Who Is MBAM's Target Audience?

[lock]

I asked myself several times what is the primary target market of MBAM.

1. average user: will use the PC without an AV or with the "built in" MSE or Defender. At best , the average user will buy from retail store a well known antivirus , like Norton or Mcaffe but will never buy MBAM because is not aware about it.

2. above average user : (like me) will search AV Test, AV Comparatives, various forums and will settle with a performant antivirus like ESET, Avira, Kaspersky, etc (like me) and will use other means to protect against malwares, like UAC set on max, guest account , frequent backup , scheduled scan, etc. Being concerned of PC performance and being overconfident, the above average user will not buy MBAM (like me)

3. the expert user: will claim that is not running any antivirus and that is performing safe-hex; the expert user will not buy neither AV nor MBAM; at best will run a free antivirus (like Avira, Avast or BitDefender )

So, in the end , who is the potential target audience of MBAM?

 

Thanks!

[Aura]

Quote

3. the expert user: will claim that is not running any antivirus and that is performing safe-hex; the expert user will not buy neither AV nor MBAM; at best will run a free antivirus (like Avira, Avast or BitDefender )

Protip: There's not a single "expert" user that isn't running an Antivirus. If they claim so, they are far from being "expert".

And Malwarebytes is pretty much targetted to everyone.

[whitefang]

Expert user here. Running MBAM Premium.

[Malacath]

An expert user that doesn't run anti-virus at all is not an expert but an idiot

[whitefang]

Just now, Malacath said:

An expert user that doesn't run anti-virus at all is not an expert but an idiot

I run an anti-virus as well as MBAM but I still strongly disagree with this statement.

[Malacath]

2 minutes ago, whitefang said:

I run an anti-virus as well as MBAM but I still strongly disagree with this statement.

Could you explain why you disagree?

 

While I can understand an expert not using anti-virus with linux. With windows it's just not worth the risk especially as Defender is built in.

[whitefang]

5 minutes ago, Malacath said:

Could you explain why you disagree?

 

While I can understand an expert not using anti-virus with linux. With windows it's just not worth the risk especially as Defender is built in.

Its been over a decade since I've triggered a non-false-alarm on an anti-virus product. So either I haven't been infected with anything, or I have and the AV products I've used were worthless.

Edited May 14, 2017 by whitefang

[Malacath]

Just now, whitefang said:

Its been over a decade since I've triggered a non-false-alarm on an anti-virus product.

Same here. Around the year 2001 when I had just re-installed Windows XP and forgot to switch on windows firewall. Computer was infected within a couple of minutes.

Since then i've never even caught a PUP because I've always been careful. I'm forever disinfecting friends computers though.

But I would still never go without at least free anti-virus on my system. I just don't think it's worth the risk

[whitefang]

Just now, Malacath said:

Same here. Around the year 2001 when I had just re-installed Windows XP and forgot to switch on windows firewall. Computer was infected within a couple of minutes.

Since then i've never even caught a PUP because I've always been careful. I'm forever disinfecting friends computers though.

But I would still never go without at least free anti-virus on my system. I just don't think it's worth the risk

Yeah, I don't disable Windows Defender on my workstation. I definitely make sure there's an AV product running any any machines I'm semi-responsible for though (think non-savvy friends and family). Oh, and I absolutely would make sure there's AV (and probably something like MBAM running as well) in any business environment I was responsible for.

I also stopped pirating software quite some time ago too, so that helps. I still subject my browser to all kinds of dirty parts of the internet though.

[Malacath]

10 minutes ago, whitefang said:

I also stopped pirating software quite some time ago too, so that helps. I still subject my browser to all kinds of dirty parts of the internet though.

That's where MBAM premium comes in for me. It regularly blocks dodgy malware infested or scam pop-ups especially if i'm not using Edge browser with it's smartscreen filter

 

[lock]

6 hours ago, Aura said:

If they claim so, they are far from being "expert".

read this: " I still don't use anti-virus software. Am I still nuts?" from cnet

https://www.cnet.com/how-to/i-dont-use-anti-virus-software-am-i-nuts/

or this: "40 Reasons Why You DON’T Need An Antivirus" from Emsisoft blog

http://blog.emsisoft.com/2014/12/08/40-reasons-why-you-dont-need-an-antivirus/

or this: "It might be time to stop using antivirus" from Ars Technica

https://arstechnica.com/information-technology/2017/01/antivirus-is-bad/

Edited May 14, 2017 by lock

[Aura]

