MBAM came out with new technolgy to start MBAM when malware is trying to block the normal execution of this anti malware solution. When do we use this?

polonus

Why don’t you ask this in the MBAM forum?
http://forums.malwarebytes.org/index.php?showtopic=103131

See a video:
http://www.youtube.com/watch?v=sSOYnMZyTBk&feature=youtu.be

It should go to this mode if the main programme is prevented from starting, never had an opportunity to try it yet

See screen shot

you find it in C:/programfiles/Malwarebytes/Chamelon > Chamelon.html… you can click the buttons to test

if you run any of the files in there, it will first pop up a command promt box. If you then hit any key…
it start with a update, then search for malware process to stop, then opening MBAM and running a quick scan

Hi essexboy,

You could have that opportunity when you start it up from C:\Program Files\Malwarebytes’ Anti-Malware\Chameleon

pol

If MBAM did a better job protecting their core executables, they wouldn’t need a utility do block malware from shuting it down. It’s the “weakest link” in their realtime protection.

Try to kill Norton’s ccSvchst.exe and see what happens. Symantec has made signifigant progress in preventing malware from blocking its installation in it’s recent releases of NIS ans NAS. Avast also does a good job of preventing shutdown of their core processes.