Jump to content

MBAM only detect exe file?

iamauser
 Share

Recommended Posts

Firefox

Firefox

Posted
Posted

Malwarebytes Anti-Malware

Users Guide

Version 2.1.8

You can read the manual below to understand all functions of the new version....

Online Users Guide => HERE <=

Download PDF from => HERE <= (or just right click and choose save as)

NOTE: There is an FAQ section with valuable information located here:

Common Questions, Issues, and their Solutions

Link to post
Share on other sites
1PW

1PW

Posted
Posted
Differences between Malwarebytes Anti-Malware (MBAM) and anti-virus applications:

 

1. First, MBAM is incapable of removing malicious code from within an infected, legitimate, file.

 

File infecting viruses (real viruses, not what people "think" is a virus) prepend, append or cavity inject malicious code into legitimate files.  As a virus, the infected file can, in turn, infect other files and/or systems.  Some trojans may also prepend, append or cavity inject malicious code into legitimate files.  However, in this case, the infected files don't infect other files or systems. These are known as being "trojanized" or "patched". In both cases, MBAM can not remove the malicious code from infected files.

 

2. MBAM does not target documents, graphics/media or scripted files. That means scripted files such as; HTML, VBS, JS, PY, CLASS, SWFJavaScipt, PHP, BAT, CMD, SQL, etc are not targeted. Documents such as; DOC, DOCx, XLS, XLSx, PPT, PPTx, PDF, ODF, RTF, etc are not targeted. Media files such as graphics are not targeted such as; GIF, PNG, JPG, BMP etc.  Movie files such as; MOV, AVI, MPG, WMV, etc are also not targeted.

 

This means that MBAM will not target a Microsoft Word document that has a Macro Virus or a movie file that is a Wimad trojan. 

 

3. MBAM does not target exploit code.  That means malicious Java, PDF, Word files or other files that have been specially prepared to exploit a vulnerability will not be targeted. 

 

4. MBAM will target Windows executable files. They can be EXE, CPL, SCR, DLL, SYS and OCX. Windows Executable files have the first two characters being 'MZ'. Any executable file that has been renamed will still be targeted just as long as they are Windows executables where the first two characters are 'MZ'. That means an EXE that has been renamed to have the JPG extension will still be targeted.

 

5. MBAM is not a historical anti-malware solution. That means MBAM will not target malware that was seen in the wild in 2008, but is no longer seen in the wild. MBAM targets new, fresh, malware seen in the wild Today. Malwarebytes' personnel periodically cull the signatures for malware that is no longer seen in the wild and thus no longer relevant.

 

MBAM will target a limited subset of viruses called worms.

 

So when you take all that into account, MBAM Premium complements a fully installed on-access anti-virus solution. The fully installed anti-virus solution is relegated to the detection of such things as a malicious JavaScript, a PDF that is using exploit code or if the site is hosting a malicious Java Jar.

 

What MBAM excels over anti-virus solutions is remediating the modifications that malware makes to an Operating system. Today's non-viral malware will greatly modify the computer they infect to change the way they work. This could be changing file structures, NT Services or Registry modifications. Traditional anti-virus applications do poorly in reverting those changes to normal. MBAM excels in reverting those changes to normal.

 

Reproduced with the kind permission of the author, Mr. David H. Lipman and later edited and modified

Link to post
Share on other sites
1PW

1PW

Posted
Posted

So should I need AV if I have MBAM + MBAE premium?

Does Malwarebytes Anti-Malware replace antivirus software?

 

If AV needed, Windows Defender enough?

Many other anti-virus applications frequently offer much higher quality solutions. It is the practice of this forum to not recommend a specific anti-virus product.

 

List of well known antivirus products

Your system would certainly benefit from Malwarebytes Anti-Malware Premium and Malwarebytes Anti-Exploit Premium.

 

Thank you.

Link to post
Share on other sites
satrow

satrow

Posted
Posted

Does prevent users download from internet in Family Safety still the best way to prevent malware?

No, malware is more commonly spread via specific exploits, such targeting older/vulnerable versions of Flash, Java, pdf readers and other common browser plugins, as well as infected email attachments and links but if you have users who do download a lot of software to try out, or download content via torrents, etc. then they need educating :)

 

People will find a way past most safeguards like Family Safety if it stops them doing things; if you have multiple programs/methods blocking/protecting the computer with a wide range of special features you can spend less time physically guarding the computer from them.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.