A "virus" is a specific type of self-replicating malware:
MALWARE - ROOTKITS - TROJANS - WORMS - VIRUS
True viruses constitute a small % of live malware in the wild today.
Moreover, at least through the the current release build of MBAM, 184.108.40.2063, MBAM is not and never has been an anti-virus. It targets certain types of non-viral malware often missed by a standard AV.
Through the current release build, it is NOT designed to be or to replace an antivirus:
Does Malwarebytes Anti-Malware replace antivirus software?
At the risk of flagellating a deceased equine, it is confusing and misleading to refer to all malware as "viruses", and to report that MBAM removed 100s or 1000s of "viruses". Without seeing the scan log, it's impossible to say for sure exactly what MBAM removed, but -- because it is not an anti-virus -- I am quite certain they were neither "viruses" nor viruses.
Feel free to read on, even if this is probably "TLDR":
Having said all that, the Malwarebytes CEO announced in the MB3 Beta forum that MB3 is being marketed as an anti-virus replacement. There is no information about that and there is no mention of "anti-virus" capability in the list of features:
If MB3 is a true AV, then perhaps they ought to say so and provide information to back that claim....have combined our Anti-Malware, Anti-Exploit, Anti-Ransomware, Website Protection, and Remediation technologies all into a single product
If that's the case, then it cannot also be true that MB3 will run smoothly alongside other 3rd-party AVs , as they also claim.
Doing so violates a basic principle of security software strategies: running 2 real-time true AVs creates conflicts, crashes and performance issues. One should only run ONE AV on a system.
I have a hard time reconciling the contradictory claims that MB3 is BOTH a "replacement for a traditional AV" and a do-it-all security program that can still be run alongside another AV.
Furthermore, the other 3rd-party security vendors will no longer be motivated to resolve compatibility issues, if MB3 is being marketed as a competitive AV, rather than a complementary tool.
IOW, either MB3 *is* an AV or it is not.
This lack of clarity is further exacerbated by the vague new name for the program: "Malwarebytes".
I guess it's "Malwarebytes Malwarebytes", analogous to "McAfee McAfee", "Norton Norton" or "Ford Ford".
If this new product *is* a comprehensive, anti-everything security suite, then they ought to name it accordingly, e.g. Malwarebytes Internet Security Suite or Malwarebytes Extended Security Suite or Malwarebytes Anti-Virus?
Or they should stick to the current nomenclature, like Emsisoft did when they rebuilt their combined product.
It is both a true AV and an AM, but they stuck to calling it "Anti-Malware" (because most malware these days is non-viral).
And they are clear that their product -- as a real AV -- should NOT be run with another AV.
(Their full product, with the firewall, is aptly named Emsisoft Internet Security.)
On the other hand, if the "AV replacement" verbiage is only a marketing tool (perhaps to soften the 60% price increase), then perhaps they should say so.
It does not serve the customers' interests to over-sell the product, thereby causing customers to drop needed AV protection.
Bottom line in all this:
- It is confusing to loosely interchange nomenclature when referring to different types of malware
- It is likewise confusing when a security software vendor does not clarify the capabilities of its flagship product
I hope MB3 turns out to be a robust, effective, high-performing program that carries on the fine product history of Malwarebytes.
Perhaps we will see additional explanations from the Malwarebytes folks before they formally launch "MB3".
And perhaps they will invest the time and effort to choose a bolder, more meaningful and more descriptive name for it.
Over and out,
However I know the difference between a virus and malware, and I would think that 1000 virus •bodies• Is a sign that this thing was replicating itself in the system, Else I would not have found that many replicants of the same files.
There were thousands of instances of the same file extension (.a92d) spread throughout the system, the extension itself was related to something about the machine's crypto, there were files in the crypto folder that had names ending with those four values. I searched for about two days and I could not find any reports of any similar behaviour, so this might have been something new: i've seen viruses propagate files through systems before, but never with this magnitude, usually it's never more than 100 instances. About 5000 files with that extension, of various sizes and I saw them jump from one folder to an adjacent one as I was looking through it when I first opened up the PC to look at the damage. There were also about 1000 replicated instances of a "readme.hta", I don't see why those files would be in certain program folders. The trick wasn't simply deleting all of these replicated files, it was finding what was causing it, and between ESET and MBAM I was able to identify the culprit, which ESET missed, and MBAM identified as a Trojan.
