Jump to content
Diamond007

Is Malwarebytes a antivirus reeplacement for Norton or other apps?

Recommended Posts

Is it really safe to get rid of any other antivirus programs when using Malwarebytes?

If I stay with both do they play nice together?

Share this post


Link to post
Share on other sites

Hello @Diamond007

You should be able to user Malwarebytes as your AV replacement. Please check this link:

https://blog.malwarebytes.com/malwarebytes-news/2016/12/announcing-malwarebytes-3-0-a-next-generation-antivirus-replacement/

Malwarebytes also plays nice with most of the comparative AV vendors. You might just need to add exclusions to ensure full compatibility.

Thank you.

Share this post


Link to post
Share on other sites

Absolutely, Malwarebytes is the best and I've tested every AV program I could get my hands on.

Share this post


Link to post
Share on other sites

Interesting, could you please tell us what you've tested and how you tested them Cain? Not saying that MB3 isn't good but I've to see a test done by a professional  AV testing orginization that showed it was " the best". Thanks.

Share this post


Link to post
Share on other sites

Sorry, I will keep my other security programs no matter what anyone says.

Share this post


Link to post
Share on other sites

I won't try to sway you, but check out this map from the Malwarebytes website.  It shows how many threats Malwarebytes is catching that others aren't.  On top of the info it provides, its just plain fun to watch.

https://www.malwarebytes.com/remediationmap/

 

Share this post


Link to post
Share on other sites
15 hours ago, Diamond007 said:

Is it really safe to get rid of any other antivirus programs when using Malwarebytes?

If I stay with both do they play nice together?

No it's not safe a layered protected pc is always your best bet, Malwarebytes can't protect your pc from every threat out there running a good solid antivirus is always advisable, alongside your Norton Antivirus your PC will be pretty safe.

Share this post


Link to post
Share on other sites

The list does not include Emsisoft Anti-malware. Maybe I am on the good side of the ether!

Share this post


Link to post
Share on other sites
2 hours ago, KenW said:

The list does not include Emsisoft Anti-malware. Maybe I am on the good side of the ether!

EAM is very good but probably has something to do with the number of consumers using a certain product. Top 2 on map are Microsoft and Avast which coincidentally have the most users as well.

Share this post


Link to post
Share on other sites

I had to include them. Based in New Zealand not many people hear of them. I like the small guy since they have to put more effort into their product.

Share this post


Link to post
Share on other sites
15 hours ago, digmorcrusher said:

Interesting, could you please tell us what you've tested and how you tested them Cain? Not saying that MB3 isn't good but I've to see a test done by a professional  AV testing orginization that showed it was " the best". Thanks.

https://www.av-test.org/en/award/2014/best-repair-malwarebytes/

 

https://www.av-test.org/en/news/news-single-view/17-software-packages-in-a-repair-performance-test-after-malware-attacks/

Share this post


Link to post
Share on other sites
22 hours ago, Diamond007 said:

Is it really safe to get rid of any other antivirus programs when using Malwarebytes?

If I stay with both do they play nice together?

:welcome:

 But not to beat a dead horse, That has been officially addressed here. I personally leave Defender on in Win 10. The people with older OS's I have no recommendations because every computer see has Win 10 on it when it comes in or goes out with it installed. ;)

 

Edited by Porthos

Share this post


Link to post
Share on other sites
1 hour ago, gigiadi said:

Thanks but those tests are almost 4 years old and refer to repair rather than prevention. Also MBAM 1 was tested which some say was the best version ever, we are on version 3 now so tests are meaningless in reference to current version.

Share this post


Link to post
Share on other sites
3 hours ago, digmorcrusher said:

Thanks but those tests are almost 4 years old and refer to repair rather than prevention. Also MBAM 1 was tested which some say was the best version ever, we are on version 3 now so tests are meaningless in reference to current version.

I tested ,compared Malwarebytes ,just for me. I was interested in protection, ease of use,
control (like :  disable start whith windows ,exit/ right click from taskbar) ,
do not slow down the Internet ,not slow down the computer  ,capacity on desinfection malware ,
adware ,and other animals not so dangerous  , but not detected by many AV software.
I do not use computer just for run antivirus software ,I have experience . I have backups .
AND NOBODY NO PERFECT .

