Twayne said:
You mean: Why don't I format them as you think they should be
formatted? Well, mostly because I can and my method is known
as in-line posting. Sorry if that's too complicated for you.
I know that you use in-line posting (that is the correct way to post to
usenet, and you should have noticed that I do the same). The formatting
problem that I raised was that you don't leave a blank line between the
quoted part and the response part.
Perhaps it's the tool you've using for a news client?
Again, I'm surprised that you are embarrasing yourself by not making the
simple observation that I also perform inline quoting and therefore must
know and understand the concept.
Anyway, it looks like I've stepped on your toes by daring to
discuss cons of the program and you take great umbrage to
that.
No, you're not stepping on any toes. If you want to argue your pov,
then so will I. Is there anything wrong with that?
Sorry about that, but the simple fact is, it is not capable of
being the only malware protection one needs.
That wasn't what the OP asked.
It was asked if MBAM can or does perform as a virus scanner. I said it
does, and I also said I don't know how well it does it. People are
always asking (in the anti-malware newsgroups) how various AM
(anti-malware) products compare against each other. You seem to think
that as long as a piece of software claims itself to be "Anti-Virus"
that that's the end of the discussion - that all AV products are
comparable just because they call themselves AV.
There is good reason why no single entity can yet claim to
discover every spyware in existance or that will exist.
That's an irrelavent point. If, hypothetically, MBAM has a virus
detection rate that is *on-par* with the average detection rates (or
even the *worst* detection rates) of programs that actually call
themselves AV programs, then MBAM can be legitamately called an AV
product.
The product claims it can run in concert with other malware
detectors. Taken lterally, that's true. Taken to include AV,
it's not true. Their own documentation includes comments about
it not being compatible with some other AV programs and recommend
turning the AV off, which to my mind is a dis-service to its users
since it's not true.
What isin't true?
Are they saying to turn off other AV programs when you perform an MBAM
scan? Why is that a dis-service?
It sounds like it might surprise you to find that I use this
program on my own machine.
No, I wouldn't be surprised.
I paid for the first version since it's a reasonable price,
but got my money back when I discovered it couldn't co-exist
with my real-time AV program. As a result, I do consider it
good enough to use their freebie version however, on all four
machines in this room. I will not depend on a product that
isn't an AV product to protect me in real time against viruses,
no matter how good it may be in other areas.
Perhaps MBAM has no actual real-time detection ability or mechanism.
That still doesn't mean that when run as an "on-demand" scanner, that it
doesn't have virus-detection capabilities in that mode of operation.
No, I haven't submitted a lot of mails to VirusTotal. In fact,
I would question the capabilities of any who submitted a post
such as this one and also tried to imply they have submitted
"a few hundred" suspect files.
Please explain. There are those of us who go out of our way to obtain
malware samples for our own investigation, and submitting them to VT as
part of that investigation. We form our own opinions as to which AV
programs appear to react the fastest to new malware by doing that.
It would seem your ability to determine whether something is new or
not might be sub-standard. And if you're getting hundreds of them
a day, well ... .
Again, you seem to have formed some faulty impressions. I'm not sure
why or where you'd get the idea that my ability to determine the vintage
of any given piece of malware is "sub-standard" based on what I've said
up to this point.
And I never claimed the _rate_ at which I obtain malware samples or
submit them for testing.
A good netizen will check before submitting something that's
"questionable", just so the other end doesn't have to waste
time on it for no good reason.
That comment would not stand up or be agreed with in the virus and
anti-virus newsgroups I participate in. The VT website is designed to
handle many submissions per day, and the idea that the operators of that
site are put to a disadvantage because of having to scan non-viral files
has never been raised before - and I'm sure would be laughed at and
ridiculed.
The point is, it doesn't HAVE a virus definition database that I
can locate.
Like most anti-malware programs (and viruses are generally considered a
form of malware) MBAM does download program updates. I presume those
updates are infact the definition files that it uses when it performs
it's file and registry scanning.
Everything at their sites calls it a "malware" detector, and it has
a malware database, but not a viral database. Would you care to
expand on that and tell me where such is stored?
You want me to tell you that perhaps what MBAM calls a "malware
definition file" might infact contain definitions for viruses and
trojans?
I don't debate the fact that it catches some viruses - just
that it's not effective as a major dependency for virus
protection.
How exactly would you know that it's "not effective as a major
dependency for virus protection" ?
You seemed to claim earlier that it (or AdAware) detected some viral
files that your un-named AV program did not (or perhaps I didn't read
that correctly).
It's not intended to catch all viruses and thus is not
called an AV program.
