Malwarebytes – Manually Update Database/Definitions

KB ID 0000629

Problem

I was called to a 2003 Server yesterday, that was riddled with malware, whatever was on there was generating a lot of network traffic, so the first thing I did was disconnect it from the network.

That’s fine, but if I wanted to use my usual ‘weapon of choice’ Malwarebytes, how was I going to get the latest database installed?

Solution

WARNING: There is a note on the Malwarebytes website that discourages this procedure, as it breaks the incremental update mechanism of Malwarebytes. They recommend that you use this utility to do the job, and that it should be updated every week (though the page currently has December 2011 as the update date!) . In my case once the machine is clean, I’ll remove Malwarebytes and install Trend Worry Free on it anyway. Either way, I prefer to know for a fact I’m using the latest database.

1. Install and update Malwarebytes on a nice clean machine (In this case, my Windows 7 laptop).

2. Find out what version of Malwarebytes you are running (on the about tab).

3. Navigate to the following location, and take a copy of the rules.ref file, i.e. put a copy on a USB thumb drive.

Windows 7 / Vista / 2008 / 2008 R2

[box]C:ProgramDataMalwarebytesMalwarebytes’ Anti-Malware[/box]

Windows XP / 2000 / 2003 / 2003 R2

[box]C:Documents and SettingsAll UsersApplication DataMalwarebytesMalwarebytes’ Anti-Malware[/box]

4. If your version is 1.60 or newer you also need to take a copy of the database.conf file that’s in the same folder, but in the configuration folder.

5. Copy the file(s) to the corresponding folder(s) on the affected machine, and paste them over the copies that exist there.

6. Then launch Malwarebytes on the affected machine, and scan with the updated database.

 

Related Articles, References, Credits, or External Links

Spyware / Malware Rogue AV and Rogue Antispyware “Scareware”

Cannot Install Malwarebytes (Already Infected) – Deploy Chameleon

Cannot Install Malwarebytes (Already Infected) – Deploy Chameleon

KB ID 0000750 

Problem

If I’m working on a machine that I suspect is infected by Malware/Spyware then one of the first tools I reach for is Malware Bytes.

Spyware / Malware Rogue AV and Rogue Antispyware “Scareware”

As it’s one of the most popular repair tools, it’s not uncommon for the writers of these pieces of malicious code, to actively block the installation of Malwarebytes. So the publishers of Malwarebytes have come up with a solution called Chameleon.

Solution

1. Head over to the Malwarebytes download site > For Home > Other Tools.

2. Download Chameleon.

3. The files will come down in a zip file > Extract them > Locate the Chameleon.chm file and run it.

4. You can now attempt to install Malwarebytes by using the install options presented, start with the first and work your way down.

5. When running, a command window will open, and ask you to press any key > It will see if the software is installed, if not it will download and install it.

6. Then it will update the software with the latest definitions.

7. When complete the software will start and begin a scan.

 

Related Articles, References, Credits, or External Links

Malwarebytes – Manually Update Database/Definitions