Jump to content

Why Malwarebytes


Chakotay2

Recommended Posts

Hi,

I know that I need to run (or should anyway) Malwarebytes in addition to a anti-virus program (such as AVG, MS Security Essentials, etc).

Can anyone please explain why I have to run two? I love AVG & Malwarebytes together but it's tough for me to understand the excact differences between the two... seems the overlap a bit or are redundant in description, although I know in practice they seem to highly compliment each other. (I am not suggesting I would ever run two anti-virus programs together, just this combo)

Allen

Link to post
Share on other sites

Guest garybear

Hi! 6 more posts and I get a edit button. Then I will be able to add to my other posts. I have Avira and Malwarebytes running together. That's a great pair and there are no conflicts at all. I know there are some programs that say they do it all, but this is the way I figure that. I want the best antivirus and the best malware. No matter which forum you go on , Malwarebytes is always used to scan your PC for problems you are having with your PC. It's the first thing they ask you to do"scan your PC with Malwarebytes".My advice is buy Malwarebytes and run it with Avira or Avast and you have the best of both, and you probably won't ever need any help getting the nasties off your PC. Then get a good 3rd party firewall. I like Online Armor. If you really want to feel secure; make a back up image of your operating system(C Drive) at least once a month. I use Macrium Reflect; its a free program. The only worry I have is my PC is 6 years old, and I never know when my mother board will quit.I'll just get a whole new PC. Sorry I'm so windy , but this is very important stuff, and needs to be explained.

Garybear

Link to post
Share on other sites

Hi! Antivirus and antimalware are two very different things. AVG protects you from viruses. Malwarebytes protects you from adware. You need to have both types of protection.

http://answers.yahoo.com/question/index?qi...16021516AAQ77i6

Not exactly. Malwarebytes' protects against all kinds of malware. The difference is how much. Malwarebytes' is a complementary software that aims to protect against threats your antivirus misses. It will protect against adware, spyware, rootkits, viruses, worms ect, but at a limit.

Link to post
Share on other sites

Hi! 6 more posts and I get a edit button. Then I will be able to add to my other posts. I have Avira and Malwarebytes running together. That's a great pair and there are no conflicts at all. I know there are some programs that say they do it all, but this is the way I figure that. I want the best antivirus and the best malware. No matter which forum you go on , Malwarebytes is always used to scan your PC for problems you are having with your PC. It's the first thing they ask you to do"scan your PC with Malwarebytes".My advice is buy Malwarebytes and run it with Avira or Avast and you have the best of both, and you probably won't ever need any help getting the nasties off your PC. Then get a good 3rd party firewall. I like Online Armor. If you really want to feel secure; make a back up image of your operating system(C Drive) at least once a month. I use Macrium Reflect; its a free program. The only worry I have is my PC is 6 years old, and I never know when my mother board will quit.I'll just get a whole new PC. Sorry I'm so windy , but this is very important stuff, and needs to be explained.

Garybear

Please note that posting just to get a post count is against the rules. Moderators will delete them and they won't count.:)

Link to post
Share on other sites

Guest garybear

H i friend! I was only joking. Please cut the old man a little slack. No need to be so serious. Loosen up a little and enjoy life. If we can't havw a little fun and be silly , what good is living. Besides I only lact a couple and I'm in no hurry. I'm doing just fine the way it is.. I've seen a lot od silly and noncence posts in my short time on the forum. If I dis have a edit button, I would correct this post :) for spelling errors.

Please note that posting just to get a post count is against the rules. Moderators will delete them and they won't count. :)
Link to post
Share on other sites

And could someone please explain to me on how and why PDF files can be malicous? :)

Most current vulnerability: http://www.adobe.com/support/security/advi.../apsa10-02.html

Most often I believe it has to do with an exploitation of the JavaScript in Adobe Reader.

