BleepingComputer.com: Difference between Spybots & Destroy and Mbam

Hello Bleepingcomputer members,


I have a question about Mbam and Spybots & Destroy.

What is my question than? Well, when you run Spybots & Destroy than the program search for spyware and give you the possibility for delete the spyware.
When you run Mbam, than Mbam do the same just like Spybots & Destroy.
In other words, those programs removed both spyware.
On this forum saw I a topic where the Author descripted what mallware is.
What is mallware? Mallware is a program that has as content spyware.
So spyware is mallware.
If you can see are the programs confused.
So that is the reason that I made this topic with the question what is the difference between Spybots and Mbam.
I hope that there is someone that can explain me, what the difference is.
In waiting for that, I stay with the best regards and thank you for your time.

Read more here

SpyBot S&D http://www.safer-networking.org/en/index.html (freeware - XP/Vista)
Note: due to poor testing results this product is no longer recommended.

Hello,

I'm moving this topic to the AntiVirus, Firewall and Privacy Products and Protection Methods forum which is more suited to your question.

malware stands for malicious software which includes much more than spyware.

As for spyware specifically, different folks have different ideas of what constitutes spyware. Personally, I have both SuperAntiSpyware and MalwareBytes AntiMalware on my computer.

Orange Blossom

Orange Blossom, on 30 December 2010 - 10:17 AM, said:

Thank you Sir or Madam,

I do know enough now.
So it is not necessary that I run 2 Spyware\mallware programs.
In my honestly must I saying that I had an idea that it was not necessary for run 2 Spyware\Mallware programs, but I did not for 100 percent sure, so I tought, know you what, I ask this on Bc, now I do know the difference between those 2, there are not, the one call it Spyware & Destroy and the other Mbam, every program maker has\her own rules for let working and tracing Spyware.

Quote

I don't agree with that statement. Malware comes in so many forms that multiple, overlapping tools are needed to maximize your protection.

Each program is different. One may find something another didn't find.

Like Orange Blossom, I have MBAM and SuperAntiSpyware installed. By choice, neither runs on start up, but I do make use of the option to scan a specific file when needed.

At least once a week, I use both of them to run full system scans.

Edit to add: when you say "run" do you mean have them set to run in the background and alert you to potential harmful activity OR "run" as in an on-demand scanner, where you click the program icon, open it up, update definitions and tell it to scan your system?

This post has been edited by Queen-Evie: 30 December 2010 - 04:58 PM

Can I assume that both of you are using the paid versions of these packages? I have MBAM installed (free version), and I've just downloaded SuperAntiSpyware for a later install, as soon as I receive the "go-ahead" to install new apps when my current malware issue is resolved.

I ask because while the free versions seem to be quite good, I'm wondering if it's worth the investment (even though both are relatively inexpensive), of purchasing licenses for the full versions.

Your assumption, in my case anyway, is not right.

I do have the paid version of SAS, but I actually don't use that aspect as it took way too many resources on my 256 mb RAM computer. I use it only as an on-demand scanner.

~ OB

What is Malware?
What is Spyware?
What is Adware?
What is Rogue software?
What are Potentially Unwanted Programs (PUPS)? - McAfee White Paper: Potentially Unwanted Programs

What is a Worm?
What is a Backdoor Trojan?
What is a Virus?

• What is a File infecting virus?
  
• What is a Boot sector virus?
  
• What is a Polymorphic virus?
  
• What is a Metamorphic virus?

Each security vendor uses their own naming conventions to identify various types of malware: Understanding virus names

When compared to other security tools like Spybot S&D and Ad-Aware, the advantage of Malwarebytes Anti-Malware (MBAM) is that it uses a proprietary low level driver similar to some anti-rootkit (ARK) scanners to locate hidden files and special techniques which enable it to detect a wide spectrum of threats including active rootkits. IMO it has proven more effective than many of the stand-alone ARK tools which are available. MBAM intentionally does not search for and remove cookies which pose no significant threat. The research team investigates new rogue applications and malicious files so the database is usually updated several times a day in an aggressive effort to keep it current. Scanning is performed quickly while other tools can take hours.

Malwarebytes Anti-Malware is designed to remove malware as effectively with a Quick Scan as it will with a Full Scan which takes much longer to complete. Both scans use heuristics that bypasses polymorphic blackhat packers & encryption, MD5, check memory (loaded .exes and .dlls), unique strings, autostart load points and hotspots (everywhere current malware is known to load from) and multiple other malware checks which are not discussed in public to safeguard the program from malware writers.

• A Quick Scan looks at the most prevalent places for active malware so scanning every single file on the drive isn't always necessary.
  
• A Full Scan only has the ability to catch more traces in rare circumstances but it can be used to scan every drive (including removable) on the system.
  
• A Flash Scan will analyze memory and autorun objects but that option is only available to licensed users in the paid version.

The above information about how the program works is general rather than specific. The reason for this is that the developers of MABM do not want to reveal all the special techniques utilized in order to protect the integrity of the tool from malware writers who would use that information for nefarious purposes.

