Jump to content

Is Malwarebytes enough? Or do I need AV as well


Anthony H
 Share

Recommended Posts

Just wondered - we're Avast resellers and love the general all-round protection it gives us. But we use Malwarebytes free as it does seem to detect some of the stuff that Avast doesn't. My question is: If we buy the paid-for version of Malwarebytes, does that offer us all the protection of an antivirus too? Do we need both? or should we dispense with all AV programs and just use malwarebytes?

I can't seem to find anywhere on your site where it describes how malwarebytes is "positioned" as it were.

Thanks

Anthony

Link to post
Share on other sites

Hi, B)

MalwareBytes is defined as an anti-malware program : it detects and removes malwares, that it to say malicious programs and files that some antivirus don't detect or can't fully remove.

You can (and should) have an antimalware program as well as a resident antivirus protection. Both are complementary, even if some malwares are detected by antivirus, and some virus can be detecteed by antimalware programs. Both database types are different and don't look for the same things, there are common detections, but the common part is not really substantial.

Where an antivirus stops detecting things, an antimalware program will take over. You need an antivirus, and an antimalware, to have a second line of defense.

Link to post
Share on other sites

Hi, B)

MalwareBytes is defined as an anti-malware program : it detects and removes malwares, that it to say malicious programs and files that some antivirus don't detect or can't fully remove.

You can (and should) have an antimalware program as well as a resident antivirus protection. Both are complementary, even if some malwares are detected by antivirus, and some virus can be detecteed by antimalware programs. Both database types are different and don't look for the same things, there are common detections, but the common part is not really substantial.

Where an antivirus stops detecting things, an antimalware program will take over. You need an antivirus, and an antimalware, to have a second line of defense.

Thanks that clears things up for me! The thing is that for most of our customers, they couldn't care less whether it's a virus, worm, trojan or malware. If it's bad and affecting their computer in any way, they want it removed. In practice, I find that malwarebytes' removal process is first class though. We've applied to be resellers of malwarebytes and will be testing installations with Avast AND malwarebytes and hopefully selling these are a hard-to-beat combination....

Link to post
Share on other sites

As a long time user of MalwareBytes I like to think about Layered Protection.

No anti virus application protects 100% and MalwareBytes adds quite a bit more protection.

I like WinPatrol as a Security Monitor as it checks a few more things:

http://www.winpatrol.com/features.html

I like using a HOSTS file from MVPS:

Blocking Unwanted Parasites with a Hosts File

http://www.mvps.org/winhelp2002/hosts.htm

Link to post
Share on other sites

+ an USB security soft to block any threats via USB drive.

My choice is USB Disk Security.

Yesh, i use that on my PC's as well. I dig the idea that it creates AUTORUN.INF folders in all your disk drives,

and removable drives, that cant be deleted even if you do a Shift+Del.

Also, DefenseWall 2.56 has default settings to run ALL usb drives as 'untrusted', so thats awesome.

Link to post
Share on other sites

+ an USB security soft to block any threats via USB drive.

My choice is USB Disk Security.

At $55.00 it is too expensive for me as I am retired and on a pension so I have to be frugal with my money as food and rent come first.

DefenseWall will cost me $34.44CAD.

So I find free alternatives that work for me like Autorun Eater from Old McDonald's Farm and Outpost Firewall Free:

http://oldmcdonald.wordpress.com

http://free.agnitum.com

Link to post
Share on other sites

Actually in our home the desktop is shared by 4. (I am one of the three).

Each one of us have multiple pendrives & ext. hdds.

& we get infected often through these.

Then we decided between infections & $55 (lifetime).

Finally $55 won & it's doing a good job.

I don't use my laptop for browsing, because I don't like technicians handling it if it gets infected. Moreover using datacard/usb modem here is costly, as the pulserate is per minute basis.

Thanks for your links.

Link to post
Share on other sites

So I find free alternatives that work for me like Autorun Eater from Old McDonald's Farm and Outpost Firewall Free:

http://oldmcdonald.wordpress.com

http://free.agnitum.com

I actually also have disabled autorun on all my drives. Very effective in preventing malware from automatically running from infected USB drives.

Source:

http://www.publicsafety.gc.ca/prg/em/ccirc...08-004-eng.aspx

To block all autorun.inf files from executing, which can be applied as a global policy by changing the registry keys, perform the following step:

1. Start Notepad.

2. Copy the following text below and paste it into Notepad. Everything between the square brackets should be on one line.

3.

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]

@="@SYS:DoesNotExist"

4. Save the file with the name NoAutoRun.reg. Make sure to include the .reg extension.

5. Right click on your .reg file and choose "Merge". Confirm any warning prompts to add the information to the registry. Alternately, you can use the following command "REG IMPORT NoAutoRun.reg".

