Depending on a single security applications to provide broad scale protection, is an absolute “non-starter”. A single security applications does not, and never has had the ability to do this, despite the commonly help belief to the contrary.
Part of the layered security process (stacking security solutions, one on top of the other, to cover the gaps that exist in the protection capabilities of even the most sophisticated security applications), consists of supplementing the primary AV application with an on-demand malware application.
In other words, an AV application that does not start with Windows but instead, is available for manual scanning.
Actually, there’s no harm in installing more than one antimalware application to be used as a secondary scanner – doing so can be advantageous. However, be sure NOT to allow more than one primary application to autostart, in order to prevent potential conflicts.
Virtually all free security applications are programmed to autostart after installation, so be aware of this, and make the necessary adjustments using MSConfig.
I run Malwarebytes’ Anti-Malware every day, as a secondary malware scanner, since I have absolutely no faith that a single security application offers adequate protection.
The free version of this speed demon (it’s faster at scanning than any anti-malware program I’ve tested in the last 2 years), is used by millions of people worldwide to protect their computers.
It’s important to note that the real time protection module is disabled in the free version of Malwarebytes’ Anti-Malware. Actually, this is perfect for your purpose.
Less critical, is the disabling of scheduled scanning, and scheduled updating in the free version. (Rodzilla, a very frequent reader, and an expert user, is adamant that the lack of auto updating is a critical flaw – we have agreed to disagree on this point).
Each day, as I manually update the definition database I’ve noticed that typically, the definition database has been updated 3/5 times in the previous 24 hours. Since study after study indicate that new malware is created at the rate of 20,000, or more, new versions every single day, it’s easy to see that Malwarebytes’ is being proactive to these conditions.
A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike as the following screen captures indicate.
Since real time protection is disabled, I do not recommend that you use this free version of Malwarebytes’ Anti-Malware as a stand alone primary security application, since it simply will not offer you adequate protection with this restriction. Instead, use it as I do, as an on-demand, secondary scanner.
Despite this real-time protection limitation in the free version, Malwarebytes’ Anti-Malware has an excellent reputation (shared by me), as a first class security application, for its ability to identify and remove adware, Trojans, key-loggers, home page hijackers, and other malware threats.
Fast facts:
Blazing speed on quick scanning
Full scans for all drives.
Daily database updates
Quarantine function
Additional utilities for manual malware removal
Multi-lingual support
Command line support for quick scanning
Context menu integration to scan files on demand
Systems Requirements: Windows 2000, XP, Vista, and Win 7 (32-bit and 64-bit).
Multi-lingual support: English, Albanian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Czech, Danish, Dutch, Finnish, French, German, Hungarian, Italian, Norwegian, Polish, Portuguese, Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Turkish.
Download at: Malwarebytes.org
Two quick tips:
Malwarebytes should be run in normal user mode, not safe mode.
I normally run “Quick Scan” and not deep scan since Malwarebytes concentrates on folders where malware is targeted in this mode. In quick scan mode, a scan generally takes seven minutes, or less, on my system.
Another great free alternative:
The free version of SUPERAntiSpyware despite it’s lack of real-time protection deserves its reputation as a first class security application, and it’s definitely worth considering adding to your security toolbox as a secondary line of defense.
You can read the review, and find the download link in my article “Knockout Malware With SUPERAntiSpyware Free Edition”, on this site.
Update: Here’s some welcome input from regular reader Georg Lechner –
“Malwarebytes’, recent iteration 1.46 – New users may find it easier to use Advanced System Care (recent version is 3.6.0) to control the autostart behavior of Malwarebytes’, using the Startup Manager, to be found under Admin Tools.
SUPERAntiSpyware just released its recent iteration 4.38.0.1004 – This version is 32 AND 64 bit, but the previous version must be deinstalled manually before installing this one on 64 bit machines (WIN 7).”
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Bill Mullins' Weblog - Tech Thoughts 
AVG gave a result an infection for a “Trojan Horse Downloaders GENERIC 9 BOCH” which it would not heal/ wouldn’t permit to be deleted.
So today using the latest updates for the Malwarebytes and Spybot S&D both found NO THREATS. Would you think then that the AVG “infection” is a false positive?
I appreciate your website, which I’ve just found and will explore as time permits.
I hope you can answer my questions, unless one has some sophistication this can all be VERY stressful.
Hi Fred,
First – In testing, AVG has been found to have a higher than average number of false positives.
Second – Malwarebytes has a particularly good reputation for find and removing malware.
Since you have used both Malwarebytes and Spybot S&D, there’s a good possibility that you’re dealing with a false positive. Particularly if you have recently downloaded and installed one or more new applications, since occasionally the setup files (depending on the application), can be seen by an AV as malware, based strictly on behavior.
