Jump to content

Malwarebytes vs Windows Defender


Recommended Posts

With the advice that you provided, maintenance of the system is as little, or as large as you make it, along with the Microsoft links.

My personal opinion is that Windows Defender is Excellent, and sufficient.

Even if I run a Malwarebytes scan, and it detects something that Windows Defender did not, we can work hard to try and analyse how dangerous this is/whether it is a significant threat to the functioning of the computer.

However, I believe this to be a very difficult question, and what I am trying to say is that I think that anything that is missed, or not detected by Windows Defender (bearing in mind that it is capable of detecting Malware) is likely to be insignificant and not at all dangerous, or threatening to the functioning of the computer.

The point that I am making is that how can you tell what is not dangerous, and what is dangerous?

Superantispyware classified detections into 

  • Critical Threats
  • Potentially unwanted programs/Settings
  • Tracking objects

In order of decreasing severity.

So what I am saying is that 

  • Even if Malwarebytes detects something that Windows Defender does not, how can you tell, or assign a measure as to how significant, or dangerous this is, unless you run Superantispyware, which is the only software that I have seen that is able to classify threat levels?

 

  • Because Malwarebytes does not provide measures of threat severity, I do not see much advantage in the use of Windows Defender and Malwarebytes over and above Windows Defender alone.

What I can do is send you details of the detection/the file for further analysis, and investigation, as you make the point that some detections could be ‘false positives’.

 

Link to post
Share on other sites

So, to summarise,

What I can do is send you the details of what is identified;

  • Windows Defender detects something, and Malwarebytes does not
  • Windows Defender detects something, and so does Malwarebytes
  • Windows Defender does not detect anything, and Malwarebytes does

I can then send you the file/details of the bug, and then you can analyse.

Then to be thorough, I can run Superantispyware, and you can compare your analysis with that of Superantispyware.

We can then reach a conclusion as to how dangerous the bug is.

 

Link to post
Share on other sites

https://www.ghacks.net/2017/05/26/set-windows-defender-antivirus-blocking-to-high-on-windows-10/

 

You see if you follow this link, and read the screenshot, the level of Windows protection can be increased, indicating that if these steps are not followed, Windows defender is not working to its optimal, full, or 100 % capacity.

 

What this should indicate or describe is that programmers are familiar with the concept of hierarchy.

 

Like clothing sizes

·         Small

·         Medium

·         Large

The same logic is being applied to virus threats;

  • High: 1,000 machines or 10 infected sites or 5 countries
  • Medium: 50-999 machines or 2 infected sites/countries (i.e., WildList)
  • Low: Anything else

http://www.moneysavingexpert.com/utilities/free-anti-virus-software

The firewall can be set on low, medium and high levels of protection.

If the Windows firewall is set on high, you may need to spend some time tweaking its settings in the Control Panel to stop it becoming a nuisance. By default, it'll stop you downloading files over Skype, and it'll block a whole load of programs that download from the web.

I think that what this means is that it is possible to determine how serious a threat to the computer is;

·         Low

·         Medium

·         High

Link to post
Share on other sites

My personal opinion is that Windows Defender is sufficient to do the job.

I’ll continue scanning with Malwarebytes from time to time, and Superantispyware.

I would be very surprised if Malwarebytes detects something very dangerous that Windows Defender has missed based on previous experience.

I can assess the level of threat by using Superantispyware, http://www.virustotal.com  and liaison with Dell Technical Support.

Based upon the evidence I would rank Windows Defender as no.1, and consider the use of Malwarebytes as not essential.

Link to post
Share on other sites

 I am being advised by Dell Technical Support by email.

 

From: Prashanth_R5 [mailto:Dell_Support_EUE1002@dell.com]
Sent: 06 June 2017 18:21
To: msmithani@hotmail.com
Subject: RE: FW: Infection? - Is this dangerous? <<#1554760-19005425-25215765#>>

 

Dear Mithani,

 

Thank you for contacting the Dell Support Team.

 

with regards to you email we will get back to you shortly with an update.

 

Please reply to this e-mail with the most convenient time (2hour time window) if you need any additional assistance and we will get in touch with you through email or via phone as soon as possible. Kindly retain the subject line while replying to this e-mail. Assuring you the best of my services.

 

Thanks & Regards,  

 

Prashanth R

Dell| Premium Support

Voice Mailbox Extension: 3405860/ Visit us at: Support.euro.Dell.com

Or call us at 0800-028(2660) - United Kingdom | Ireland – 1800-434(334) | Monday – Saturday (8:00 AM to 8:00PM GMT)

CLICK HERE to diagnose the issue with your computer and order a replacement part yourself!

Dell’s interactive support agent: CLICK HERE to find solutions to common issues.

Support library for windows operating system issues: (including windows 10) CLICK HERE

Please Click Here to access Product Support: Order Support: Warranty: Contact Information etc   

 

Link to post
Share on other sites

Yes, and to see if Windows Defender detects something that Malwarebytes does not, and vice versa.

Although the current evidence that I have uncovered suggests that Malwarebytes does not detect what Windows Defender does, and Windows Defender is sufficient, I could be wrong, and I can continue using both. I could try this for 6 months;

So this is what could happen;

  1. Windows Defender detects something that Malwarebytes does not, and I follow the steps listed above to identify.
    1. Assess level of threat using the following;
      1. Superantispyware
      2. http://www.virustotal.com
      3. liaison with Dell Technical Support

  2. Windows Defender and Malwarebytes both detect the same thing; follow steps above

  3. Malwarebytes detects something that Windows Defender does not; follow steps above

If its ok with you, keep this thread open for 6 months or so, and I can report findings. So far Windows Defender has only detected one issue that Malwarebytes has not, but I cannot say for certain whether this is likely to be the case for all threats, so if I run this for 6 months that should be long enough to reach conclusions.

