Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious download


  • Please log in to reply
9 replies to this topic

#1 Cluless

Cluless

  • Members
  • 146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:03:02 AM

Posted 20 July 2009 - 10:49 PM

Hi Guys

Decided to download Malware anti Malware Bytes, but downloaded a similar named product in error. Malwaree.org/Anti-Malware. Listed as a sposored link. I did not run it, but am a little concerned I may have taken on a problem. Does anybody know this product and if so is it Kosher.

As always grateful of any assistance.

regards


Glyn D

BC AdBot (Login to Remove)

 


#2 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:02 PM

Posted 20 July 2009 - 11:44 PM

Malwaree.org/Anti-Malware


That does not look the appropriate address for the legit program. You can download Malwarebytes directly from the following link if you want to....

alternate download link 1
http://malwarebytes.gt500.org/mbam-setup.exe

or from MajorGeeks at this one....

http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html

or go to Malwarebytes.org for one of their download links.....

http://www.malwarebytes.org/mbam.php

#3 Cluless

Cluless
  • Topic Starter

  • Members
  • 146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:03:02 AM

Posted 21 July 2009 - 01:32 AM

Hi

ye I have already downloaded the correct product. I am worried that in downloading the alternative I have given myself peoblems.

regards

Clulessl

#4 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:02 PM

Posted 21 July 2009 - 01:48 AM

Had you run the first one you downloaded?

If not, you are probably ok but if your not, the real one should take care of it. If it doesn't then run SuperAntiSpyware from SuperAntiSpyware.com

Edited by Stang777, 21 July 2009 - 01:49 AM.


#5 Cluless

Cluless
  • Topic Starter

  • Members
  • 146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:03:02 AM

Posted 21 July 2009 - 02:00 AM

Hi Stang

Didnot run it. MAM has not found anything thanks for help.

regards

Cluless

#6 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:02 PM

Posted 21 July 2009 - 02:03 AM

You are welcome and I am glad you did not run it. It is listed as a rogue security application. Just make sure you no longer have the file on your system at all.

#7 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 PM

Posted 21 July 2009 - 10:22 AM

Listed as a sposored link.

Never, ever download a security program from a Google sponsored link. Rogue programs manipulate Google and other search engines to fool people into installing their product in place of the one with a good reputation that they are really looking for. This has been going on for a long time and began as I remember it, with Spybot and a little later with Ad-Aware. The Rogue/Suspect Anti-Spyware Products & Web Sites at Spywarewarrior was started in part because of the way Enigma set up several webpages and used other techniques so that searches for Spybot or Search & Destroy, along with other terms associated with Spybot S&D, would take you to pages where you think you are getting the freeware Spybot but were really downloading SpyHunter, which you had to pay for to remove anything.

These were the original type of rogues--security programs that did actually scan for threats but were agressively marketed and used various techniques, including outright fraud and near fraud, to sell their product--which was usually shoddy. SpyHunter, along with a few others, improved their product enough to get delisted at Spywarewarrior--altho I won't ever trust such companies.

This is in contrast to what is considered rogue today, which I call fraudware. Nowdays Fraudware will not even do a real scan--you are told you are infected without one. They are infections in and of themselves, hijacking your desktop, sometimes downloading other malware besides, and any scan is wholly a pretense--telling you you have infections that don't exist on your system, and not telling you of some that might actually exist.

What both rogues have in common is that their primary reason for existence is to make money, but I digress. The main point is to do as you have done--if you don't know where to find the home page of a legitimate program you want to download, come here and ask. Always download from the product's site, or established download sites such as download.com or softpedia--don't just Google it and go with sponsored links.

Stang777 is correct--if you saved the setup files of the rogue program to your hard drive (as opposed to installing it while online), then you are OK as long as you have not double-clicked to run the setup that starts the install routine. All you have to do to get rid of it is to delete the setup file.

The thing about people

is they change

when they walk away.--Mipso


#8 Cluless

Cluless
  • Topic Starter

  • Members
  • 146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:03:02 AM

Posted 21 July 2009 - 10:51 AM

Hi Papakid

I downoaded,
but was warned it did not have a recognized publisher when asked to run it. That set alarm bells ringing and I deleted. I have run AVG & and legit MAM and have not found anything. Is there any other checks I should make?

regards

Cluless

#9 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 PM

Posted 21 July 2009 - 11:01 AM

More scans won't hurt but I don't think it's necessary. Because you didn't allow the installation to take place and your other scans are clean. If it had installed without your permission you would probably know it anyway as it would probably hijack your desktop and so in some way would be popping up warnings of infections on your system that don't exist.

The thing about people

is they change

when they walk away.--Mipso


#10 Cluless

Cluless
  • Topic Starter

  • Members
  • 146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:03:02 AM

Posted 21 July 2009 - 11:14 AM

Many thaks to you both




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users