You said earlier that no application can detect all malware (or words to
that effect).
You have also just made this statement:
"It's not intended to catch all viruses and thus is not called
an AV program."
That implies that if something calls itself an AV program, then by your
definition it *is* intended to catch ALL viruses, because anything that
does not catch all viruses can not be called an AV program.
I just want to clarify that point. You believe that something that does
not catch (detect) all viruses can not be called an AV progam - is that
right? And you also believe that no application can detect all
malware? I see a contradiction or a lack of coherency when those two
statements are combined.
For any program that could honestly check each individual file
on the computer for viruses, trojans, worms and other malware
100% the program would take hours to run.
Depending on how many files a system has, yes, I have performed scans on
my systems that take several hours to run. Is that a strange concept?
No, what you claimed, and apparently snipped, was that one
could get rid of the other AV ware they had and only use this
one program you're so fond of.
I never said that MBAM could or should replace other pre-existing
anti-malware (anti-viral) software on a given system. I encourage you
to go back over my posted material and quote any such comment that you
think I made.
And I never said I had any particular fondness for MBAM. In fact, I
claimed to have only used it once, and I don't use it regularly because
it doesn't run under my main OS (windows 98). So how could I possibly
have a fondness for it?
Lol! Sorry, I don't teach English. The context of your post.
The context of the question was not ambiguous, so no context-disclaimer
need be made.
No, I'm afraid that's just plain not the case. I don't need to
know "how many" in any way except that the program's purpose and
reputation states that it catches nearly all the AV they can
design for.
So you put more stock in the simple claim that a given piece of software
"catches nearly all the AV they can design for" versus the size or the
number of entries in their scanner's database files?
Don't you think that a quantitative metric in this case is more useful
vs a qualitative one?
MBAM is simply a lightweight in that area and makes no claims
to be an AV replacement that I've ever seen.
I never said MBAM claimed to be an AV program nor said it claimed to be
an AV replacement.
It was asked if MBAM is a virus/trojan detector. I said it was. I also
said I didn't know how it compared to other virus/trojan detection
programs.
There is a wide range of effectiveness and ability within the AM/AV
class of software, and I wouldn't be surprised if MBAM ranked as
eqivalent to some of them in terms of detection compentency.
You seem to be of the opinion that because a program can
catch a few viruses that it can catch them all,
That argument could be made equally if you or I was talking about any
so-called AV program. Which is why I would never make such an
argument. It's not true for what you consider a "real" AV program, and
it's not true for MBAM either.
or at least equal and beat an application whose major purpose
in life is to catch the virus.
You are speculating that MBAM's virus detection abilities ranks lower
than the worst commercial or share-ware package that labels itself as
being an anti-virus program.
Do you have anything other than a gut-feeling to support that claim?
M BAM is reported to be functional for:
Operating System: Win98, Win2k Pro, XP Pro, XP Home
---------------------
http://www.malwarebytes.org/mbam.php
Key Features
* Support for Windows 2000, XP, Vista, and 7 (32-bit and 64-bit).
Download
* Version: 1.44
* File Size: 4.87 MB
* Operating Systems: Microsoft ® Windows 2000, XP, Vista, 7.
--------------------
Where do you see compatibility with win-98?
No, you've "observed" it detecting parts of a virus that conform
to malware.
Who says that viruses and trojans are not forms of malware?
It'll remove the parts that it's aware of, but possibly NOT
the entire virus payload; you cannot tell.
The same is true for many AV programs. They do a horrible job of
removing all remnants of viruses and trojans (files, registry entries,
etc).
The virus may well return eventually in a lot of cases.
Many viruses and trojans actively interfere with proper AV operation.
The truth is that AV software does a pathetic job these days of
detecting new threats in real time.
I guess you need some assistance with reading comprehension:
I never said that; you did.
This is what you said:
| because all you've accomplished is creating a thread that
| talks about what it CAN NOT do (be used for AV)
You said that my arguments supported the conclusion that MBAM CAN NOT be
used as an AV scanner. Which is the same as saying that what I said
about MBAM constitutes some form of negative proof of AV functionality.
I simply said that your comment about not needing anything
else was in error. If you can't remember, go back and look
at the first post I replied to.
I suggest you go and look up what I said and quote it in your next
reply, just so we're both exactly sure of what you're referring to. I
continue to assert that I never said that MBAM was (or was not) suitable
as one's sole or only AM/AV software.
In addition, your comments smell a bit trollish so I am
unlkely to bother reading anything else you have to say.
That would be a mistake, as it would indicate that you would surrender
this conversation over to me.
It's a common tactic used by those that know they are arguing from a
weak position or POV.