An example: http://blogs.adobe.com/psirt/2009/04/updat...ader_issue.html

Screen shot of where to find it and disable if you choose (as outlined in the link above):

post-13640-1284945111_thumb.jpg

Link to post
Share on other sites

Hi! 6 more posts and I get a edit button. Then I will be able to add to my other posts. I have Avira and Malwarebytes running together. That's a great pair and there are no conflicts at all. I know there are some programs that say they do it all, but this is the way I figure that. I want the best antivirus and the best malware. No matter which forum you go on , Malwarebytes is always used to scan your PC for problems you are having with your PC. It's the first thing they ask you to do"scan your PC with Malwarebytes".My advice is buy Malwarebytes and run it with Avira or Avast and you have the best of both, and you probably won't ever need any help getting the nasties off your PC. Then get a good 3rd party firewall. I like Online Armor. If you really want to feel secure; make a back up image of your operating system(C Drive) at least once a month. I use Macrium Reflect; its a free program. The only worry I have is my PC is 6 years old, and I never know when my mother board will quit.I'll just get a whole new PC. Sorry I'm so windy , but this is very important stuff, and needs to be explained.

Garybear

Here is an important step you should take .... Use Firefox with the "noscripts" add-on (all free)

Link to post
Share on other sites

Here is an important step you should take .... Use Firefox with the "noscripts" add-on (all free)

Then you will have to keep upgrading Firefox and the "noscripts" add-ons as they seem to change daily fixing the problems they introduce.

Mozilla goes to great lengths to mitigate the symptoms of this problem by establishing all kinds of protective barriers that help users avoid unwanted and unsafe extensions, but little can be done to address the problem itself. Extensions still regularly break each other by accident and mess up the browser in all kinds of unintended ways. This is a well-known problem that has been explored elsewhere in detail. A more pernicious problem emerges when extensions break each other intentionally as a result of conflicting interests and ideologies.
http://arstechnica.com/open-source/news/2009/05/mozilla-ponders-policy-change-after-firefox-extension-battle.ars
Link to post
Share on other sites

Then you will have to keep upgrading Firefox and the "noscripts" add-ons as they seem to change daily fixing the problems they introduce

An up to date (completely patched) system is first line of defense. The way Security Products are kept updated, essentially the same rule applies to all installed software!

Link to post
Share on other sites

Guest garybear

Hi Haider! I'm still learning about this forum. Is Genaeral Chat the only place that you can be a little silly and crack a joke? I think I have observed humor in other places also. I don't think you have to be serious all the time, but I'll try my best to straighten up. Thanks for your post. PS I have my 50 posts and I never posted just for that reason.

Link to post
Share on other sites

Hello garybear:

With due apologies and no offense, mentioned link was just an example, what I wanted to convey was, we have to restrict ourselves to the topic, so the topic starter should be able to get a precise answer, moreover clutter could be avoided this way

If necessary, one may always start his or her own topic :P

Link to post
Share on other sites

Guest garybear

Hello Haider! I understand exactly what you meant. No offense was taken my friend. I'm a little windy at times, and need to make my post more precise, and I do tend to get off topic, but I will try to do better.

Garybear

Link to post
Share on other sites

I do not know how or why, but I have an exploited one in my collection. Upon opening it will infect your system.:)

It operates by exploiting the scripting available in Adobe Reader/PDF files, the same can happen in MS Office documents and countless other file formats.

Currently this is something that Malwarebytes' Anti-Malware does not deal with, though we do often block the IP addresses of the websites that host such malicious files which will certainly prevent the infection, but detecting the malicious code within the documents and checking for malicious scripting is something that we leave up to antivirus vendors as it's something they've been doing for a long time. I suspect that adding such capabilities into MBAM would likely increase dramatically the probability of conflicts between MBAM and an installed AV which could result in either slower system performance, the inability to remove the file if it is detected by the AV and MBAM at the same time, or both.

I believe this is the same reason MBAM does not check emails coming to your inbox through programs like Outlook, Windows Mail and Thunderbird as generally AV's already do this themselves.

Link to post
Share on other sites

  • 2 weeks later...

Malwarebytes actually has 2 ways to block malware before it is known. New malware frequently comes from known malware networks so IP blocking can block it before the new malware has even been coded. Our definitions work much the same way and are designed to detect new malware before it officially becomes known to us.

