Install Malwarebytes Anti-Malware on PCs where it is blocked
While most malware ignores software installed on a PC it is trying to infect, some have been designed to block security software from running or being installed on a system it has successfully infected. Malware designed this way tries to make it harder for admins and users to disinfect the system or even detect that malware is running on it. Various techniques are used to achieve that goal, from redirecting security software websites to other sites so that antivirus solutions can't be downloaded that easily to monitoring running processes to automatically kill processes created by security software.
Malwarebytes, the makers of the popular Anti-Malware application for Windows have created a program they call Chameleon for these situations that can install the security software in cases where the program is blocked from being installed or run on the system.
Start the Windows Help file once you have downloaded and unpacked Chameleon on an infected system. You may notice many common file names such as firefox.exe, iexplore.exe or rundll32.exe in the folder which all have the same size. All these files are disguised Malwarebytes Anti-Malware instances that you can try to run using the help file.
When you open the help file you will notice the Chameleon buttons which you should try one after the other until you notice a black DOS window appearing after an UAC prompt. If it does it means that Chameleon successfully launched. You need to press a key in that window to start the installation of Anti-Malware on the system.
You are then taken through the normal installation procedure of the program after which you can run a system scan to detect and remove malware running on the PC at that time.
Nice article. Thanks for the heads up on this interesting software.
Hmmmm, to defeat this all that’s needed then is for the bad guys to toss in something that’ll prevent chm files from opening??
While Chameleon is a noble effort, Malwarebytes needs to also adopt the strategy (like SurfRight and others) and create a builder for booting from USB or optical media. Probably something that could gain momentum in their paid-for Pro version.
. . . simply Put . . . I LOVE MBAM!!!
(Nothing really compares to it!)
I LOVED the free version it so much that I installed MBAM PRO.
Thanks for this wonderful article. Never know when we may need it.
BTW Popular Searches pane is cutting the article right upto DOS screenshot. Nothing worked. Couldn’t read but could make out. Chrome 24.
pretty sure it always came in M/B – I have copied the folder in the past to USB
for clients rogueware removal