Avast WEBforum
Other => Viruses and worms => Topic started by: polonus on January 05, 2012, 09:34:56 PM
-
MBAM came out with new technolgy to start MBAM when malware is trying to block the normal execution of this anti malware solution. When do we use this?
polonus
-
Why don't you ask this in the MBAM forum?
http://forums.malwarebytes.org/index.php?showtopic=103131
See a video:
http://www.youtube.com/watch?v=sSOYnMZyTBk&feature=youtu.be
-
It should go to this mode if the main programme is prevented from starting, never had an opportunity to try it yet
-
See screen shot
you find it in C:/programfiles/Malwarebytes/Chamelon > Chamelon.html..... you can click the buttons to test ;)
if you run any of the files in there, it will first pop up a command promt box. If you then hit any key..
it start with a update, then search for malware process to stop, then opening MBAM and running a quick scan
-
Hi essexboy,
You could have that opportunity when you start it up from C:\Program Files\Malwarebytes' Anti-Malware\Chameleon
pol
-
If MBAM did a better job protecting their core executables, they wouldn't need a utility do block malware from shuting it down. It's the "weakest link" in their realtime protection.
Try to kill Norton's ccSvchst.exe and see what happens. Symantec has made signifigant progress in preventing malware from blocking its installation in it's recent releases of NIS ans NAS. Avast also does a good job of preventing shutdown of their core processes.