5 hours ago, lock said:

read this: " I still don't use anti-virus software. Am I still nuts?" from cnet

https://www.cnet.com/how-to/i-dont-use-anti-virus-software-am-i-nuts/

or this: "40 Reasons Why You DON’T Need An Antivirus" from Emsisoft blog

http://blog.emsisoft.com/2014/12/08/40-reasons-why-you-dont-need-an-antivirus/

or this: "It might be time to stop using antivirus" from Ars Technica

https://arstechnica.com/information-technology/2017/01/antivirus-is-bad/

You know the Emsisoft article is totally sarcastic, right? It actually lists reasons people give when they say they don't have a need for an Antivirus.

The guy in the CNET article is using Windows Defender (built-in Windows 8.1), so that's an Antivirus.

And the guy in the Ars Technica (well, the guy they interview) is against third-party Antivirus products, but Windows Defender and Microsoft Security Essentials are okay.

So yeah, my point still stand.

[Nightwalker]

5 hours ago, lock said:

read this: " I still don't use anti-virus software. Am I still nuts?" from cnet

https://www.cnet.com/how-to/i-dont-use-anti-virus-software-am-i-nuts/

or this: "40 Reasons Why You DON’T Need An Antivirus" from Emsisoft blog

http://blog.emsisoft.com/2014/12/08/40-reasons-why-you-dont-need-an-antivirus/

or this: "It might be time to stop using antivirus" from Ars Technica

https://arstechnica.com/information-technology/2017/01/antivirus-is-bad/

 

Maybe YOU should READ the articles that are you recommending to others.

Emsisoft is being totally sarcastic, I am impressed that you never heard about "them" besides a Google Search.

[Telos]

If you scour the security forums, you'll find a number of threads that demonstrate that, properly configured, Comodo Firewall (free) can protect your system far better than any AV... to such a point that AV is merely superfluous.

Another (free) tool in development, VoodooShield (VS), is impressively effective as well.

And there are numerous videos that demonstrate their (CF, VS) ability to defeat ransomware, worms and their ilk, including the recently newsworthy WannaCry and its variants.

So yes, traditional signature-based AV has significant limitations.

[Aura]

2 minutes ago, Telos said:

So yes, traditional signature-based AV has significant limitations.

Quote

“[T]he author seems to [...] think that scanners still rely on "signatures" (i.e., sequences of bytes) to detect malware. This hasn't been the case for most respectable anti-virus products since the early '90s, when the heavily polymorphic viruses became widespread,” Dr. Bontchev told Bleeping Computer in an email.

“Nowadays much more advanced methods are used for malware detection. In some cases "scan strings" are not used at all,” he added. “Most of the time, scan strings are used only as a hint to the scanner to engage its more sophisticated (but slower) detection algorithms.”

Source: https://www.bleepingcomputer.com/news/security/researchers-explore-idea-of-sabotage-via-antivirus-engines/

[digmorcrusher]

If you know what you are doing you can absolutely run without an anti virus, many use Voodoo Shield, Appguard, Sandboxie etc to do this. Or by tweaking  Windows, however I agree, few are knowledgeable enough to do this, but if done correctly your probably safer than just relying on an anti virus.
 

 

 

[exile360]

On 5/14/2017 at 1:53 PM, digmorcrusher said:

Or by tweaking  Windows
 

 

 

I'm definitely in that camp.  I shut down TONS of useless (to me, anyway) components built into Windows that I don't use, especially ones know to be vulnerable to exploits/hackers etc. (like virtually everything with the word "remote" in it, and not just services either).  I also heavily modify the built in Windows Firewall rules (via the "Advanced" interface) to remove/disable rules that would normally allow (i.e. open ports) communications by certain services/components/protocols that I have no use for.  I've built up quite a massive batch (.bat) and registry (.reg) "tweak" tool that I run on my system firs thing after I get Windows installed.

That said, yeah, I still use an AV for now, though it's days are seriously numbered knowing what I know now about our own product; I was running a top ranked paid AV+MSE+Malwarebytes+several other tools but now it's pretty much just MSE+Malwarebytes  .  My AV came up for renewal recently and I decided not to renew it.