6. Restart computer.

Changing this registry key will prevent any part of the autorun.inf file to execute, even if the computer has seen the device before the registry change and has it cached in the MountPoint2 key. It also disables the autorun features without causing other negative side effects

Link to post
Share on other sites

Also very effective and free utility that i recommend is Panda USB Vaccine

Its available for free download, link below.

Source:

http://www.pandasecurity.com/homeusers/downloads/usbvaccine/

Panda USB Vaccine is a free solution designed to protect against this threat. It offers a double layer of preventive protection, allowing users to disable the AutoRun feature on computers as well as on USB drives and other devices:

Vaccine for computers: This is a

Link to post
Share on other sites

Yes it's cat & mouse game.

There's more than one way to skin a cat (idiom) and

Build a better mousetrap and the world will beat a path to your door.

Ralph Waldo Emerson

Group Policy Editor is not available in XP Home if I remember correctly.

Link to post
Share on other sites

B) Love this utility, noob here so saying hi too <waves>

If we buy this and use the resident options of mbam (I have been using it for a while to help a lot of people solve their problems and recommending it too), AND we are using Microsoft Security Essentials (which is anti-virus and the old defender (anti-spyware) combined (I think)) - Are there any resident conflicts with MSE?

Personally, I have been chewing this over for a while, I want to support the programmers (by paying for it obviously), but I also believe not having it resident is an advantage... while not active I consider it less likely to be detected by malware trying to get on my systems and therefore more effective when I launch it for a periodic surprise scan.

Google are recommending mbam too if you didn't know - http://www.google.com/support/websearch/bi...amp;answer=8091

Link to post
Share on other sites

If we buy this and use the resident options of mbam (I have been using it for a while to help a lot of people solve their problems and recommending it too), AND we are using Microsoft Security Essentials (which is anti-virus and the old defender (anti-spyware) combined (I think)) - Are there any resident conflicts with MSE?

There are no issues with both on Vista x64. I was one of the beta testers for MSE, and it worked very well together with MBAM. I was also quite impressed with the first version of the beta, but I need to do some more testing on the current version of MSE just to make sure that it's still as awesome as it was.

Link to post
Share on other sites

I think Anthony H (who started this topic) is busy with some other work.

YoKenny1:Thanks.

Sorry yes, I've been away at work all day!

I carry a "utilities" USB stick when visiting customers and I once did get caught - my stick got infected and I ended up infecting every PC in my house mainly because I was so big-headed I couldn't believe I had a virus!

Anyway what I do now is to carry a stick with a write protect switch, and a stick which is basically an SD card in a small-ish USB adapter. SD cards have write protect switches.

Also, my main PC and laptop I use for work, are both Ubuntu-based, so I'm unlikely to get infected with a USB stick at any rate!

Thanks for all the support on this thread, I really appreciate the feedback and will be giving some of these things a try.

Anthony

Link to post
Share on other sites

There are no issues with both on Vista x64. I was one of the beta testers for MSE, and it worked very well together with MBAM. I was also quite impressed with the first version of the beta, but I need to do some more testing on the current version of MSE just to make sure that it's still as awesome as it was.

Cool, now I know I can recommend the full version without fear of conflict with windows defender (which I think used to be webroot antispyware by sunbelt software until MS bought it - initially they made a bit of a botch job after taking it over but since it has become quite stable - and now integrated into MSE).

I think I will be buying now aswell, but just to support, prefer having it as surprise heavy forces to remove any sneak-throughs and the .exe re-named to counter its launch being prevented. Malware programmers I think have fast realised mbam is a major threat to their attempts.

Link to post
Share on other sites

.....(which I think used to be webroot antispyware by sunbelt software until MS bought it - initially they made a bit of a botch job after taking it over but since it has become quite stable - and now integrated into MSE)

Sorry it was Giant antispyware... http://www.terryscomputertips.com/computer...rspy-review.php

"Before using CounterSpy, I was using Microsoft Antispyware, which is also descended from Giant Anti-Spyware. Sunbelt Software licensed the technology from Giant before Microsoft purchased Giant."

Link to post
Share on other sites

... Malware programmers I think have fast realised mbam is a major threat to their attempts.

Yes they have, and in most cases that I come across renaming the EXE doesn't even help. Especially the one that hijacks the way EXE files launch, and prevents any security software from working. That one is easy to fix though. ;)

Link to post
Share on other sites

Yes they have, and in most cases that I come across renaming the EXE doesn't even help. Especially the one that hijacks the way EXE files launch, and prevents any security software from working. That one is easy to fix though. ;)

I have had great success renameing the file from *.exe to *.com and that seems to help in a lot of cases.

Link to post
Share on other sites

I have had great success renameing the file from *.exe to *.com and that seems to help in a lot of cases.

Yea, that bypasses the exefile hijack. So does a BartPE CD. Which one I choose depends on what I'm doing (BartPE CD's don't work too well on the helpdesk).

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.