What does Malwarebytes detect and not detect?

[Bill7]

Hi,

I am a new user of Malwarebytes. I just have some questions:

(1) By Anti-Malware, does this mean that MalwareBytes can detect everything except viruses?

(2) I download alot of PDF's from the Web? As you know, PDF's exploits are becoming an increaing popular attack vector.

Does MalwareBytes detect threats inside PDF files.

(3) Also, I read from a review that Malware bytes is weak in rootkit detection and keyloggers. Is that every one elses experience.

(4) If anyone might be able to list the honest strength's and weeknesses of the MalwareBytes product (in terms of what categories of threats it detects and doesn't detect), I can target my use of MalwareBytes for its strengths, and use other security software to provide coverage for the other areas.

Please post detailed answers if possible.

Thanks & Regards,

Bill

[GT500]

(1) By Anti-Malware, does this mean that MalwareBytes can detect everything except viruses?

Yes and no. Malware is a general term for all malicious software, so that does include viruses. What we like to focus on are the things that anti-virus software has the most trouble with, and thus if anti-virus software is already good at detecting something then it probably won't wind it's way into our database.

(2) I download alot of PDF's from the Web? As you know, PDF's exploits are becoming an increaing popular attack vector.

Does MalwareBytes detect threats inside PDF files.

If the PDF's contain malicious code that we have either seen before, or have written heuristics for, then we will detect it. I am not certain as to the frequency that malicious PDF's are reported, but such things often contain code from trojan infectors that we already detect.

(3) Also, I read from a review that Malware bytes is weak in rootkit detection and keyloggers. Is that every one elses experience.

We are no more weak than anyone else. It really just depends on where the reviewers get their samples from to test with. Each reviewer is going to have a different set of samples to test with, an thus will see different test results. Our software has been pretty good against the TDSS rootkit in general, and I would believe most others as well. Typically the rootkits that kill our software also kill the software from pretty much everyone else.

As far as keyloggers, I am not aware of any shortcomings in detecting them. I pretty much never see issues where they were not removed.

(4) If anyone might be able to list the honest strength's and weeknesses of the MalwareBytes product (in terms of what categories of threats it detects and doesn't detect), I can target my use of MalwareBytes for its strengths, and use other security software to provide coverage for the other areas.

Our strength is against malicious software that others have trouble with. We don't expect to be able to remove everything that your anti-virus can, but we strive to kill the nastiest stuff out there. If it gets past your anti-virus, then that is where we come in.

Our weakness is about the same as everyone else's. There are certain modern rootkits that can block our software, but they block every else's software as well. The developers and researchers are working on ways of preventing this, but I cannot mention any of those ways here.

[Swandog46]

If the PDF's contain malicious code that we have either seen before, or have written heuristics for, then we will detect it.

I will clarify this a little. We do not focus so much on vulnerabilities in third-party software, such as Adobe Acrobat, like the PDF exploits you mentioned. That is something that antivirus vendors are usually quite good at. However, we certainly do detect the payloads and remote code execution that such exploits lead to. Antivirus often misses at this stage.

As for keyloggers and rootkits, in my opinion we are among the best against these threats. We have detected and removed a number of in-the-wild rootkits that other vendors simply have not. For weeks we were the only major vendor detecting this threat, and for even longer we were the only vendor who could remove the TDSS rootkit.

We carve out our niche by looking at what antivirus detects and removes successfully, and then explicitly going after the rest. We try to make it as easy as possible for you to couple us with an antivirus for a full security solution.

[GT500]

I think Doug said it better than I did.

[marktreg]

Excellent info from GT500 and Swandog46. I am going to tell all my customers to look at this thread.

I recently used Malwarebytes to remove 159 rogue files from a customer's computer that a fully updated ESET Smart Security 4 did not even know were there. And one of the infections was a glaringly obvious rogue antimalware application that was flashing popups in your face about every 30 seconds. OK, I had to kill the active process first to get Malwarebytes to run. But, after that, Malwarebytes did an excellent job of removing all the rogue files. Also, more to the point, if Malwarebytes resident protection had been running on that computer, that rogue antimalware application would never have been able to infect that computer in the first place.

A good antivirus + a good firewall + Malwarebytes resident protection on your computer is an excellent safeguard against today's nasty malware.

I am definitely going to enquire about getting a Malwarebytes Technician's License for myself. And I am also going to enquire about how to become a Malwarebytes reseller.

[Bill7]

Thank you to all who replied.

This one set of posts really helped educate me (and probably many other readers) about Malwarebytes.

I'm trying to decide between purchasing Malwarebytes or Super Anti-Spware. Super Anti-Spyware offers a lifetime license where you pay only once in the beginning, and then you get lifetime signature and application updates for the life of the product. For Malwarebytes, I didn't see a license time limit (like 1 year), but its not really clear whether a paid license to Malwarebytes will expire, or if it might entitle you to lifetime updates of signatures, or lifetime updates both signatures and application releases. Please clarify this for me.

Thanks & Regards,

Bill

[AdvancedSetup]

Hello Bill,

Yes, for the Home user Malwarebytes' Anti-Malware is also a lifetime licensed purchase. All future program updates and database updates are free for lifetime. Technician and Corporate require a yearly renewal fee.

[Bill7]

Thank you to all who replied.

This one set of posts really helped educate me (and probably many other readers) about Malwarebytes.

I'm trying to decide between purchasing Malwarebytes or Super Anti-Spware. Super Anti-Spyware offers a lifetime license where you pay only once in the beginning, and then you get lifetime signature and application updates for the life of the product. For Malwarebytes, I didn't see a license time limit (like 1 year), but its not really clear whether a paid license to Malwarebytes will expire, or if it might entitle you to lifetime updates of signatures, or lifetime updates both signatures and application releases. Please clarify this for me.

Also, I have 4 computers at home (for my wife and kids), would 1 license be sufficient, or would I have to buy 4 licenses?

Thanks & Regards,

Bill

[AdvancedSetup]

Hi Bill,

Each computer requires it's own license. Though there is a discount for multiple purchases.

[Bill7]

Hello Bill,

Yes, for the Home user Malwarebytes' Anti-Malware is also a lifetime licensed purchase. All future program updates and database updates are free for lifetime. Technician and Corporate require a yearly renewal fee.

Thank you. I have 4 computers at home (for my myself, my wife, and kids). Would I license be sufficient, or would I need to buy 4 licenses?

[AdvancedSetup]

Please see above. Each computer would require a license.

[exile360]

I have 4 computers at home (for my myself, my wife, and kids). Would I license be sufficient, or would I need to buy 4 licenses?

You would need 4, however, should you ever replace one of the computers you can move a license to a new PC so you never lose your lifetime license .

[Bill7]

Thank you.

I have a rather old computer at home. In the next month or two, I'm planning on buying a new computer.

If I bought Malwarebytes now, and installed it on the old computer, what would be the procedure to move the licnese to the new computer?

Or, is it better for me to wait until I buy the new computer before I buy Malwarebytes?

Thanks,

Bill

[AdvancedSetup]

Very easy to transfer the license. Just keep a copy of your ID/KEY for each computer and you can run the following to remove it from the old computer.

1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.

2. Restart your computer (very important).

3. Download and run this utility. mbam-clean.exe

4. It will ask to restart your computer (please allow it to).

Then just install MBAM on the new computer and Register it with the ID/KEY from the system you just removed it from.