Do I need an anti-virus program

[bawldiggle]

All my PCs and laptops are using Bitdefender Internet Security 2013 -- to be upgraded to BIS 2014 when I get the time

BIS 2013 is paid up until Feb-2015, and automatically qualifies to update to version 2014

 

Does Malwarebytes Anti-Exploit replace my AV ?

 

Do I need both AV and Anti-Exploit ?

-  if yes ... why ?

 

All downloads are scanned by ...

1. VirusTotal

2  Bitdefender Internet Security 2013

3. Malwarebytes (free version)

 

I really don't know what to do.

 

Would appreciate any advice

[gonzo]

Neither Malwarebytes Anti-Exploit nor Anti-Malware replace your anti-virus software.  Anti-virus goes after a specific class of malware.  Anti-malware goes after newer threats and zero-day threats which are generally newer than what anti-virus can keep up with.  Anti-Exploit shields applications from disk and memory-based exploits. It ONLY watches those applications.  Anti-Exploit does not scan downloads, and the free version of Anti-Malware does not scan downloads...it scans your computer when you tell it to, and according to the specs that you provide.  If you want your activities to be protected in real-time, Anti-Malware Premium does that...that's the primary reason that its a premium product, along with scheduling of updates and scans.

 

The three different types of programs all work together to keep you safe.

[pbust]

Also check the FAQs:

https://forums.malwarebytes.org/index.php?/topic/136424-frequently-asked-questions/

[bawldiggle]

@ Gonzo +2

 

A good over view of the situation.

Thank you for helping.

[Louis]

GONZO,

 

I am considering replacing my MSE with Bitdefender Anti-virus Free Edition and keeping Malwarebytes Anti-Malware Premium.  It seems that both BD and MBAM Premium will be compatible.  I'm running a clean PC with Windows 7 Professional 64-bit.  I use Ccleaner daily and scan with SuperAntiSpyware frequently.  I have a clean machine.

 

What do you think?

 

Louis

[gonzo]

When it comes to the newest (and newer) threats, anti-virus programs are not near as effective as Malwarebytes Anti-Malware is.  As the threats age, anti-virus efficiency goes up.  You can bet that you will not be attacked by older malware because of the number of defenses which are effective against them.  Threats will usually be of a newer variety.  We can't recommend for or against any specific anti-virus programs, but we can work alongside most of them...though some may require some exclusions to be defined.  You should also consider Malwarebytes Anti-Exploit (free or premium).  It provides a lot of extra protection that no other product can match.

[Louis]

Copy that, Gonzo.  I'll look into Malwarebytes AE.

 

73

 

Louis

[Louis]

Gonzo,

 

Above you state: "When it comes to the newest (and newer) threats, anti-virus programs are not near as effective as Malwarebytes Anti-Malware is.  As the threats age, anti-virus efficiency goes up.  You can bet that you will not be attacked by older malware because of the number of defenses which are effective against them.  Threats will usually be of a newer variety.  We can't recommend for or against any specific anti-virus programs, but we can work alongside most of them...though some may require some exclusions to be defined."

 

OK.  Conceptually what you suggest makes sense: you have to stop the new threats (such as zero-day threats) that will not be included in the AV progams virus databases.  MBAM is designed to and is very effective at stopping these new threats.  It seems that (conceptually) IF you have a clean machine, then blocking new threats should be your primary concern -- using progams like MBMA (which I am using) and MBAE.  However, it seems to me that it would be prudent to periodically scan your PC to detect any threats that may have penetrated your first lines of defense.   

 

Let me restate my question -- removing any need for you to make a program-specific endorsement.  Do you see anything wrong with the approach I would like to try: An AV program (like BD) used in conjunction with MBAM?  Again, I'm running Windows 7 Professional 64-bit.  I use Ccleaner daily and scan with SuperAntiSpyware frequently.  I have a clean machine.  [i also use Ghostery, which I find very informative and effective.]

 

Thanks,

 

Louis

[gonzo]

I see absolutely no problem with the approach you are considering.  In reading your last statement, you may have read my comment about old threats meaning threats that were not dealt with as compared to newly-received ones.  I will be the first to say that I could be reading something into that.  Someone could be throwing the newest threats at a new machine, or coming at you with malware that has been around a while.  An anti-virus program will do a better job defending against an older threat than the newest ones.  The age of your computer (or the freshness of your build) has little to do with that.

 

Again, I could be reading something into what you said that was not meant in the first place.  The bottom line is that your approach is fine, and I wish more people were as concerned with security as you are.

[bawldiggle]

@ Gonzo

 

I have a few questions ...

 

How is MB better at capturing a new virus than a proven high-performing AV program ?

-  AV Compartives has been my yard stick for years.

Are you saying MB do a better job of identifying a new virus and quicker to add to the MB database ... ?

-OR-

does MB capture new virus' in a different way to AV programs. ?

 

Are you implying MB captures virus even if it is not on the MB data base. ?

-  so at some stage MB remove old virus IDs from the MB data base to make room for new ones, else the MB data base will become very bloated (slow) ?

[gonzo]

A virus is a type of malware, but malware encompasses viruses as well as other issues that are not classified as a virus.  Anti-virus programs (and Malwarebytes) run on signatures, which are specific characteristics that code has exhibited.  Malwarebytes also uses heuristics, which goes beyond signatures.  Over time, signatures incorporate that which was found by heuristics, but the questions are (a) how long does that take, and (b) what is your vulnerability in the interim.  If you use Anti-Malware AND Anti-Exploit, you are covering the "what" and the "how" malware attacks you.  Researchers keep the secrets to themselves (rightfully so), but the database does not need to bloat in order to provide protection if it provides the protection that you need.  I know that sounds vague, but only those who need to know actually know.  The rest of us are all in the dark to some degree.  Bottom line is that it works.

[bawldiggle]

Thanks Gonzo for your prompt reply

 

but malware encompasses viruses as well as other issues that are not classified as a virus

 

Adware ?

 

On VirusTotal, sensitivity to adware varies. It seems there are a lot of political decisions made by AVs and MB, whether a particular adware is a risk or not.

Obviously no AV nor anti-malware can detect sneakware vs open opt-out adware.

Safest for me is a virtual drive (with a clean image of the VD) and test downloads in a safe environment..

I am still agonising about establishing a dedicated virtual drive for emails and browsing.  Then I can keep my host drive clean.

 

I hope!

[gonzo]

The technical terms are becoming blurred.  For the utmost in protection, use a VM.  Make snapshots.  That's your safest environment.  Its a constant battle of better mousetraps vs. smarter mice.

[AdvancedSetup]

Some links you may find useful to read about.

 

MBAE Exploits: How they work and how to crush them

MALWARE - ROOTKITS - TROJANS - WORMS - VIRUS

List of well known antivirus products

Do I need a Windows Registry Cleaner?

Backup Software

The complexity of finding, preventing, and cleanup from malware