some suggestions...

[Blaze]

Hi all, I've stated the 2 suggestions down below already, but I've just added another one.

Please give me your opinion on this.

1)

Like mentioned before, it would be nice that users are able to send a malware file from the quarantaine log to MBAM.

I haven't encountered yet that I need to do that, but I think it would be a nice feature.

Example: 'submit' button.

2)

Malwarebytes developed the very useful tool FileAssassin, which you can also start in MBAM.

Now, since some malware blocks the updating/installating of MBAM, I thought it would be nice to include a 'ProcessAssassin' or 'ProcessKiller' or whatever.

There are of course already tools like Process Explorer, but in this case the ProcessAssassin would be designed to tackle mainly malware process.

Thanks to process behaviour I think this might work.

Example: you cannot start MBAM. you install ProcessAssassin. It displays possible malware processes in red, which users then can ask for more information, disable the process, or kill the process.

3) In addition to the above, as some malware (or most) also starts from the temp folder or can even restore itself from there, it would be nice to have a TempAssassin, TempKiller or similar as well, in addition to the ProcessAssassin I described above. It would just launch a simple bacth script (for example) and will kill the Temporary Internet Files as well as c:\temp, c:\windows\temp etc .

Example : Malware will not be (fully) able to (re)start itself.

cheers .

[exile360]

you install ProcessAssassin. It displays possible malware processes in red, which users then can ask for more information, disable the process, or kill the process.

That will only work for a week or so until the malware makers target ProcessAssassin the same way they target all the other tools, including MBAM, thus preventing it from being executed.

[Firefox]

yes those malware writers are figuring out the things we try and catch them, like renaming the MBAM.exe file to something random does not work in some infections any longer.....

We will win the battle one way or another.

[screen317]

That will only work for a week or so until the malware makers target ProcessAssassin the same way they target all the other tools, including MBAM, thus preventing it from being executed.

For this exact reason it is so crucial to have the protection module installed. With today's malware thwarting traditional removal attempts, preventing the infection in the first place is the key to winning "the war."

[exile360]

Yes, as the old saying goes: "An ounce of prevention is worth a pound of cure". I'd say this is especially true these days with the nature of the infections going around, particularly the nasty rootkits.

[Blaze]

I see your points, they would indeed target it.

Firefox: that is true as well, sometimes it works by renaming the file, but not always.

I'm not sure if the 'temp killer' idea is still applicable, it would come in handy.

thanks for the opinions

[exile360]

You're welcome

Thank you for the suggestions . It's unfortunate that a fix that works one day doesn't work the next, but it's because the programmers behind the creation of these infections are pretty motivated to keep their infections alive so when a sure-fire fix method is discovered they respond by changing their infections to block that method rather quickly .