Jump to content

Must verify URL of M~bytes tool: I have re-directer malware


Recommended Posts

I have a malicious entity on my computer which secretly re-directs attempts to go to certain security-related web sites, including the update servers of my various anti-malware software programs. Therefore, I have to be very careful when I click on links within webpages. Before I eventually re-install

Windows 7 (I have Internet Explorer 9), I have to use my computer.

I want to download CHAMELEON via Malwarebytes.org > Tools. When I HOVER THE POINTER over the download button, I see the webpg called

" http://downloads.malwarebytes.org/file/chameleon ". But when I RIGHT-CLICK on the button and choose OPEN IN NEW TAB, the tab's URL line

says " http://data-cdn.mbamupdates.com/v1/tools/chameleon/data/mbam-chameleon-1.61.0.1400.zip ", and a gray dialog box called "Windows Internet Explorer" says "Do you want to dwnld "mbam-Chameleon-1.61.0.1400.zip" ?". The "data-cdn" part of this web address is similar to what I have seen when certain other software web addresses have been re-directed. Could you please consult someone at Malwarebytes corporation who has access to its list of web addresses.

Something similar occurs with MBAM-CLEANER.EXE. Although there is no problem with the link word found in Forum/General/Possible Updating Issues, the aforementioned discrepancy was seen in the article called "Use mbam-clean.exe to completely remove Malwarebytes". (I read this article on July 4, 2012, but I have not been able to find it again since then). When I HOVERED THE POINTER on the link word in the article, I saw http://downloads.malwarebytes.org/file/mbam_clean. But clicking on the link word did not produce a new URL or a new tab. Instead, the Internet Explorer 9 yellow box appeared at the bottom of the webpage and said "Do you want to download ... from "cdn-data ..." (I did not write down the full address).

Thank-you very much.

Link to post
Share on other sites

Addendum to my Post:

I just found the article that I had alluded to re. MBAM-CLEANER.EXE, namely "Use mbam-clean.exe to completely remove Malwarebytes". Its URL is http://helpdesk.malwarebytes.org/entries/20818461-use-mbam-clean-exe-to-completely-remove-malwarebytes . I found it by using the Malwarebytes search engine in the Knowledgebase section for the search term mbam-cleaner. The article states a day & month of posting, but not the year.

HOVERING THE POINTER shows {http://downloads.malwarebytes.org/file/mbam_clean}. RT-CLICK/OPEN NEW TAB does not open a new tab. Rather, an I.E.9 yellow box says "data-cdn.mbamupdates.com".

Link to post
Share on other sites

Hello and welcome to MBAM, maudit: :)

Sorry to hear you are infected.

Some of today's infections are really nasty and severely damage the computer and its functionality.

We cannot work on malware-related issues in this particular sub-section of the forum.

So please read below to obtain one-on-one expert assistance with cleaning your system.

IMPORTANT: Please do NOT use any temporary file cleaners unless instructed to do so - they can cause data loss, making it hard to recover your system.

There are some excellent, self-help tutorials on getting MBAM to run on an infected system in the FAQ: HERE.

This includes several, excellent tutorials on the correct method to implement the MBAM Chameleon. :)

IF YOU PREFER EXPERT ASSISTANCE WITH MALWARE REMOVAL, PLEASE CHOOSE ONE OF THE FOLLOWING 3 OPTIONS:

OPTION 1: Free, one-on-one, expert assistance in the Malware Removal Forum.

OPTION 2: For licensed users of MBAM PRO, free, one-on-one, expert assistance from the MBAM support helpdesk.

OPTION 3: Fee-based, one-on-one, expert assistance from Premium Support.

OPTION 1:

  • Please print out, read and carefully follow the instructions in the "I'm Infected - What Do I Do Now?" article.
  • --->>If the infection has so crippled the computer that you cannot complete some or all of the steps, then just do the best you can and start a new topic as described below.

  • Then please start a new post in the Malware Removal Forum.
  • When starting your new post, please note the following:
  • Please do NOT post in a topic started by someone else, even if their problem sounds similar.
  • Please COPY/PASTE the requested logs directly into your post, rather than attaching them.
  • Under options, please be sure to select "track this topic" and "immediate email notification", so you'll know when a helper responds.

  • Please be patient - it may be 48 hours or more before a helper can assist you, especially when the forum is very busy.
  • Please do NOT "bump" your topic or reply back to it for at least 48 hours.
  • Doing so may cause your topic to be overlooked, as it will appear that you are already being helped.

OPTION 2:

If you are a paid user of MBAM PRO and would like support via the helpdesk, please contact them here.

OPTION 3:

If you prefer the Malwarebytes Premium Services (comprehensive solutions to all your computer support needs – from installation and set-up to troubleshooting and tune-ups), please go to the Premium Support site here.

Please be patient – someone will assist you as soon as possible.

Thank you very much,

daledoc1

PS Please use the "Reply to this Topic" or "More Reply Options" buttons (instead of the “Quote” and “MultiQuote” buttons) when replying here & at the other forums. That will make your topic easier to follow. :)

Link to post
Share on other sites

  • Staff

Addendum to my Post:

I just found the article that I had alluded to re. MBAM-CLEANER.EXE, namely "Use mbam-clean.exe to completely remove Malwarebytes". Its URL is http://helpdesk.malwarebytes.org/entries/20818461-use-mbam-clean-exe-to-completely-remove-malwarebytes . I found it by using the Malwarebytes search engine in the Knowledgebase section for the search term mbam-cleaner. The article states a day & month of posting, but not the year.

HOVERING THE POINTER shows {http://downloads.malwarebytes.org/file/mbam_clean}. RT-CLICK/OPEN NEW TAB does not open a new tab. Rather, an I.E.9 yellow box says "data-cdn.mbamupdates.com".

That is correct. The URL redirects to our CDN to download the latest available version of our tool.

I also recommend that you follow daledoc1's recommendations of seeking expert assistance to get your system cleared of infection. It sounds like you have quite a nasty rootkit and it is doubtful that mbam-clean/reinstall is going to correct the problems you're seeing.

Link to post
Share on other sites

Monday, July 16, Canada, 18:44 Eastern daylight Time

Message to Exile 360 and Advanced Setup: Thank you very, very much for explicitly answering my post's question. My concerns allayed, I proceeded to download mbam-clean.exe and Chameleon without incident. Thank-you for also reminding of the "big picture" which daledoc1 had been concerned about.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.