Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Will Malwarebytes protect against fake AV's?


  • Please log in to reply
5 replies to this topic

#1 Phuztone

Phuztone

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 02 June 2011 - 09:18 AM

I have run across several of my clients that have been getting the fake AV's that running rampant. I have installed the paid version of Malwarebytes on their PC's to protect against these. None of the AV apps that they are using is protecting them against these fake AV's & I've seen just about all of the mainstream AV app's on these machines. Most all of them are set to update automatically, so I'm sure their AV apps are up to date.

I read somewhere that Malwarebytes paid version (running along with a good AV app) would block these fake AV's from activating. Is there any truth to this rumor? Has anyone actually seen this protection work??

Thanks!!

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:58 AM

Posted 02 June 2011 - 12:25 PM

The full version of Malwarebytes Anti-Malware (Pro) includes a real-time Protection Module that uses advanced heuristic scanning technology to monitor your system and the ability to schedule updates. This technology runs at startup where it monitors every process and helps stop malicious processes before they can infect your computer. Keep in mind that this feature does not guarantee something will not slip through as no product can detect and prevent every type of malware. The database that defines the heuristics is updated as often as there is something to add to it. Also keep in mind that Malwarebytes does not act as a real-time protection scanner for every file like an anti-virus program so it is intended to be a supplement, not a substitute. Those who purchase the full version receive a license key via email which includes a lifetime of free upgrades and support. For corporate and business customers, annual licenses are required. After activation, Malwarebytes can be set to update itself and schedule scans automatically on a daily basis.

A multi-layered defense using anti-spyware products (including an effective firewall) to supplement your anti-virus combined with common sense, safe computing and safe surfing habits provides the most complete protection.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Winterland

Winterland

  • Members
  • 995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Land of Enchantment
  • Local time:03:58 AM

Posted 13 June 2011 - 07:25 PM

Evening quietman, I'm about to purchase the full version of Malwarebytes (been running the trial version that came with the last update) and also have already purchased the full version of SAS (with the lifetime updates, yea!) and am also running the Free Avira.

It's come up enough in these forums that I know (and advise others) to never run more than one AV app at a time, but what I haven't seen is, can I run (once I've purchased the full version) the Real Time features on both Malwarebytes and SAS as well as my Avira?

The SAS has the feature but I haven't enabled it yet (although I update and scan almost daily) in fear that I might start getting some false positives.



So when you write "A multi-layered defense using anti-spyware products (including an effective firewall) to supplement your anti-virus" I guess what confuses me is what does that multi-layer include?


I'm not looking for specific products - I've seen your post - and also read the article regarding personal selection of AV protection (and assume that dynamic applies to the other apps that protect my machine) but rather a template for apps that can be, or that you would encourage, to run in concert with my Firewall and AV.


Thanks for any advice/direction you can give.


And, of course, if you've already addressed this somewhere else, you can send me a link and *poof* off I'll go.

Winterland

Photobucket removed my cool flag - idiots!

 

Every calculation based on experience elsewhere fails in New Mexico.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:58 AM

Posted 14 June 2011 - 06:17 AM

As a general rule, using more than one anti-spyware program like Malwarebytes Anti-Malware, SuperAntispyware, Windows Defender, Spybot S&D, Ad-Aware, Spyware Terminator, etc. will not conflict with each other or your anti-virus if using only one of them for real-time protection and others as stand-alone scanners. In fact, doing so increases your protection coverage without causing the same kind of conflicts or affecting the stability of your system that can occur when using more than one anti-virus. The overlap of protection from using different signature databases will aid in detection and removal of more threats when scanning your system for malware. However, competing tools may provide redundant alerts which can be annoying and/or confusing as a result of the overlap in protection.

If using multiple real-time resident shields (TeaTimer, Ad-Watch, MBAM Protection Module, Spyware Terminator Shields, etc.) together at the same time, there can be conflicts when each application tries to compete for resources and exclusive rights to perform an action. They may identify the activity of each other as suspicious and produce alerts. Further, your anti-virus may detect suspicious activity while these programs are scanning (reading) files, especially if it uses a heuristic scanning engine, regardless if they are running in real-time or on demand. The anti-virus may even detect as threats, any malware removed by these programs and placed into quarantined areas. This can lead to a repetitive cycle of endless alerts or false alarms that continually warn a threat has been found if the contents of the quarantine folder are not removed before beginning a new security scan. Generally these conflicts are more of an annoyance rather than the significant conflicts which occur when running two anti-virus programs in real time.

I recommend using SUPERAntiSpyware Free as a separate stand-alone on-demand scanner. The free version does not provide real-time protection or scheduled scanning so there is no need for it to run at startup and waste system resources. This gives you another tool to use as a second opinion or in the event of malware infection where some of your tools may be disabled.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Winterland

Winterland

  • Members
  • 995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Land of Enchantment
  • Local time:03:58 AM

Posted 14 June 2011 - 07:40 AM

That is the way I've been using SAS, based on (I believe) a previous post you'd made, but I couldn't remember why it was, or if I was letting that general fear of the unknown (a great killer in my world) keep me from using an app (in this case, SAS) in the best way possible.

Thank you for the explanation as well.


This BC community has created a sea change for my computer (the one used for fun) as well as my wife's laptop (the work tool) and it's been a huge blessing to perform actions/habits that keep us safe out there in the www and also to know how & why these things are working.


I hope you have an amazing day.


Winterland

Photobucket removed my cool flag - idiots!

 

Every calculation based on experience elsewhere fails in New Mexico.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:58 AM

Posted 14 June 2011 - 07:49 AM

You're welcome and thank you for the kind words.

Safe surfing and have a malware free day.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users