Can I replace my antivirus with Malwarebytes for personal use?

[Gaurav27]

I am using Avast Free Antivirus latest version, also Malwarebytes latest version running in my Windows 10 Creative Update 64 Bit. I am using my PC for personal use.

Some description of Malwarebytes says that it can replace Antivirus with Malwarebytes, I used this and I impressed because it can remove hidden virus and other Malware that antivirus does not easily detect, I also used trial of Premium features, Premium features are excellent, now automatically activaed in free version. I planned uninstall my antivirus product, but some questions that makes doubt, not only for me, but also many users which is running Windows 7, 8.1 and 10:

1. Real Time Protection only works in Premium, not in free, so can free version also block virus and malware if accidentaly run? If yes, then why cannot notify that particular file has been removed from your computer? I asked this because Malwarebytes only notify after complete "threat" or "custom scan".

2. What will heppen if external disk attached in my computer(which is already infected by autorun virus like AUTORUN.INF) and only Malwarebytes free version run(no other antivirus running)? Because built in Windows Defender only notify, but cannot automatically block.

3. Is Malwarebytes planned to build thier personal Firewall? Windows FIrewall is good, but not better as compare to 3rd party free firewall softwares like Comodo or ZoneAlarm.

4. Why Malwarebytes not building PC performance booster and junk files cleaner apps?

 

I asked all questions which is running Malwarebytes Free for personal use only.

[exile360]

Greetings,

The Premium version of Malwarebytes is an antivirus replacement, meaning that if you have the paid version with real-time protection then you don't have to run an antivirus, however this is not true of the free version so if you're only using the free version of Malwarebytes then you do still need an antivirus.

Malwarebytes purchased Windows Firewall Control formerly by Binisoft.  It is now available for free here and may be used with Malwarebytes Premium or with any other antivirus if you like.

Malwarebytes does not create performance boosters or junk cleaners for a couple of reasons.  First, many of these types of applications are basically nothing but snake oil and don't actually impact system performance, especially in any positive way (i.e. they don't make systems run faster, and sometimes do more harm than good).  As for junk file cleaners, there are plenty of free tools that serve this purpose already such as TFC and CCleaner so Malwarebytes focuses on killing malware rather than applications that aren't related to security.

Malwarebytes often detects many PC performance booster applications as PUP (Potentially Unwanted Programs).  You can find out more about why at the following links:

https://www.malwarebytes.com/pup/ 
https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/
https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/
https://blog.malwarebytes.com/threats/registry-cleaner/
https://blog.malwarebytes.com/puppum/2016/12/why-malwarebytes-detects-pc-pitstop-as-potentially-unwanted/
https://blog.malwarebytes.com/malwarebytes-news/2017/11/winning-the-battle-against-pups-on-your-computer-and-in-u-s-district-court/
https://blog.malwarebytes.com/puppum/2016/07/pup-friday-cleaning-up-with-5-star-awards/
https://blog.malwarebytes.com/puppum/2016/08/systweak-redux-our-response/

The following links should also prove informative as to why many of these types of items are classified as PUP by Malwarebytes:

https://decentsecurity.com/#/registry-cleaners/ 
https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities
https://www.howtogeek.com/171633/why-using-a-registry-cleaner-wont-speed-up-your-pc-or-fix-crashes/
https://www.howtogeek.com/162683/pc-cleaning-apps-are-a-scam-heres-why-and-how-to-speed-up-your-pc/
https://lifehacker.com/5482701/whats-the-registry-should-i-clean-it-and-whats-the-point
https://lifehacker.com/5033518/debunking-common-windows-performance-tweaking-myths
https://www.howtogeek.com/198758/never-download-a-driver-updating-utility-theyre-worse-than-useless/
https://www.howtogeek.com/233115/the-only-way-to-safely-update-your-hardware-drivers-on-windows/
http://www.tomshardware.com/answers/id-1857635/good-free-automatic-driver-updater.html
http://www.tomshardware.com/answers/id-1974868/trusted-driver-updater.html
https://www.howtogeek.com/172839/10-types-of-system-tools-and-optimization-programs-you-dont-need-on-windows/
https://computer.howstuffworks.com/question1751.htm
https://lifehacker.com/5415355/do-you-really-need-more-than-4gb-of-ram
https://www.tomshardware.com/reviews/memory-module-upgrade,2264.html
https://www.howtogeek.com/128130/htg-explains-why-its-good-that-your-computers-ram-is-full/
https://techlogon.com/2011/03/28/will-more-ram-memory-make-my-computer-faster/

Edited November 5, 2018 by exile360

[lock]

7 hours ago, Gaurav27 said:

so can free version also block virus and malware if accidentally run?

If you are asking this question, my advice: stay with Avast! free

[lock]

"Can I replace my antivirus with Malwarebytes for personal use?"