However, to ensure you are not dealing with an actual Trojan Downloader, take a look at Think Youre Infected? Find Out Run An Online Scanner From Your Browser,on my site which has a list of online scanners that are often helpful in this type of circumstance.
As we, please read Suspicious File? Scan it with VirusTotals 35 + AVson my site.Virustotal is a *service that analyzes suspicious files* and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines.
It’s very likely that you are, in fact, dealing with a false positive but as you know, it pays to be cautious.
Bill
“recently downloaded and installed one or more new applications”
Not that I know of Bill.
That Panda online scan looks great but with dialup that 45meg download looks intimidating. Does it download onto a flashdrive? I can get someone to do that for me.
Hopefully some posters will remark on Panda Anti-virus.
Thanks for your answers to my questions. It sure is SCARY to have no confidence in one’s primary anti-virus.
False positives seem GREAT compared to the possibility of a real infection.
Thanks again, please count me as new fan and devoted reader.
Hi Fred,
Downloading Panda Scan to a Flash Drive is not a practical solution. BTW, the download is 76 MB and on dialup, well……… Too bad really – it’s a great scanner.
Download and install free SUPERAntiSpyWare- as a secondary scanner, it’s the equal of Malwarebytes.
If you’re worried about your level of security, take a look at Layered Computer Security What Is It? Why Use It?- you’ll find some good recommendations on how to do this with free applications. I think this will help you feel more confident.
Bill
Hello
Great and useful post as usual Bill, thank you!
I use MBAM Pro (I have been betatesting when v 0.97 was released to pubblic).. and no conflict with my current antivirus.
from v 1.45 MBAM includes a flash scan (only for paid users) and a new heuristic engine.
SAS is very good too, lates version has also a native 64 bit installer!
Regards
Hey Leofelix,
Well, you’ve been using it longer than me. That’s very cool.
Over 12,000 readers have now downloaded MBAM through my site – maybe MBAM will sent me a free copy. 🙂
Best,
Bill
I would definitely place Malwarebytes at the top of the list. I have had it find nasties when others have failed. I run it once a week on all of my machines.
Hey G,
Same here. I’ve come to trust MBAM more than any other and it’s not let me down yet.
Best,
Bill
Bill
I’ve been using MBAM since you first recommended it sometime ago.
I’m very satisfied.
Liam
Hi Liam,
Good to hear you find MBAM useful.
Bill
Same case here as G. It took out a spyware which KIS is unable to detect even till now.. Many malware removal experts, infact most, also recommend it.. So, it definitly deserves a place in one’s toolbox…
And i too run MBAM pro with KIS and not even a minute sign of conflicts yet..
And i had tried Panda scan few weeks before on a dial-up connection (Yep, you heard that right. Afterall, i’m not a dload freak :P)
It almost rendered my machine unusable with firefox.exe consuming 100% CPU. So, had to quit it..
Btw Bill, are you still using an old version of MBAM as the screenshots are telling…? And Bill, don’t worry, seeing the downloads from your site, i think you too will be getting a free license sooner or later… 🙂
Hey Ranjan,
No, those are old screen shots. I’m running 1.46 (seems to me it just updated to this last week).
Must be very difficult using dial up these days.
Bill
Hi Bill,
What can say!MBAM Pro is best that has happened to me.Like I said before I have the Pro version on all my 3 systems.MBAM Pro hasn’t let me down yet,The speed of scanning all files is pretty good too.On my regular system it plays along well with SAS Pro.
MBAM Pro and SAS Pro,two great applications that are must have on any Windows OS.I highly recommend anyone using Windows OS to upgrade to Pro version as soon as possible.
Many people underestimate the capabilities of MBAM and SAS ,the Pro version of both these apps. can be used as almost as a stand alone AV.
Thanks for the post,you kinda made my day 🙂 and also my sincere thanks to Malwarebytes and SUPERAntiSpyware for making our life on Internet much safer.
Hey Kingpin,
No question about it – definitely 2 great applications.
Bill
Hey Bill,
I used to use A-squard anti-malware paid version on my computer but found it had too many false positives. I still have it on the computer to do scans but I don’t have it constantly running and I try to be careful if it picks up something.
Malwarebytes on the hand seems to have the best protection without all the false positives. Someday I am going to stop being cheap and just buy it to have it run all the time but for now it is a secondary must have scanner.
Tex
Hey Tex,
I’m $ conscious, like you. But, someday…….
Bill
Pingback: Anonymous
Hey Bill,
Not much to add, I have been using it a while now, great app. And I use SAS as well. Usually run them both just before I shutdown the computer of a night.
