run, and believe it or not, it has a negligable performance cost. I'm a gamer, heavy multitasker and do video editing and I have a very old dual core processor. You'll notice I'm not running MBAM in realtime, the reason isn't it's resource usage, it's due to the fact that it's currently incompatible with Vista 64 bit, but when it is, I'll have it running. The reason I believe in the layered approach is because I don't trust any one company to block every current threat out there at any given time.

For additional info about what MBAM detects and what it doesn't please have a look at this thread: http://www.malwarebytes.org/forums/index.php?showtopic=8068

Link to post
Share on other sites

It would miss things like actual viruses, older infections commonly detected by most AV's and older spyware. But most, if not all of these should be detected by a good AV product. It also will generally only detect items that are "active", in other words the developers won't add some ancient piece of malware to the definitions if it's not even out there infecting anyone anymore. It's made this way to keep it light on resources and not conflict with AV software that's also running on a user's system.

Link to post
Share on other sites

Thanks again for clarifying.

I have attempted to run MBAM (paid) concurrently with Threatfire (free). This results in a locked-up machine...their active protections do not play together apparently due to TF's methodology of hooking into the OS. The PCTools folks are studying this.

Any thoughts on the value of running MBAM and TF together? The PCTools folks are not familiar enough with MBAM to offer any comparisons of the two nor to identify areas of overlap of the two.

galileo

Link to post
Share on other sites

Here's the scenario:

1. Install Threatfire free edition (current version) - note that this is real-time protection with on-demand scan capabilities.

2. Install MBAM free version - i.e. on-demand scan only.

3. Threatfire and MBAM coexist without any obvious issues. Each can conduct its own scans without issues.

4. Enable MBAM Protection Module (requires paid license) and reboot.......

5. On reboot the system enters Windows (desktop) and while finishing loading has a hard lock-up. Video remains intact/mouse locks/keyboard locks/CPU locks...hard power off is required - i.e. power switch or, the more brutal, power cord.

6. Boot to Safe Mode and uninstall either MBAM or TF and the system is happy again.

I have mentioned this over in the PCTools forum and djames responded that TF low level system hooking is probably conflicting with MBAM's real-time module. They will eventually get around to studying the issue but, they are embroiled in their current beta release and will likely not take a look at this until after TF 4.1 is issued...at least that's my guess.

I am running XP Pro SP3 + Windows Firewall + IE7 + WMP11 and NO OTHER AV/AS or sandbox or firewall - I am behind a router firewall...so, no other interference issues. Try it out and confirm this...but, you will need to go to Safe Mode and ininstall one of the two in order to get back into your system.

galileo

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.