Is Malwarebytes sufficient, or do I need another AV program too?

[jharris1993]

Greetings!

I am the proud owner of one of your "paid" premium subscriptions.

Looking at the blurbs about your software, it would lead me to believe that it does everything INCLUDING washing the dishes and changing the baby's diaper!  Of course, I understand that the marketing types that write this stuff tend to wax eloquent about their products capabilities.

All marketing hype aside, to what extent, if at all, is Malwarebytes a "complete" AV/Threat solution?  Is it absolutely, really, really, really and truly all I need, or is it more of a "supplement" providing an additional layer of security to a system that should already have an AV program installed.

I am not going to think the worse of you folks regardless of what the answer is, however I feel it is important to know exactly what Malwarebytes does, and does not, do.  This way I can insure that all the computers in my household are truly and adequately protected.

Thanks in advance for all your help!

Jim "JR"

 

[Porthos]

This is a post from a section I don't think you can access. Credit to @exile360

"Just to add, specifically with regards to the file types mentioned that we don't detect via our anti-malware engine (scripts, document files, media files etc.), these types of files and the kinds of threats they are used for (namely exploits) are covered by our anti-exploit component.  This is why we don't bother adding signatures to our anti-malware engine for such files nor expanding its capabilities to detect them because they are always used as a launching point for exploits whenever an attack is seen in the wild that involves such files (i.e. malicious ad/website downloads/executes malicious script - that's an exploit and we nail it; maliciously crafted document shows up attached to a spam email in your inbox and you open it with your office software and it attempts to execute a malicious script/malicious code - that's an exploit and we nail it; maliciously crafted MP3 or video file is downloaded from the web and you go to play it with your media player at which point it tries to execute malicious code - that's an exploit and we nail it).  With regards to patching files, while it is true that we do not disinfect infected legitimate files, we are capable of detecting them when they are infected and stopping them from infecting others on the system.  With regards to Trojanized legit processes and patched files, our anti-rootkit engine is capable of detecting these and replacing them with clean copies and malicious process/thread injection is covered by our anti-exploit tech.  Regarding phishing, while we do not currently have an email filter built into Malwarebytes, we do block known phishing sites and servers via our malicious website blocking component.

Now, with all of that said, we have not and do not plan to attempt to dissuade our customers from using a traditional AV alongside Malwarebytes if they wish to.  We have always and will continue to develop Malwarebytes to be compatible with other security applications in real-time so if you wish to use an AV with Malwarebytes 3 you are more than welcome to.  In fact, we deliberately refrain from disabling/removing Windows Defender/Microsoft Security Essentials or any other AV if we detect it installed/active during our installation.

So to sum up, we aren't trying to "be" antivirus, but we do believe based on real-world data that the layers of protection that we provide are sufficient on their own to keep a system safe from malware and PUPs but if you wish to have a second opinion such as an AV installed alongside Malwarebytes then that's fine too  ."

[jharris1993]

Thanks! 

BTW, here's the post that tells the whole story:

 

Years ago I was a distributor for Avira's anti-virus products and they relied heavily on the test results from AV Comparatives. These people do just what the article describes - a sample of already-known, (make that read "stale"), virus threats - is scanned to see what detects what. Though potentially useful, it doesn't tell the whole story.

1. No matter how often you update a signature file, zero-day exploits can still hammer you into the ground.

2. AV Comparatives' test methodology involved setting the AV product's settings to their most paranoid - *NOT* the usual "as installed by default" settings, (which are usually much more relaxed), to prevent the user's machine from slowing to a crawl.

So, (IMHO), this does not represent a valid real-world test.

3. I can understand the desire for a tool that can detect *existing* infections, *prior* to the file being run. (i.e. a downloaded image file or archive, etc.)

3. I am concerned about any program that requires something to happen first. In your case you say two things:

(a) Malware writers are a very clever bunch of people who are at the cutting edge.

(b) Your software requires something suspicious to happen first.

The conjunction of these two things implies that malware writers can, and should, detect and defeat this kind of detection.

So, I guess the real conclusion is that if a malware writer *REALLY* wants your @$$, there's not much you can do.

All you can do is load for bear and hope for the best.

Jim "JR"

 

[Maurice Naggar]

Hi,

I am going to make a few brief remarks.

Malwarebytes 3 Premium has multiple real-time protections.

Anti-malware, anti-exploit, anti-ransomware + protection against known malicious websites.

One other mention:  If your OS is Windows 10, that has Windows Defender, an excellent , powerful antivirus.  Its built-in & free.

Av testing / comparative companies use flat file testing, which does not reflect the way things happen in the modern , real world.

[jharris1993]

Didn't I just say that? 

(wink! wink!)

Seriously, what I tried to say is that if script-kiddies can crack the CIA, NSA, army, navy, Google, Amazon, and other sites that should really know what they're doing, the best we can hope for is to armor-up the best we can, try to stay below the radar and pray.

I like the concept of behavior-based protection as opposed to using lists that are obsolete even before they're released.

My only concern is if the protection program waits for something "suspicious" to happen, isn't it already too late?

(Example: There's a guy in your bedroom holding a knife to your throat while his accomplice has his way with your wife - isn't it a bit late to say "Ooh! Something suspicious is happening!")

[Maurice Naggar]

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

 

Safer practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".
Free games & free programs are like "candy". We do not accept them from "strangers".

Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).

 

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.


Check in at http://windowsupdate.microsoft.com 
Windows Update and install any Important Updates offered.

Make certain that Automatic Updates is enabled.
https://support.microsoft.com/en-us/help/12373/windows-update-faq

Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

Finally, BACKUP is your best friend.