Cheers
Hey Mal,
Great idea and very proactive “run them both just before I shutdown the computer of a night.”
Best,
Bill
Pingback: » Free Malwarebytes – Is it the Best Secondary Malware Scanner … RWPS
Bill I’ve already started a folder, BILL MULLINS where I will archive your great articles.
I did an online scan, I tried all the others but I couldn’t get the activex to download properly on IE.
So I went to the last on your list, that is a good article by the way about ONLINE SCANNING, Symantec Security Check.
“The security scan checks that you’re running an anti-virus program and then looks for Windows vulnerabilities, hacker risks and Trojan horses.”
Since my issue was the Trojan that AVG said was there, I chose that scan, it found nothing. However, I did not have to download anything and the scan was so fast, I have dial-up, that I couldn’t believe it really looked at anything.
How could it search for Trojan Horses or the Downloaders for them so quickly?
Bill I can’t help but being so very grateful that I found your site.
Does this Free version disinfect/shred any bad stuff that it does find?
Hey Fred,
Symantec Security Check, unfortunately, does not remove found malware.
One reason for a fast scan is, some scans focus on the areas that are normally, or most likely, to be infected by malware.
Glad I was able to help.
Bill
Bill thanks for your kindness.
AVG mod said the index.dat is not executable, which is after the zillion Resident Shield claims, FULL SCAN showed the single “Trjoan Downloader Generic9 BOCH” so both S&D and MBAM with latest updates, I did MBAM again after today’s updates, they found nothing.
So the AVG mod said to DELETE the dat.index file I shut all apps down and did the RUN found the file and it would not let me delete, I got this on popup:
“The action can’t be completed because the file is open in another program”
I’ve already learned by coming to your site that I know NOTHING, so I hope at least that NOW I am starting to learn.
This has to be a FALSE POSITIVE just using rational thinking here.
But what about that not being able to delete the index.dat file? Should I be worried?
Thanks again.
Fred,
Normally, when Windows is open the index.dat file cannot be deleted – the technical reason is not important (it’s used by IE), for this discussion, so no need to worry that you can’t delete it.
However, over time this file can grow substantially and that’s another problem, so it should be cleaned out every so often and the way to do that is – download and install CCleaner . Everyone should have this free cleaning application on their machine.
Do this, and that should solve the problem with this false positive. And you are right – this is a false positive.
Bill
Hey Bill.
Also scans the entire computer program also Malwarebytes.I every day.
Can we give on the same wavelength … 🙂
Greetings.
Very cool Robert.
It pays to be careful.
Best,
Bill
AVG is a garbage antivirus and consistently rates in the bottom in tests.
It doesn’t detect real trojans or bots but sure as hell flags legit system files as them.
I’m a comp tech who has cleaned thousands of machines running this very bad AVP.
Appreciate the input Rick. I’ll add you to the long list of techs who think AVG sucks.
Bill
Pingback: A3 Photo Printers
I’ve always been confused about running more than one anti-malware app in real-time. If their are no “apparent” conflicts, could there be unknown conflicts that actually weaken my defense?
In real-time, I run WinPatrol Pro, Zemana Anti-Logger Full Version, AVG Free, MS Security Essentials, Ad-aware Free, and Immunet Protect.
Bill, you’re so good at making us aware of great apps, that I never know which ones to move to secondary, if I should move them at all, as I learn of new ones! 🙂
Hey John,
Looking at your apps the only issue I might have is, running AVG. It’s not a particularly good AV, and there is no real benefit since you’re also running MSE – a much better AV.
It’s highly unlikely that you would have “unknown conflicts”, but……
No, I don’t recommend changing AVs, unless there are major improvements in a new product. Familiarity with your AVs is an important part of managing security. The more you know about the tool the better off you are.
Best,
Bill
Spybot’s shredder would set off FALSE POSITIVES with MacAfee (Which I DO NOT have) however they fixed it, AVG has not, to date, done so.
I also noted with the FPs, and when I had SCAN ALL FILES on RESIDENT SHIELD showed everything being infected by the Trojan Horse Downloader, when I turned it back to SCAN ONLY INFECTABLE files nothing showed up on Resident Shield, althought the FULL Scan showed the index.dat which I’ve mentioned previously.
What was curious was that in the RS section it would NOT let me delete the so-called infections, which I found odd.
Ditto for the SINGLE infection found by FULL SCAN which was the index.dat FP.
I wonder if AVAST would be a better choice? However I did note that there is a glitch in latest Avast that they are dealing with:
http://forum.avast.com/index.php?topic=59853.0
As Bill mentioned on his “Children & Safety” thread this is a subject that requires a degree of intelligence and reading comprehension and EFFORT.
