Posted 14 October 2013 - 06:58 AM
Malwarebytes checks for and detects malware through the following means:
- Checks most common places malware is known to hide:
Hotspots: everywhere current malware is known to load from
Autostarts: all known malware load points
Memory: loaded exes and dlls
- MD5 Hash (Message-Digest algorithm 5).
- Unique strings, semi polymorphic strings.
- Unique GUID Download Linked dlls and other executable components (these are bi-directional).
- Unique load point to file (these are bi-directional) to include hotspots and autostarts.
- Unique heuristics (IPH) that bypasses polymorphic blackhat packers & encryption, and is immune to randomized file names.
- Unique file names combined with FP killing routines.
- Other means not discussed in public to safeguard the program from malware writers who would use that information for nefarious purposes.
.Windows Insider MVP 2017-2018Microsoft MVP Reconnect 2016Microsoft MVP Consumer Security 2007-2015 Member of UNITE, Unified Network of Instructors and Trusted EliminatorsIf I have been helpful & you'd like to consider a donation, click