If you have to have a label I guess predictive and heuristic definitions is a decent description. For obvious reasons we wont be getting very specific as to the "how".

Link to post
Share on other sites

Guest cavehomme
Malwarebytes actually has 2 ways to block malware before it is known. New malware frequently comes from known malware networks so IP blocking can block it before the new malware has even been coded. Our definitions work much the same way and are designed to detect new malware before it officially becomes known to us.

If you have to have a label I guess predictive and heuristic definitions is a decent description. For obvious reasons we wont be getting very specific as to the "how".

OK that's insightful, thanks. My biggest concern is potentially getting hit by Zeus, or a new variation of it. So much so that I decided to do my online banking using linux, at least until I understand more about Zeus circumvents security. I also use Comodo with HIPS and proactive and sandbox enabled, Firefox with Noscript, and even Rapport (bank wants it to be used), and all atop Windows 7. Call me paranoid, but something still bothers me about this family of malware.

Link to post
Share on other sites

It operates by exploiting the scripting available in Adobe Reader/PDF files, the same can happen in MS Office documents and countless other file formats.

Currently this is something that Malwarebytes' Anti-Malware does not deal with, though we do often block the IP addresses of the websites that host such malicious files which will certainly prevent the infection, but detecting the malicious code within the documents and checking for malicious scripting is something that we leave up to antivirus vendors as it's something they've been doing for a long time. I suspect that adding such capabilities into MBAM would likely increase dramatically the probability of conflicts between MBAM and an installed AV which could result in either slower system performance, the inability to remove the file if it is detected by the AV and MBAM at the same time, or both.

I believe this is the same reason MBAM does not check emails coming to your inbox through programs like Outlook, Windows Mail and Thunderbird as generally AV's already do this themselves.

Thanks for the explanation exile.:(

@cavehomme

What antivirus do you use?

Link to post
Share on other sites

OK that's insightful, thanks. My biggest concern is potentially getting hit by Zeus, or a new variation of it. So much so that I decided to do my online banking using linux, at least until I understand more about Zeus circumvents security. I also use Comodo with HIPS and proactive and sandbox enabled, Firefox with Noscript, and even Rapport (bank wants it to be used), and all atop Windows 7. Call me paranoid, but something still bothers me about this family of malware.

Security and the idea of "enough" is always a tough question. A single user system that is not used for anything that involves personal info (for example just surfing and youtube) and the user does not mind the occasional factory restoration could get away with nothing more than keeping windows and all web facing apps up to date. Once you add in email and sites that require registration and login though this no longer would be "enough".

Some advanced users enjoy security software that informs them any time a new application is run or a system component changes but this same software is actually very dangerous in less experienced hands.

Alternate OS installs (linux as you mentioned) or dedicated OS installs can also be used to completely isolate certain online actions where you want to be completely safe. This also gets into an area where the average user either wont understand or does not want spend lots of extra time on security.

All in all the average user will be perfectly safe with the following setup:

Reputable anti-virus

Reputable anti-malware

Some sort of web access control (MBAM Pro has bi-directional IP blocking integrated)

Limited user account for anything that does not require Admin rights

Keeping windows and all web facing applications up to date (java, acrobat, flash, quicktime .......)

General safe surfing (I define this not as avoiding all potentially "dangerous surfing" but rather understanding what kind of surfing can be trouble and using your head about precautions and what you are clicking "yes/install" on.

If you want to take a step further, have more advanced knowledge on the subject and don't mind a little extra work the following I also do not consider over the top additions:

Sandboxing browsing sessions (keep in mind that an infected session can still compromise your personal info if for example you head to a banking site last, isolate safe and unsafe sessions)

Script limitations (you mentioned noscript)

Anti-executable (only executables you whitelist run without a prompt)

Behavior blocking (you also mentioned this)

Install reversal software (I use total uninstall for this)

At this point barring intentionally running something bad and then clicking "allow" on all of the prompts likely to follow you should be bullet proof.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.