I recommend taking advantage of the Malwarebytes Anti-Malware (Pro) Protection Module in the full version which uses advanced heuristic scanning technology to monitor your system and provide real-time protection to prevent the installation of most new malware. This technology runs at startup where it monitors every process and helps stop malicious processes before they can infect your computer. The database that defines the heuristics is updated as often as there is something to add to it. Keep in mind that Malwarebytes does not act as a real-time protection scanner for every file like an anti-virus program so it is intended to be a supplement, not a substitute. Enabling the Protection Module feature requires registration and purchase of a license key that includes free lifetime upgrades and support. After activation, Malwarebytes can be set to update itself and schedule scans automatically on a daily basis. The Protection Module is not intrusive as the program utilizes few system resources and should not conflict with other scanners or anti-virus programs. If you choose the free version, you can just use it as a stand-alone scanner, however, Malwarebytes' service (mbamservice.exe) will still show in Task Manager which is normal.

I recommend using SUPERAntiSpyware Free as a separate stand-alone on-demand scanner. The free version does not provide real-time protection or scheduled scanning so there is no need for it to run at startup and waste system resources. You can always update the database definitions through the program's interface or manually download them from here.

As for Spybot S&D, most people don't understand how to use TeaTimer and that feature can cause more problems than it's worth. TeaTimer monitors changes to certain critical keys in Windows registry but does not indicate if the change is normal or a modification made by a malware infection. The user must have an understanding of the registry and how TeaTimer works in order to make informed decisions to allow or deny the detected changes. If you don't have understanding how a particular security tool works, then you probably should not be using it. Additionally, TeaTimer may conflict with other security tools which do a much better job of protecting your computer and in some cases it will even prevent disinfection of malware by those tools.

This post has been edited by quietman7: 31 December 2010 - 12:01 AM

I use free versions of MBAM and SAS.

I don't have MBAM or SAS on my PC, But I do keep http://www.superantispyware.com/portablescanner.html on an ext. hdd that I use if needed. To date all it finds is tracking cookies. Remember prevention is better than cure.

I have 2 Spyware programs on my desktop: Mbam and Spyware & Destroy.
In the most cases I use S&D; this program has more functionality than Mbam.
But this program take the time for scanning and there are periods that I am not in the mood for that, so I use than Mbam.
Mbam is with +/- 4 minutes ready with scanning.
About freeware and paying:

I use only freeware programs and not paid versions.
Why should I, money is for me holy property, I pay only for something when I have needed or about programs that I have absolute secure that a paid version is better.
About S&D and other spyware programs, well ladies and gentlemen, from my opinion is it not necessary that when you have scanned your machine on Spyware and other vulnerable, that you scanned also the machine on spyware etc. with another spyware program.
Of course, the one is not the same as the other, the possibility is there that super antispyware is better than Spybots & Destroy, but the possibility is also there that super antispyware remove spyware that it may not remove.
You do know that not all spyware is illegal. What do I mean with that?
I mean with that, that when you remove spyware from one or other program from the hd. that the possibility is there that the program will not correct working anymore.
There are also programs they have a Trojan agent and when you remove that, than the possibility is there that you can not use that program anymore or you get not updates anymore.
But that is another chapter, we have over the difference between S&D and Mbam, so I talk only over those programs.
I think that is not a disaster when you run 1 spyware program and than the other after finish with the other, but using 2 spyware programs is dubble up.
When I use Mbam and than the other? It is just what I did tell, it is, how is my mood.

Thanks to everyone for your replies.

@ quietman7: Thanks for this post - what a comprehensive amount of information!

It seems that many here recommend MBAM and SAS, and I think I will take your advice concerning the Pro version of MBAM once my malware issue has been fully resolved. Also, on a different note, may I ask you about your username? I'm in love with the John Wayne movie, The Quiet Man - is that where your name comes from? If so, then to you,

@ Roderunner: I couldn't agree more about prevention. That's why I posted my initial question. This rather minor malware issue that I have at the moment was more than enough to teach me that I need to be more aggressive about preventing infections.

Quote

From one of my all time favorite movies: The Quiet Man
And the number 7 that follows.

Quote

Please read How Malware Spreads - How did I get infected which explains the most common ways malware is contracted and spread.

quietman7, on 31 December 2010 - 01:43 PM, said:

You must be a very good person indeed. You show excellent taste in movies! The Quiet Man is one of the best movies Wayne ever did, IMHO.

Quote

Ah, well... Here is where our opinions must part company, I'm afraid. I can (grudgingly) acknowledge his talents, but since I'm a die-hard Boston Red Sox fan, any New York Yankee is akin to the antichrist for me. If I were to use an allusion to baseball in my name, it would have to be the Number 8.

Quote

Thank you - I'll do that.

This post has been edited by MelissaPleases: 31 December 2010 - 02:27 PM

Quietman7,


You letting know in a post about Rogue software.
I didn't know that, but thanks to you, now I do know.
Thank you for that information, it was very educative.