Still using Adblock Plus and my massive HOSTS file though, but that's mainly because I can't stand all those ads online and I don't take kindly to Google et al trying to track my every move online either  .  Perhaps someday Malwarebytes will integrate blocking of those as well, just as we do for malicious sites so that I can ditch the HOSTS file and Adblock and just turn on ad/privacy blocking in Malwarebytes the way I configure blocking/flagging PUPs.  Of course, I also have tons of anti-MS telemetry stuff set up as well, both in my HOSTS file and the Windows Firewall (some are IPs so I have to set them in the firewall to be blocked/can't use HOSTS file, but of course Malwarebytes could do it if its defs contained those IPs).

Edited May 16, 2017 by exile360

[digmorcrusher]

I am also considering not renewing my anti virus or at the very least just running with Defender and a couple other programs. Using any one of Appguard, Voodoo Shield, NoVirusThanks, Sandboxie or Shadow Defender along with UBlock Origin, Windows firewall and MBAM  is more than enough protection if your a safe surfer.

Edited May 16, 2017 by digmorcrusher

[exile360]

Oh yeah, if you're using our product+an anti-executable/lockdown tool like Appguard/Voodoo Shield etc., you're definitely in good shape as long as you're careful about what you allow to run etc.  Such tools aren't necessarily for novice users, but for those who know how to use them, they're very powerful tools.

[Hardhead]

I use to use DefenseWall  years ago but had to change once I bought laptops running 64bit MS OS.

I was checking my email and still have the lifetime active 32bit license DefenceWall.

I currently use an antivirus with a firewall included with Malwarebytes and a host file.

Back a few years ago Donna and I would create a blocklist for Outpost, Kaspersky and OnlineArmor firewalls that were very effected using hpobserver to check if the site was still up and running and using other tools from MS. Now theres only one firewall left out of the three. :-(

Times have changes so much over the years.

Edited May 16, 2017 by Hardhead
add other info

[Decopi]

Hi @exile360,

Perhaps do you have a kind of detailed tutorial of your Windows tweaks?

What components you disabled?

What rules you heavily modified in Windows Firewall?

Please, can you share your batch (.bat) and registry (.reg) "tweak" tool for Windows installation?

Can you share your massive hosts file?

Thanks!

[Telos]

While we're OT... VoodooShield is beginner-friendly, particularly in AutoPilot mode. Its default settings for the "free" version are robust, yet trouble free for the novice user. Maybe more so that an A/V or MBAM. I use it across all family devices.

[exile360]

2 hours ago, Decopi said:

Hi @exile360,

Perhaps do you have a kind of detailed tutorial of your Windows tweaks?

What components you disabled?

What rules you heavily modified in Windows Firewall?

Please, can you share your batch (.bat) and registry (.reg) "tweak" tool for Windows installation?

Can you share your massive hosts file?

Thanks!

No, sorry, I really can't.  If my tools/files caused any issues for anyone who downloaded/ran them, I'd feel pretty bad about it.  The range of things I use my PC for are pretty limited (hence all the stuff I can disable without it messing up my ability to use my system), but that's not necessarily true for everyone and I don't know the full extent of what some of these settings might break, just that I don't use any of it so I couldn't even determine which setting/modification might be at the heart of an issue if the files/settings did cause a problem for anyone.

As for the HOSTS file, it's nothing special.  I just use HostsMan with a bunch of (mostly) well known public sources along with a few additional entries which I've found via web research to block certain things (like some of the MS telemetry stuff and some of the other trackers not commonly blocked).

As for being OT, yeah guilty.  But back on topic, our target audience really is everyone and I say this with confidence because we've found that many (most these days, really) of our customers turn out to be just regular PC users, not tech gurus or anything like that but they just so happen to have heard about us/had Malwarebytes recommended to them by someone else, be it an online blog, forum like this one, web search when they themselves were dealing with an infection or a friend or family member (techie or not) in their life who recommended it to them.  Word of mouth has been our primary means of advertising since the beginning, and while we certainly have broader advertising these days, we still believe that word of mouth testimonials from people who've used our products/seen what they can do are still our greatest asset when it comes to gaining new customers.  We've even heard of PC repair techs who recommend us to their customers even though they aren't selling our products as resellers or anything like that, just because they believe in Malwarebytes' ability to keep a system clean of malware and PUPs.

Edited May 16, 2017 by exile360