Mr. David H. Lipman provided a comprehensive answer to this question here:

In a nutshell , the answer is NO, MALWAREBYTES CANNOT REPLACE AN ANTIVIRUS

• MBAM is incapable of dealing with File Infecting Viruses
• MBAM is incapable or removing malicious code that has been prepended, appended or cavity injected into a legitimate file
• MBAM does not target script malware files via signatures
• MBAM is not a historical anti malware solution.

So exile360, what is so difficult to understand????

[exile360]

The information posted by David H Lipman, while technically accurate, does not actually apply to modern threats and only indicates the capabilities and limitations within the Malware Protection/scan engine components of Malwarebytes and came from conversations years ago between David H Lipman and Bruce Harrison, one of the lead Researchers at Malwarebytes long before most of the current primary protection layers in Malwarebytes existed/had been integrated (back in the Malwarebytes Anti-Malware 1.x days).

Since that time, many components have been added to Malwarebytes to account for current threats not covered by the Malware Protection component, in particular Exploit Protection which is a far more effective, signature-less and behavior based means of detecting malicious scripting behaviors and threats (since signature based detection of such attacks is not only inefficient, but completely trivial to circumvent; so much so that anyone, even I, who am not a programmer nor a malware author, could easily rewrite a script or encrypt it to bypass such detection methods; this is one of the reasons Malwarebytes chose to seek out a more effective means of stopping such attacks and integrated the Exploit Protection component to begin with).  This also makes Malwarebytes far more effective against file-less malware attacks which would not be detected by signature based anti-scripting solutions.

As for file infectors, they have not existed in the wild for several years now and are extremely unlikely to make a return as they are not profitable and are limited in scope to attacking Windows systems only, unlike many other more generic threat types such as exploits which have the ability to infect virtually any platform (including mobile devices/operating systems as well as Macs and even Linux as long as the targeted application/browser/plugin/extension is present on the system).

With regards to hijacking and injecting malware (i.e. Trojans etc.), those too are covered by the signature-less behavior based protection in the Exploit Protection layer, and again, is far more effective because of it.

I would also argue that Malwarebytes not being a "historical anti malware solution" is actually to its benefit, not a detriment because it doesn't waste resources and potentially reduce system performance by targeting threats that no longer exist and are likely to never re-emerge (in fact, to this day I've never known of a single threat that ever made a direct comeback in any form that would be detected by the historical databases used in any antivirus after it had originally disappeared from the wild, though I invite you to cite some examples if you know of any).

Still, if you are not confident in Malwarebytes as the only protection for your system then you are welcome to run an antivirus alongside it (or pretty much any other security solution(s)) as Malwarebytes is designed to coexist with other protection software in real-time should the user desire to run it that way.

You can also refer to the information in this FAQ entry (which incidentally, I happened to link to in the very thread/topic you referred to above in a response of my own to that very thread back then) as well as the information here to understand how Malwarebytes works as a layered defense solution to stop attacks during multiple phases of the kill chain rather than relying strictly on the limited, more reactive/less proactive (and therefore less effective) traditional signature based means of detection.  Frankly, malware adapts and changes far too rapidly these days for a signature based approach to remain effective at preventing infection, and this is why others throughout the security industry, including the vast majority of AVs, have adopted methods that more closely resemble those used by Malwarebytes rather than Malwarebytes needing to adopt their more traditional signature based methods of detection.  This is why you will now see signature-less, cloud, behavior, anti-exploit and similar protection layers included in many modern AVs as well as web filters/block lists, similar to the technology Malwarebytes has had for years.  Today's threat landscape is made up primarily of exploits, file-less malware, PUPs (Potentially Unwanted Programs; a category where Malwarebytes has always been a leader by the way), scams (tech support scams, phishing and the like) and the occasional password stealer as well as a small handful of rootkits, all of which are targeted by one or more of the layers in Malwarebytes.  There isn't a category of existing threat known that Malwarebytes is incapable of targeting with at least one if not multiple layers of the protection it provides, however if you know of any examples of any live in-the-wild threat categories/types that are not covered, you are certainly welcome to list them (and no, there aren't any file infectors in-the-wild today, though technically speaking, Malwarebytes is just as capable of detecting these as the AVs are, and the AV industry stopped trying to disinfect such threats with their primary engines long ago; this is why even top vendors like Kaspersky and Symantec among many others had to design specific separate removal tools for the most recent file infectors Sality and Virut because their primary AV engines were not capable of disinfecting files which had their code modified by these threats, and even then, disinfection was unreliable, particularly for Virut since it had a known bug where it would actually corrupt/overwrite some of the infected files' code, rendering proper functionality of the files after disinfection impossible so those files had to be replaced by clean backups or by reinstalling Windows and/or the infected program anyway).