BleepingComputer.com: Suspicious download

Hi Guys

Decided to download Malware anti Malware Bytes, but downloaded a similar named product in error. Malwaree.org/Anti-Malware. Listed as a sposored link. I did not run it, but am a little concerned I may have taken on a problem. Does anybody know this product and if so is it Kosher.

As always grateful of any assistance.

regards


Glyn D

Quote

That does not look the appropriate address for the legit program. You can download Malwarebytes directly from the following link if you want to....

alternate download link 1
http://malwarebytes.gt500.org/mbam-setup.exe

or from MajorGeeks at this one....

http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html

or go to Malwarebytes.org for one of their download links.....

http://www.malwarebytes.org/mbam.php

Hi

ye I have already downloaded the correct product. I am worried that in downloading the alternative I have given myself peoblems.

regards

Clulessl

Had you run the first one you downloaded?

If not, you are probably ok but if your not, the real one should take care of it. If it doesn't then run SuperAntiSpyware from SuperAntiSpyware.com

Hi Stang

Didnot run it. MAM has not found anything thanks for help.

regards

Cluless

You are welcome and I am glad you did not run it. It is listed as a rogue security application. Just make sure you no longer have the file on your system at all.

Cluless, on Jul 20 2009, 10:49 PM, said:

Never, ever download a security program from a Google sponsored link. Rogue programs manipulate Google and other search engines to fool people into installing their product in place of the one with a good reputation that they are really looking for. This has been going on for a long time and began as I remember it, with Spybot and a little later with Ad-Aware. The Rogue/Suspect Anti-Spyware Products & Web Sites at Spywarewarrior was started in part because of the way Enigma set up several webpages and used other techniques so that searches for Spybot or Search & Destroy, along with other terms associated with Spybot S&D, would take you to pages where you think you are getting the freeware Spybot but were really downloading SpyHunter, which you had to pay for to remove anything.

These were the original type of rogues--security programs that did actually scan for threats but were agressively marketed and used various techniques, including outright fraud and near fraud, to sell their product--which was usually shoddy. SpyHunter, along with a few others, improved their product enough to get delisted at Spywarewarrior--altho I won't ever trust such companies.

This is in contrast to what is considered rogue today, which I call fraudware. Nowdays Fraudware will not even do a real scan--you are told you are infected without one. They are infections in and of themselves, hijacking your desktop, sometimes downloading other malware besides, and any scan is wholly a pretense--telling you you have infections that don't exist on your system, and not telling you of some that might actually exist.

What both rogues have in common is that their primary reason for existence is to make money, but I digress. The main point is to do as you have done--if you don't know where to find the home page of a legitimate program you want to download, come here and ask. Always download from the product's site, or established download sites such as download.com or softpedia--don't just Google it and go with sponsored links.

Stang777 is correct--if you saved the setup files of the rogue program to your hard drive (as opposed to installing it while online), then you are OK as long as you have not double-clicked to run the setup that starts the install routine. All you have to do to get rid of it is to delete the setup file.

Hi Papakid

I downoaded,
but was warned it did not have a recognized publisher when asked to run it. That set alarm bells ringing and I deleted. I have run AVG & and legit MAM and have not found anything. Is there any other checks I should make?

regards

Cluless

More scans won't hurt but I don't think it's necessary. Because you didn't allow the installation to take place and your other scans are clean. If it had installed without your permission you would probably know it anyway as it would probably hijack your desktop and so in some way would be popping up warnings of infections on your system that don't exist.

Many thaks to you both