My premium membership expires in 30 days, and after that I am on free Malwarebytes, so if this is ok with you, then I can continue like this, unless you think that free Malwarebytes virus scanning is very weak as compared to premium.

 

 

Link to post
Share on other sites

I could be wrong, and it may be advisable to run Malwarebytes alongside Windows Defender, though on the current evidence, which I have posted this is not the case.

If Malwarebytes in the next 6 months detects significantly more threats than Windows Defender, and we conclude by using the method above that they are high risk, then it may be advisable to keep running Malwarebytes.

Link to post
Share on other sites

Quote

Yes, and to see if Windows Defender detects something that Malwarebytes does not, and vice versa.

This isn't the section for that unfortunately. This section is to request assistance if your system is infected and if you need help to clean it up. Since your system is clean, this thread will be closed as it have served its purpose. You are free to open a new thread here if you end up being infected in the future however.

Quote

Windows Defender detects something that Malwarebytes does not, and I follow the steps listed above to identify.

  1. Assess level of threat using the following;
    1. Superantispyware
    2. http://www.virustotal.com
    3. liaison with Dell Technical Support

I don't know why you would contact Dell for a threat detected by a product other than their. They do not deal with malware at all.

Quote

If its ok with you, keep this thread open for 6 months or so, and I can report findings. So far Windows Defender has only detected one issue that Malwarebytes has not, but I cannot say for certain whether this is likely to be the case for all threats, so if I run this for 6 months that should be long enough to reach conclusions.

Like I explained above, this thread cannot remain open as it have served its purpose, and therefore, will be closed.

Quote

My premium membership expires in 30 days, and after that I am on free Malwarebytes, so if this is ok with you, then I can continue like this, unless you think that free Malwarebytes virus scanning is very weak as compared to premium.

It isn't. The scanning capabilities are the same in the Free and Premium version, however Malwarebytes Free doesn't offer real-time protection, which weakens your security setup as you don't have the protection layers it offers to keep you safe.

Quote

I could be wrong, and it may be advisable to run Malwarebytes alongside Windows Defender, though on the current evidence, which I have posted this is not the case.

There's no evidence of that. Also, see the following post:

Quote

Can Malwarebytes 3.0 run alongside Symantec or McAfee?
Certainly! We built Malwarebytes 3.0 to be compatible with all major anti-virus software, even Windows Defender and Microsoft Security Essentials. In fact by default Malwarebytes 3.0 installs in compatible mode alongside Defender, MSE or third-party antivirus products.

Source: https://forums.malwarebytes.com/topic/191650-malwarebytes-3-frequently-asked-questions/?do=findComment&comment=1077438

 

Edited by Aura
Link to post
Share on other sites

I can assess the level of threat by using

1.    Superantispyware,

2.    http://www.virustotal.com  

3.    Liaison with Dell Technical Support.

4.    You are also free to submit suspicious/malicious files in the "Research Center" part of the forums.

a.    https://forums.malwarebytes.com/forum/44-research-center/

 

b.    https://forums.malwarebytes.com/forum/7-malware-removal-for-windows/

 

Between all of these, I should be able to reach a conclusion as to how dangerous the threat is.

Link to post
Share on other sites

  • 2 months later...

some interesting discoveries.

I ran a scan using Malwarebytes, and it detected 29 threats.

Then I ran Superantispyware to analyse how serious these threats are; it came up with one critical threat. Although Malwarebytes identified a similar threat PUP.Optional.Reimage, HKU\S-1-5-21-4079396374-1713880073-3064916896-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, No Action By User, [1040], [327205],1.0.2559

it was not the exact same one.

Superantispyware then removed all the threats.

I then ran Malwarebytes again, and it identified the same 29 threats as before Superantispyware did it's work including the threat similar to this

PUP.Optional.Reimage, HKU\S-1-5-21-4079396374-1713880073-3064916896-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, No Action By User, [1040], [327205],1.0.2559.

Conclusion

Windows Defender full scan missed threats that Malwarebytes and Superantispyware identified.

Malwarebytes missed threats that Superantispyware identified, and labelled as a critical threat.

Between Windows Defender, Malwarebytes and Superantispyware, you can probably get comprehensive protection.

Windows Defender has identified malware that Malwarebytes has missed in the past.

 

 

29 threats.txt

Slide1.JPG

2.txt

Link to post
Share on other sites

1.    http://www.virustotal.com  detect threats in the following file, which Malwarebytes did;

PUP.Optional.Reimage, C:\USERS\MURAD\APPDATA\LOCAL\TEMP\REIMAGEPACKAGE.EXE, No Action By User, [1040], [331559],1.0.2559

http://www.virustotal.com did not detect any threats in these files

PUP.Optional.Reimage, C:\USERS\MURAD\APPDATA\LOCAL\TEMP\REIMAGE.LOG, No Action By User, [1040], [334717],1.0.2559

PUP.Optional.Reimage, C:\WINDOWS\TEMP\REIMAGE.LOG, No Action By User, [1040], [334717],1.0.2559

PUP.Optional.Reimage, C:\WINDOWS\REIMAGE.INI, No Action By User, [1040], [412667],1.0.2559

 

 

 

Link to post
Share on other sites

On 6/8/2017 at 2:44 AM, msmithani said:

I think that your bias to Malwarebytes is overshadowing your rationality;

Windows Defender picked up Malware that Malwarebytes did not.

 

That is true. That is why I run both. That statement can go both ways.

Edited by Porthos
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.