Jump to content

An ounce of prevention is worth a pound of cure


gvd

Recommended Posts

I've always believed in the idea that an ounce of prevention (not getting malware in the first place) is worth a pound of cure (cleaning off malware later).

With that in mind, why isn't there an option in Malware Bytes to simply quickscan a folder for a malware installer? For example, let's say your buddy says "hey I found this great new application blah blah". So you crank in blah blah into google, and find what looks like a legitimate site.

But how can you be sure? You download the installer, and save it. It'd be nice if I could say, "hey malware bytes, I'm not sure of this. Please scan it and see if it's junk."

Unfortunately as it is, the only way to deal with this situation is to take the installer, throw it into a virtual machine, and have the installer infect THAT. Then Malware Bytes can scan and clean the infection, but it seems like trying to close the barn door after the horse has already bolted. (Not to mention it gets old restoring virtual machine states!)

In case it's not clear, this is a real incident, not hypothetical! I still have the infected installer sitting on my hard drive that installs malware that MWB can detect after it's installed but not before. If I do a full drive scan with MWB, that installer file passes with flying colors.

Link to post
Share on other sites

  • Root Admin

Are you using the PAID version with active blocking that prevents what you're talking about?

And if you really want to test that stuff then an actual Anit-Virus scanner would be a better choice than just an Anti-Malware scanner.

Online Virus, Malware Submission Sites

Free - Live Online Scanning Sites

Link to post
Share on other sites

Are you using the PAID version with active blocking that prevents what you're talking about?

How does that address the issue of not being able to scan the file beforehand? Again it's trying to catch the horse after it's already out the barn door. (It's smarter not to get mugged than to try and catch the thief afterwards!)

And if you really want to test that stuff then an actual Anit-Virus scanner would be a better choice than just an Anti-Malware scanner.

But anti-virus programs don't really do malware properly or completely. Example is ClamAV -- it looks for conventional viruses, and catches some malware, but nowhere near the amount that MAB does.

Link to post
Share on other sites

How does that address the issue of not being able to scan the file beforehand? Again it's trying to catch the horse after it's already out the barn door. (It's smarter not to get mugged than to try and catch the thief afterwards!)

Too bad you can't edit your posts on this board, or this would make more sense.

I didn't understand what you were asking before. Yes, the paid version offers a context menu to scan the file, but since a full drive scan doesn't flag that file as dirty, the context menu scanning doesn't get you anywhere.

Link to post
Share on other sites

The reason the file doesn't get flagged is because of the way Malwarebytes' looks for threats. It's designed to target active infections on a user's system, not malicious installers packed into other programs/files. This method of detection is what makes MBAM stand out from a typical antivirus, and also the reason it's so successful at what it does do. If you want something to scan files like this with I'd highly recommend Avira (AV).

More info on what MBAM is designed to do can be found here:

Is Malwarebytes' Antivirus?

and also here: Individual file scan w/ Antivir or MWB?, which would be best

Also, you are allowed to edit posts after you've made at least 50 posts. This is because of issues in the past with users altering their already posted HijackThis logs, unfortunate rule, but necessary.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.