 

Share this post


Link to post
Share on other sites

Malwarebytes does not check for scripted malware, document files, media files and it is incapable of removing malicious code that has been prepended or injected into legitimate files like virus infected files.

 

It is good butt for me it is the best to use it with a full antivirus program

Share this post


Link to post
Share on other sites
1 hour ago, boombastik said:

Malwarebytes does not check for scripted malware, document files, media files and it is incapable of removing malicious code that has been prepended or injected into legitimate files like virus infected files.

 

It is good butt for me it is the best to use it with a full antivirus program

In more basic English,

Malwarebytes does not target script files. That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

 

Now with that being said. Malwarebytes Premium with all the protections enabled will stop the above files from harming/ infecting your computer if you made the mistake of executing them.

 

Some of the above files are VERY common in E-Mail. Basically do not open attachments you are not 150% sure about. ;)Scanning the above types of files wil not trigger a detection, Only when executed and exploit and web protection and other technologies in Malwarebytes step in.

 

I still keep Windows Defender active. ;)

 

Share this post


Link to post
Share on other sites
3 minutes ago, Porthos said:

In more basic English,

Malwarebytes does not target script files. That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

 

Now with that being said. Malwarebytes Premium with all the protections enabled will stop the above files from harming/ infecting your computer if you made the mistake of executing them.

 

Some of the above files are VERY common in E-Mail. Basically do not open attachments you are not 150% sure about. ;)Scanning the above types of files wil not trigger a detection, Only when executed and exploit and web protection and other technologies in Malwarebytes step in.

 

That is correct, however I also know for a fact that right from the start, certain scripts/script types are detected or even flat out blocked by default under certain conditions (typically if executed/called by a process known to be used in exploit/drive-by attacks such as a web browser/browser plugin or extension, office application or email client app).  No, Malwarebytes does not use signatures to target scripts.  And frankly, I'm glad that it does not because such protection which is unfortunately typical for many AVs these days is not only outdated, but also largely ineffective against real-world script based threats and attacks.  The reason I say this is because all a script file is when it comes down to it is a text file.  A text file can easily be rewritten, modified and/or obfuscated/encrypted using any number of common, very easy to implement (and even automate) methods.  This means that all the bad guys need to do in order to avoid having their scripts blocked by vendors who use signatures is make one or two simple modifications to their scripts to evade detection and bypass completely that layer of defense.  On the other hand, if a script is blocked from being launched by the application being used by the bad guys to deploy their attack, the only choice the bad guys are left with is moving on to a completely new attack vector (in other words, they have to stop using scripts and/or stop using web browsers/plugins/emails for their attacks).  I was once told by one of the Malwarebytes Developers that the Anti-Exploit layer in Malwarebytes is pretty much bullet-proof, meaning there is no known way to get past it using any exploit attack vector currently covered by it (and there are a LOT of them; you can see this if you look under Settings>Protection>Advanced Settings located under Exploit Protection in the Realtime Protection section).

So basically, unless the attack vector being used is completely new (i.e. not just another obfuscated/altered re-hash of a known exploit attack vector already covered by Malwarebytes), it shouldn't be able to bypass detection and prevention by the Anti-Exploit layers in Malwarebytes 3.  Not only that, but whenever a new attack vector emerges in the wild, the team goes to work analyzing it and determining if it can be generically/behaviorally secured and blocked by implementing a new exploit blocking rule or adding a previously unprotected app to the list of default protected applications and if it makes sense, they generally will proceed with implementing the new layer to further enhance protection from exploits.  That means that once the bad guys get wise to the new protection in Malwarebytes blocking their exploits, they can't just encrypt/obfuscate their scripts or make some rewrites to the script file's contents to get around Malwarebytes exploit defense layer.  They're forced to go back to square one and build a new attack vector from scratch that avoids using any currently shielded attack vector.  For signature based protection from scripts (the typical script protection offered by most AVs which is what you see for scripts detected by vendors on VirusTotal and similar sites, and what would cause Malwarebytes to detect such files via scans were it made to do so), altering and/or obfuscating the script would be sufficient to bypass them and infect more users.  In fact, it is for this reason that some threats/attacks won't even attempt to infect a system where Malwarebytes is detected as being installed, much as many will detect if the OS is running in a virtual machine (VM) and refuse to run/execute/infect the system if it is, because their targets are systems they are more likely to be successful in attacking and they don't want researchers to see their threats if they can avoid it.

