Jump to content

Is "Chameleon"svchosts.exe a valid MBAM Program File?


Recommended Posts

the file is located here:

C;\program files\malwarebytes anti-malware (chameleon ) svchost.exe.

For 1st time ever SAS found & tagged it as a "trojan dropper/svchost fake".

I suspect it's a false positive so didn't quarantine it.

In other posts here I saw the chameleon seemingly listed as part of MBAM.

Thanks! Sandy

P.S. I'm posting this on an XP laptop w/ Firefox. I previously tried to post w/ my old Sea Monkey 1.x

and COULD sign in & enter "topic title" line but could not enter /type into the main post (no cursor showed, the main post box just moved up or down). So could not post at all!! Aaargh!

.

Link to post
Share on other sites

  • Root Admin

The following files are valid files in the Chameleon folder.

C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon

  • chameleon.chm
  • firefox.com
  • firefox.exe
  • firefox.pif
  • firefox.scr
  • iexplore.exe
  • mbam-chameleon.com
  • mbam-chameleon.exe
  • mbam-chameleon.pif
  • mbam-chameleon.scr
  • mbam-killer.exe
  • rundll32.exe
  • svchost.exe
  • winlogon.exe

Basically all of the files are the same file only named differently in order to hopefully allow it to bypass certain malware infection that try to prevent Malwarebytes or other security programs from running.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.