Author Topic: When do we use the new MBAM chameleon technology?  (Read 3196 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
When do we use the new MBAM chameleon technology?
« on: January 05, 2012, 09:34:56 PM »
MBAM came out with new technolgy to start MBAM when malware is trying to block the normal execution of this anti malware solution. When do we use this?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

YoKenny

  • Guest

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: When do we use the new MBAM chameleon technology?
« Reply #2 on: January 05, 2012, 09:54:13 PM »
It should go to this mode if the main programme is prevented from starting, never had an opportunity to try it yet

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37505
  • Not a avast user
Re: When do we use the new MBAM chameleon technology?
« Reply #3 on: January 05, 2012, 09:55:44 PM »
See screen shot


you find it in C:/programfiles/Malwarebytes/Chamelon > Chamelon.html..... you can click the buttons to test   ;)

if you run any of the files in there, it will first pop up a command promt box. If you then hit any key..
it start with a update, then search for malware process to stop, then opening MBAM and running a quick scan
« Last Edit: January 05, 2012, 10:44:48 PM by Pondus »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: When do we use the new MBAM chameleon technology?
« Reply #4 on: January 05, 2012, 10:00:19 PM »
Hi essexboy,

You could have that opportunity when you start it up from C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

DonZ63

  • Guest
Re: When do we use the new MBAM chameleon technology?
« Reply #5 on: January 05, 2012, 10:47:50 PM »
If MBAM did a better job protecting their core executables, they wouldn't need a utility do block malware from shuting it down. It's the "weakest link" in their realtime protection.

Try to kill Norton's ccSvchst.exe and see what happens. Symantec has made signifigant progress in preventing malware from blocking its installation in it's recent releases of NIS ans NAS. Avast also does a good job of preventing shutdown of their core processes.