Share this post


Link to post
Share on other sites

For me Windows Defender + MBAM 3.3 are working together very well. No issues at all!

The only 2 things I did to improve this happy marriage were:

- following the awesome help from @Porthos I added the exclusions in both applications.

- I changed the interval Windows Defender autoupdates itself from every around 22 hours to every 1 hour using the Shell Command: Set-MpPreference -SignatureUpdateInterval 1

Windows 10 64 Bit PRO (build 1709)

:)

Share this post


Link to post
Share on other sites
48 minutes ago, exile360 said:

That is correct, however I also know for a fact that right from the start, certain scripts/script types are detected or even flat out blocked by default under certain conditions (typically if executed/called by a process known to be used in exploit/drive-by attacks such as a web browser/browser plugin or extension, office application or email client app).  No, Malwarebytes does not use signatures to target scripts.  And frankly, I'm glad that it does not because such protection which is unfortunately typical for many AVs these days is not only outdated, but also largely ineffective against real-world script based threats and attacks.  The reason I say this is because all a script file is when it comes down to it is a text file.  A text file can easily be rewritten, modified and/or obfuscated/encrypted using any number of common, very easy to implement (and even automate) methods.  This means that all the bad guys need to do in order to avoid having their scripts blocked by vendors who use signatures is make one or two simple modifications to their scripts to evade detection and bypass completely that layer of defense.  On the other hand, if a script is blocked from being launched by the application being used by the bad guys to deploy their attack, the only choice the bad guys are left with is moving on to a completely new attack vector (in other words, they have to stop using scripts and/or stop using web browsers/plugins/emails for their attacks).  I was once told by one of the Malwarebytes Developers that the Anti-Exploit layer in Malwarebytes is pretty much bullet-proof, meaning there is no known way to get past it using any exploit attack vector currently covered by it (and there are a LOT of them; you can see this if you look under Settings>Protection>Advanced Settings located under Exploit Protection in the Realtime Protection section).

So basically, unless the attack vector being used is completely new (i.e. not just another obfuscated/altered re-hash of a known exploit attack vector already covered by Malwarebytes), it shouldn't be able to bypass detection and prevention by the Anti-Exploit layers in Malwarebytes 3.  Not only that, but whenever a new attack vector emerges in the wild, the team goes to work analyzing it and determining if it can be generically/behaviorally secured and blocked by implementing a new exploit blocking rule or adding a previously unprotected app to the list of default protected applications and if it makes sense, they generally will proceed with implementing the new layer to further enhance protection from exploits.  That means that once the bad guys get wise to the new protection in Malwarebytes blocking their exploits, they can't just encrypt/obfuscate their scripts or make some rewrites to the script file's contents to get around Malwarebytes exploit defense layer.  They're forced to go back to square one and build a new attack vector from scratch that avoids using any currently shielded attack vector.  For signature based protection from scripts (the typical script protection offered by most AVs which is what you see for scripts detected by vendors on VirusTotal and similar sites, and what would cause Malwarebytes to detect such files via scans were it made to do so), altering and/or obfuscating the script would be sufficient to bypass them and infect more users.  In fact, it is for this reason that some threats/attacks won't even attempt to infect a system where Malwarebytes is detected as being installed, much as many will detect if the OS is running in a virtual machine (VM) and refuse to run/execute/infect the system if it is, because their targets are systems they are more likely to be successful in attacking and they don't want researchers to see their threats if they can avoid it.

Excellent information to have ?

Share this post


Link to post
Share on other sites
2 hours ago, mountaintree16 said:

Excellent information to have ?

I told Samuel(exile360) that he should look for a writing job somewhere to earn money. He is really good at it.;)

Share this post


Link to post
Share on other sites
1 hour ago, Porthos said:

I told Samuel(exile360) that he should look for a writing job somewhere to earn money. He is really good at it.;)

He is dang good at it, I certainly agree!!!

Share this post


Link to post
Share on other sites

I agree as well.  I have not seen anything that Samuel chose to do that ended up poorly.  He cares about what he does, and the results show!

Share this post


Link to post
Share on other sites
9 minutes ago, gonzo said:

I agree as well.

Your technical manuals are just as good Micheal. :)

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.