Bill makes it a LOT EASIER for us all.
MBAM updates 2 or 3x a day and while, as Bill repeatedly warns us, no ONE SYSTEM does it all, would it not be fair to say that MBAM has one of the highest detection rates?
Also it does or does not catch viruses?
Is the CCleaner easy to use to delete that index.dat file, I tried in SAFE MODE and it would not permit me to do so. So the ability to use a tool that easily and clearly able for a neophyte like me to delete that file would be wonderful.
I understand that the file is regenerated with the next reboot however it would then be clean of the data.
AVG mod suggested this for that index.dat what do you think of it Bill?
http://ccollomb.free.fr/unlocker/
Hi Fred,
CCleaner is an easy to use tool especially for casual users, and there is no reason to run this tool in safe mode.
Let me give you the same response I gave you on May 27th – ”
“Normally, when Windows is open the index.dat file cannot be deleted. The technical reason is not important (it’s used by IE), for this discussion, so no need to worry that you can’t delete it. *
However, over time this file can grow substantially and that’s another problem, so it should be cleaned out every so often and the way to do that is to download and install CCleaner . Everyone should have this free cleaning application on their machine.
Do this, and that should solve the problem with this false positive.”
As for running Unlocker, this seems a complex way to solve a simple problem.
Actually, I recommended Unlocker on May 26, in my Tech Net News, Daily Downloads – “Unlocker – If Windows won’t let you manually delete a program file or folder, try Cedrick Collomb’s free Unlocker.
“Once installed, Unlocker comes up automatically when Windows refuses to delete, move, or rename a file or folder, or you can launch it from the file or folder’s context menu. Once up, it shows you what processes are hanging onto the culprit and lets you kill them.”
I would not however, recommend Unlocker to anyone but an experience user. There is a good reason Windows locks files – deleting, moving or renaming the wrong file, can lead to an un-bootable machine.
I see that you are reading forums and the like, which is not a bad idea. A word of caution however – be extremely careful in using information from these sources. Not everyone in these forums knows what they are talking about. There is more misinformation in forums, than virtually anywhere else on the Internet.
Bill
Bill I bet for every question you answer here for all of us I bet there are dozens of readers, maybe hundreds who knows, that have similar issues and that makes your blog a great educational tool.
I thought about what you said about reading these other forums and that is why I asked you about that UnLock.
When I tried SAFE MODE it was mentioned by a AVG mod as a way to delete the index.dat which did not work, so I am off to download CCleaner.
You are the MainMan, I have faith in you, I am sure there are others who have real knowledge, but sadly I’ve come across too many “mods” even part of the management team for certain Anti-Virus, Anti-Spyware that don’t seem, well either able to communicate the information, which you do SO brilliantly, or give the WRONG information.
Your archives are must reading.
Thanks for all that you do, it is important.
Fred, you made my day – you make me blush. 🙂
You’re right “I bet for every question you answer here for all of us I bet there are dozens of readers, maybe hundreds who knows, that have similar issues”, and this is the determiner as to whether I can answer a specific question. This is not a how-to, or an answer site, in the general sense, but I do take an interest in answering questions that are common to a broad spectrum of users.
Bill
I was so very pleased with the ease of use of the CCleaner. Your warning about levels of sophistication needed to use certain other tools should be heeded by neophytes such as myself. It is clear that if you don’t have a certain level of computer knowledge you might just find that some of these tools, which are approrpriate for pros or very advanced users, could cause MAJOR problems.
Well I did get rid of that index.dat and did then a full scan with AVG nothing found.
Today went to use the Spybot shredder to clear the Internet Explorer Temproary Cache when a Popup Resident Shield again saying:
“do you want to force the threat removal?” with a warning that this could harm the computer
Then another popup window from AVG:
located in Temproary internet files
“Trojan Horse Backdoor Generic 12.BCQY” ‘Detected on open’
I think I’m learning fast here, LOL, it appears to me that AVG, unlike MacAfee, has not corrected its reading of Spybot’s shredder as somehow involved in threats, of course this may be different, yet although this is a new window the “do you want to force the threat removal?” one I think AVG is starting to be a bit more trouble than it is worth, I realize Avast isn’t perfect but this is very trying, indeed stressful.
I was thinking yesterday about a remark you made about the benefit of “familiarity” with an AV or AM product and so was considering just muddling through with AVG. Yet this again, well…
Hi Fred,
It’s great to see you take such an interest in the nuts and bolts of computing. Doing so, definitely has its rewards. And yes, you are learning fast.
Happy to hear you’ve had good success with CCleaner – it’s a great little app. Be sure to check out some of the additional things it can do for you.
Bill
Pingback: Anonymous