I don't see the point of the rest of your tome, as much as I love tomes, other than that you are arguing with me about something that we both agree on.
Nevertheless, even though MBAM is not really a pure antivirus engine, it can and does identify rootkits and other nasty things that sometimes a pure AV will miss. And I'm pretty sure I don't need to keep on repeating that "I found 10,000 virus •bodies•" on this machine, it was all one virus, and this was a prime example of the behavior that you were just talking about.
So weather or you want to call it a virus or a potentially unwanted program, it's all the same thing, we don't want them in our machines and we want to get it out without having to wipe the whole drive. so you can call them whatever politically correct name you can think of and I'll just call all of them "viruses", which for me means any file on my computer that I didn't expressly put there myself.
I didn't realize that this change in MBAM was as broad as this, because I only use the anti-malware package and none of the others, because I have other tools that take care of those things, that are pretty much 99% effective.
We do not have the logs for the computers you mention. So we cannot know what MBAM or other tools may have found. As you said: "MBAM identified as a Trojan". That sounds consistent with the fact that the current version targets certain, non-scripted types of (mostly) non-viral malware. There are not very many true, old-fashioned viruses or worms out there these days. (There is, of course, a LOT of ransomware, a newer, specialized category of crypto-malware. Malwarebytes will be including specialized anti-ransomware technology in their new product, MB3.)
Having said that, if you wish to call all malware "viruses" and/or PUPs "malware", that's certainly your choice. Many casual forum viewers and less experienced computer users could be confused by interchanging the terminology. That could lead to their selection of the wrong type of security software, unreasonable expectations about security software protection, and/or the use of the wrong tools to clean certain types of infection.
As you point out, the malware world today is large and complex.
And complete cleanup of infected computers often requires the use of multiple, powerful, specialized tools, in the correct sequence. Knowing which tools to use depends to some extent on knowing what needs to be removed and how a particular infection damages the system.
Therefore a bit of precision in the terminology facilitates that process and reduces confusion.
Antibiotics are of no value treating viral infections or a broken leg.
Replacing a car battery when the problem is a broken alternator would not work, either.
The same is true for malware cleanup: it helps to know what the infection is, in order to select the correct tool.
That is all.
And having said all that, as I mentioned, the second part of my post was intended merely to nudge the discussion back to the original topic: the release of a new, very different version of Malwarebytes Anti-Malware.
As we can see, the use of imprecise terminology about an application's being "anti-virus" vs. "anti-malware"-- even by a security software vendor -- further confuses the discussion.
Yes, MBAM has been a very strong malware protection/removal tool with a great track record over the years.
We all look forward to an equally robust and reliable product with "Malwarebytes Malwarebytes" (a.k.a "MB3").
The mal in malware is based on the French translation meaning evil, terminology wise this would cover all infections.
And the French derives from the Latin.
All of this brings us back to my original point: all viruses are malware, but not all malware is a virus.
There are trojans, keyloggers, spyware, adware, foistware, BHOs, rootkits, worms, etc. etc. etc.
And PUPs, strictly speaking, are not malware, although some come very close to crossing the line.
Different types of malware behave differently, cause different types of damage, and require different types of tools/scripts/techniques for protection/removal/remediation.
"It's all in a name..."
(I include generic references, but there are many such articles in the computer security world, of course.)
Your own definition of the word virus indicates that if it doesn't spread itself through the system then it's not a virus. Now regardless of whether or not my log files identified a per se virus, it was acting as a per se virus so I'd rather just call it that since it was acting like one.
I have seen malicious programs though, not really considered viruses, that do the same thing.
My point is that I absolutely agree that malwarebytes is for getting rid of malware. I think the program is pretty effective as it is but I don't know if I want it taking over actual virus detection duties away from my primary AV program. As long as it doesn't interfere with any other programs I use (and I really avoid installing two different AV programs, most of the time you can't do it anyway) then it should be fine.
The program that I have chosen to use after all these years of the other ones (Norton/Mcafee) failing is
ESET, which is very finicky about installing if there are any shreds of any other AV program left in the system, and Norton/McAfee are notorious for leaving a little bits of shite in the system that prevents ESET from installing, it rolls itself back until you can go in there and find all of the little leftover files from those alleged AV programs. So I hope that this doesn't happen with MBAM now. Because there's really nothing else that I can use that does what it does.