Jump to content

Recommended Posts

Hi - you may laugh, but I have a machine that is still running Windows XP SP2, and the OS must not be touched (long story to do with tool certification).

I found mb3-setup-legacywos-3.5.1.2522-1.0.365-1.0.5292.exe, many thanks for making that available, but it requires SP3. So at present the only version of Malwarebytes that I can run is mbam-setup-2.1.6.1022.exe, from mid-2015.

So my question is: please could you provide a link to download whatever was the latest version of mbam / mb3 that worked on XP SP2?

Just hoping.

Thanks.

Share this post


Link to post
Share on other sites

If you are going to run Windows XP, there is no reason not to update the OS to Service Pack 3.

Share this post


Link to post
Share on other sites

I'm guessing there's some form of proprietary hardware and/or software being used with the machine that requires a specific OS and service pack level which prohibits installing any major updates/making any significant changes (such as installing SP3).  Unfortunately I don't know what the last version to support SP2 was, however the older a version is, the worse protection and detection capabilities it will provide so I really wouldn't advise relying on it to protect your devices or even to detect most modern threats and/or PUPs as the vast majority of signatures currently in use, including those which are included in the databases/signatures that would be downloaded by any older build like 2.x etc., would be exclusively version 3.x compatible as the scan and protection engines have been designed to disregard/skip (i.e. not use in any way) any threat signatures that use new/unknown syntax which has been added to later engine versions to avoid bugs and false positives (since the older builds would not know how to properly interpret them and therefore the behavior would be unpredictable if it tried to use a new type of syntax/signature that it did not recognize/wasn't coded for).  This is because as new detection methods/syntax are developed, the Researchers start using those more frequently than the older methods as they tend to be more powerful, more efficient and better at covering a greater number of threats (through the use of heuristics, which is what makes up most of the signatures used in Malwarebytes; very few are static/hash type signatures as most other more traditional AV/AM applications might use).

Obviously it's still better than nothing, but it is definitely less than ideal so I'd strongly advise only using it as a second opinion/auxiliary tool if at all possible, especially on an older OS like XP SP2.

That said, assuming it is compatible, the Anti-Exploit component could be very useful in helping to mitigate the risks inherent in using such an outdated operating system, however I do not know if there ever was a version of Malwarebytes with the Anti-Exploit component that worked with SP2 or if the standalone version of Malwarebytes Anti-Exploit ever supported SP2 but you can check in the standalone Malwarebytes Anti-Exploit Beta forums located here and a member of the team should respond to let you know.

Share this post


Link to post
Share on other sites

Thanks all for comments. So far, no answer to my (more in hope than expectation) request for "a link to download whatever was the latest version of mbam / mb3 that worked on XP SP2".

As to why not just move to SP3: exile360 is spot-on, "proprietary hardware and/or software being used with the machine that requires a specific OS and service pack level which prohibits installing any major updates/making any significant changes (such as installing SP3)".

So, I'm running two threads in parallel: (a) talking to the powers that be about the costs/risks/timescales for moving to SP3 and recertifying the toolset, whilst also (b) asking Malwarebytes folks for acess to an obsoleted version. If the answer to (b) is "get lost", or we time out, then (a) becomes the only viable option. But (b) buys me time.

Share this post


Link to post
Share on other sites

If this system is connected to the Internet and would require MBAM, please - disconnect it.

 

Share this post


Link to post
Share on other sites

I don't know specifically what the last version of Malwarebytes to support SP2 is/was so at the moment all I can do is suggest that you try each one, starting with the most recent and work your way back one by one as far as you can until you (hopefully) find one that works.  Obviously you know where to get the latest, and the legacy version for XP/Vista can be found here and beyond that, you can find the final 2.x version on MajorGeeks and there are several older 3.x builds available on FileHippo, but beyond that I don't know of too many trusted sources that archive older builds (there are a few FileHippo clone sites out there that I've come across but I can't speak to their legitimacy/safety so I really can't recommend them even if they do have any additional builds, but if you have no other option, you should always be able to check any legit Malwarebytes installer to at least verify the file contents using InnoUnp which is an extractor tool for Inno Setup installer files which is the format used for all official Malwarebytes builds and it's also included in tools like UniExtract).

Share this post


Link to post
Share on other sites

Thanks exile360, I will look at MajorGeeks and (if I get anywhere) report back so that this thread comes to a conclusion. And thanks David Lipman, but never fear, this is very definitely a standalone system!

Share this post


Link to post
Share on other sites

I have a quick update with news.  A member of Support just posted this link to the last version of Malwarebytes to support XP SP2 in another thread so that's the version you should install.

Just keep in mind that the other info we gave you still applies; there are a LARGE number of threats it will not be capable of detecting due to all of the more modern signatures in use by the Malwarebytes Research team as they generally tend to abandon older/less efficient/less effective detection methods once provided with newer/better optimized/more advanced tools for detecting and killing malware, but obviously it will still be much better than nothing at all.

Share this post


Link to post
Share on other sites

Ah, the power of synchronicity :-)

So exile360's link https://malwarebytes.box.com/s/4usptr0ghcqoer1z07o1br2yk9g2cbtd

and MajorGeeks https://www.majorgeeks.com/mg/getmirror/malwarebytes_anti_malware_2,1.html

both point to mbam-setup-2.2.1.1043.exe, both copies are binary-identical and I find an MD5 of 52F4695C53B02ADA7D648F95F2E2F8B4.

It runs on my crusty old XP SP2 machine, great, and even greater, it gives me a green light. So that's sufficient confidence to continue using this machine for its purpose while I discuss upgrade options with the toolset vendor.

Thanks everyone, this has been a great forum, and from my pov at least, the thread can close.
 

Share this post


Link to post
Share on other sites
Posted (edited)

It may run but, will have a reduced efficacy as many signature and heuristics are v3.x dependent.

Installing v2.x will give you a false sense of security.

 

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar

Share this post


Link to post
Share on other sites
24 minutes ago, Amaroq_Starwind said:

Actually, @UltraDyne maybe you can give WehnTrust a try.

It doesn't appear to include anything not already provided by the Exploit Protection component in Malwarebytes.  In fact, it appears far more limited only providing ASLR and buffer overflow protection.  Malwarebytes provides those protections and a whole lot more.

Share this post


Link to post
Share on other sites
Posted (edited)
8 hours ago, Amaroq_Starwind said:

Actually, @UltraDyne maybe you can give WehnTrust a try. Also, if the latest version of Firefox or Tor Browser still runs on Windows XP, then you can also use the Malwarebytes browser extension.

A PC running an old unsupported OS that is a "standalone system!" where "...proprietary hardware and/or software being used with the machine that requires a specific OS and service pack level which prohibits installing any major updates/making any significant changes (such as installing SP3) " as indicated by the OP should not even be used for Internet Browsing. Tor is used for privacy, not INFOSEC/COMSEC.  When such a platform is not used in such a fashion, it becomes an Appliance and the role it takes in its environment precludes such activity.  However such a PC is still vulnerable to Internet Worms and TCP/IP exploitation, the Insider Threat and other activities that are heightened by the age of the OS and the lack of manufacturer support in an aggressive hacktivisim and exploit environment that we face Today.

Such an Appliance needs isolation and protection.  For example, if it must be connected to the LAN then maybe there should be an external Firewall and/or Proxy node placed between the platform and and the LAN.  Blocking all but the required communication the Appliance is used for.

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.