Jump to content

Has Malwarebytes update been hijacked?


Recommended Posts

Last week, while updating definitions for Malwarebytes the server downloaded TWO files, not just the usual one. After downloading these "definitions" the program informed me a new version of Malwarebytes had been downloaded and I needed to click ok to install it. When I did, all Hell broke loose and I was visited by the "Security Protection" demon from Hell. This led to almost a week of trying to rid my computer of hugely unkind malware that disabled all my protections, then changed my keyboard to Dvorak among many other heretofore unseen inconveniences, and generally caused a ton of problems, not the least of which I'm sure was an overheating issue that led to a failed hard drive which led to an upgrading of hard drive and memory, which led to a re-install of Malwarebytes, which led to a needed updating of definitions which led to...you guessed it, the same scenario as before. This time, when prompted to install the new version of Malwarebytes I declined and was allowed to continue. Thereafter, however any time I click the Malwarebytes icon, the following window appears: See Attachment I decline and hope you'll answer me and tell me what to do.

Is this download and install genuine, or is it malware piggybacking on malwarebytes definition update download?

post-91935-0-69830400-1313870821.jpg

Link to post
Share on other sites

Hi, SylvaniaChris:

That looks like the legit dialog box one sees when the option is enabled to d/l and install program updates (see screen grab).

(The current version is 1.51.1.1800 and, as of this moment, the def database is 7521.)

Updating the program version DOES require a system restart.

I really doubt your recent infection was the result of an MBAM update hijack, assuming that you updated through the program and/or from a legit mirror site.

I suspect instead that it might have been a coincidence, or that you were already infected.

You might want to just start fresh with a clean install of MBAM, which will install the current program version (1.51.1.1800):

  • If you are using MBAM PRO, be sure to have your license ID and key handy first.
  • Download and run mbam-clean.exe from here.
  • It will ask to restart your computer, please allow it to do so (very important!).
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here.
    Note: You will need to reactivate the program using the license ID & key you were sent via email, if you are using the PRO version.
  • Launch MBAM and set the Protection and Registration. Then go to the UPDATE tab (if not done during installation) and check for updates.
  • Restart the computer again and verify that MBAM is in the task tray (if using the PRO version).
  • Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications, and then restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQs here, or ask and we'll explain how to do it.

OTOH, if you think for any reason that you might still be infected or have malware traces left on the system, then please post back and let us know, so that we can provide guidance on how to proceed (since we cannot work on malware issues here in the General forum).

I'm sure one of the MBAM staff or more technical folks will have some additional advice and/or correct me if I am wrong.

HTH,

daledoc1

post-29793-0-79328200-1313872288.png

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.