Jump to content

Why Malwarebytes?

Recommended Posts

This is one thing I have not understood yet. I have google'd "anti-malware vs anti-virus", "malwarebytes vs antivirus", etc. and haven't found any satisfactory explanations.

All explanations are like "Malwarebytes targets malware. AV software targets viruses. Duhh".

What is that supposed to mean? What exactly does Malwarebytes do differently?


Also I don't really understand why I need an AV even if I have Malwarebytes.

I'm a pretty careful user, the only applications I have installed are Git, VMware Player,

a text editor, Chrome (with uBlock which blocks malware domains), Java (Chrome

no longer loads the Java plugin or any other NPAPI plugin), etc. At the moment I am

running Windows Defender only (on Windows 8.1) which is very light and unobtrusive.

However, I have recently decided to buy a more effective security suite. While I'm careful,

sometimes exploitable bugs are found in some applications (Chrome being the most

important one for me) and legitimate websites sometimes do unintentionally distribute

malware (through ads or because they are hacked). I don't believe that Windows Defender

can defend me from threats like this. What I would like to know is how effective Malwarebytes

would be in this case.


At the moment it looks like I'm going to go with one of the following solutions:

  • Windows Defender + Malwarebytes Anti-Malware Premium (real-time scanning is nice)
  • McAfee AntiVirus Plus
  • Kaspersky Anti-Virus
I would like to know which one of these provides the best protection from the threats I have



Now before you start recommending your favorite AV software, please note that AV software

can actually make your computer LESS secure. For example ESET recently had an exploitable

bug in its emulator, which could be activated by simply looking at a website. By exploting this

bug somebody could run arbitrary code on your computer. Also see Breaking Antivirus Software

by Joxean Koret.

Link to post
Share on other sites

Even Microsoft admits Windows Defender just isn't any good.
Malwarebytes' Anti-Malware ( MBAM ) is a niche application that...
Does not target script files. That means MBAM will not target; JS, PY, .HTML, VBS, VBE, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc.
It also does not target document files such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.
It also does not target media files;  MP3, WMV, JPG, GIF, etc.

Until MBAM, v1.75, MBAM could not access files in archives but with v1.75 came that ability so it can unarchive a Java Jar (which is a PKZip file) but it won't target the .CLASS files within. Same goes with CHM files (which is a PKZip file) but it doesn't target the HTML files within. MBAM v1.75 specifically will deal with; ZIP, RAR, 7z, CAB and MSI for archives. And self-Extracting; ZIP, 7z, RAR and NSIS executables (aka; SFX files).

MBAM specifically targets binaries that start with the first two characters being; MZ
They can be; EXE, CPL, SYS, DLL, SCR and OCX. Any of these files types can be renamed to be anything such as;  TXT, JPG, CMD and BAT and they will still be targeted just as long as the binary starts with 'MZ'.
MBAM targets mainly non-viral malware.  The exception being a virus dropper ( a malware file that drops a virus and starts a virus infection but is not infected with the virus ) and worms ( such as Internet worms and AutoRun worms ).
MBAM is incapable of removing malicious code that has been prepended, appended or cavity injected into a legitimate file.  That means if a file infecting virus infects a legitimate file MBAM will be unable to remove the malicious code.  An anti virus application should be able to remove malicious code from an infected file and hopefully bring it back to its preinfected state.  Which may or may not return the file to its original, non infected, checksum value.
A file infecting virus will prepend, append or cavity inject malicious code into a legitimate file.  Once infected, that infected file can further the infection by infecting other legitimate files.
On the other hand there are trojans that will prepend, append or cavity inject malicious code into a legitimate file.   However that file can not infect other files.  The infection stops with that targeted file.  These files are either deemed to be "trojanized" or "patched".  Since MBAM can not remove the added malicious code, at best MBAM will try to replace the trojanized file with a legitimate, unaltered, file.
Where a traditional anti virus application is weak, MBAM is strong.  Today's malware is much more complex than 10 years ago.  When we saw the Melissa virus ( I-Worm via SMTP  ), Lovsan/Blaster worm (  I-Worm via RPC/RPCSS @ TCP port 135 ) etc, they were distributed for the effect, damage and bragging rights.  Today's malware is more sophisticated in that it is "all about the money".  Malicious actors use malware to profit from.  Either by stealing, distribution affiliation revenue, data exfiltration, personal identification impersonation, etc.  To effect that the malicious actors don't want the victim to know that their system was compromised or they are so blatant about it by generating advertisements,  Yesterday's malware was simple and less obtrusive.  Today's malware is very intrusive and makes numerous modifications to the Operating System.  Those numerous modifications to the Operating System is where the traditional anti virus application does poorly and where MBAM specializes.
MBAM is not a historical anti malware solution.  That means it will not target old malware.  It's intent is to target 0-Day malware.  Malware that is infecting computers Today with malware found in-the-wild, Today.  That means that something like the BugBear which infected years ago will not be targeted by MBAM.  Malwarebytes will actually cull their signature database for malware that is no longer seen in-the-wild Today.


Therefore the niche that MBAM fills is the targeting of new malware that is infecting you, your friends, your family and your business and acquaintances.  It is built to not only prevent and remove malware but to fix the modifications that complex malware and Potentially Unwanted Programs ( PUPs ) make to a system.


Using MBAM in conjunction  with a fully installed anti virus applications greatly broadens one's protection and security as a force multiplier.


Prevention is still better than cure. 


All the software in the world will NOT help someone who is not diligent, does not use Critical Thought, does not maintain their system, does not educate them selves about the Internet, malicious activity and have some level of situational awareness.  In short, one has to practice Safe Hex.


Just like one should not cross the road without looking both ways to make sure it is safe to cross the road, one has to act similarly on the Internet Highway.  MBAM helps in that respect much like Road Signs, Traffic Lights and cross walks help on the grounded roads we travel.



Link to post
Share on other sites

Most any of them do...

Below are some AV Recommendations

There is no such thing as "the best" otherwise there would be no one else in the business.

Here is a List of well-known antivirus products use of any of these will help protect your computer.

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.

Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.

If you're not currently using Malwarebytes PRO then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.

If you really want to discuss antivirus and other security products in more detail then the Wilders Security Forums is an excellent resource to do so as they support and discuss many products.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.