Jump to content

Where is the Definition Location or file


Barinder

Recommended Posts

@AndrewPP   Hi Andrew, Thanks for the reply. I have already brought Malwarebytes Protection agent. I am working on RMM tool Connectwise Automate. So i need to configure virus scan in dashboard. i have attached the screenShot which in need to know. There is setting of Webroot SecureAnywhere 32bit in Screenshot. Same as webroot i have to do configure virus scan for Malwarebytes protection agent ( Program Location, Definition Location, Update command. AP Process name)

image.png.692e9e761435fa2ed8d010ca92160ff3.png

Hope you will be undersand

Link to post
Share on other sites

If that app requires that scanners use a single static defs file then Malwarebytes is incompatible as it actually uses several separate databases for various components in the engine and various categories of threats/PUPs/PUMs/rootkits etc.  It hasn't used a single comprehensive database file since the Malwarebytes 1.x consumer version days several years ago (back then it was called rules.ref), but since then the entire engine and program has been rewritten from the ground up to use a much more modular structure, including multiple databases for the various modules and purposes I mentioned.

Link to post
Share on other sites

Unfortunately no, there is no single database file for Malwarebytes.  It, much like most modern AVs, now uses multiple database files.  I don't know offhand what names they go under now as I didn't keep up with all of the changes after version 2.x, but I suspect they are all located somewhere under Malwarebytes ProgramData folder as that is where it stores most of its data and configuration files.

Link to post
Share on other sites

Rules definitions are under C:\ProgramData\Malwarebytes\MBAMService\*.mbdb
They are encrypted and protected, you cannot hand edit/change them. They self-update on a timer.
If you are using the Endpoint Protection product, the update schedule is defaulted  to 1 hour.
You just need to configure by Cloud Management, then deploy as MSI using ConnectWise

Perhaps you need to state your concern, as here, you are creating a solution to something which may not be a problem?

Link to post
Share on other sites

@AndrewPPActually , I am working one RMM tool Connectwise Automate. We need to to have add virus scan entry of malware bytes in dashboard .  We are monitoring the machine on which have no antivirus. The problem is that machines are coming in antivirus missing monitor although malware-bytes installed on them. Except this all antivirus entry already made in deshboard. only malwarebytes remaining. You can see the pic , i have attached recently . So i need to know the locations.

 

 

Thanks

Link to post
Share on other sites

Guys, they are using Connectwise, aka Labtech, this is a Malwarebytes partner who's integration deploys and manages MBAM 1.x, MBAE 1.x and ARW 0.9 standalone.

 

Barinder, I'm not exactly sure what you are trying to do, MBAM already integrates with Control Center and this information should already be in the dashboard. Is this some sort of alternate reporting thing? 

Link to post
Share on other sites

To follow up on this a bit more, for what you are asking go to C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware, use the text files called "version.check" and "rules.new.yaml", they have version info within them you will need to parse. The actual signature files, rules.new and rules.ref, are encrypted and you will get nothing out of them except a date stamp. These files cannot be swapped around, the program itself needs to read and apply them.

Link to post
Share on other sites

  • 7 months later...
  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.