Jump to content

Recommended Posts

I know it is an old version but for my purposes on a XP virtual machine and a Win7 system with limited speed/memory Malwarebytes v1.75.0.1300 is ideal. The definitions have updated without issue until now.

As a result of a mistake I had to use System Restore yesterday. As in normal when done everything works OK but the Malwarebytes definitions database always reports it is either missing or corrupt so I click to download and install the latest version. That normally goes without a hitch but  this time is seemed to hang momentarily, not connecting to the server and not downloading anything and I then get the message that I have the most recent version.

I check and the Update page shows there are no definitions installed. Retrying just brings the same result. Checking in ProgramData > Malwarebytes > Malwarebytes AntiMalware the is no "rules.ref" file at all.

Using System Restore again to go to another earlier point produced the same problem as did a thorough uninstall (Revo) of Malwarebytes v1.75.0.1300 and reinstall.

I found an old manual definitions archived update .exe from 2014 and tried that and no problems - it installed, create a rules.ref file and worked fine apart from the fact every time I launched Malwarebytes it warned me the definitions database was outdated by over 2000 days.

This is was the then current (7th August 2020) definitions update on another Win7 PC and would have been the one that was deleted during the System Restore process from the other machine.

Whatever the case the definitions updated, as normal,  perfectly on that date and the next day when I updated the XP VM.

I suppose it could still be the Malwarebytes installation on the other machine but I've checked and unusually if I try to update the definitions on this PC I'm being given the same message that I have the latest version. The XP VM one too.

That's very unusual as there is usually at least one new version update a day and its been six days since the last one.

An explanation/help appreciated. 

 

1452797857_LastMalwarebytesDefinitionsSuccessfulUpdate.png.2532dc6f16483f344db7aee094ea6fde.png

Link to post
Share on other sites

  • Staff

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes for Windows Help forum.

If you are having technical issues with our Windows product, please do the following:

Malwarebytes Support Tool - Advanced Options

This feature is designed for the following reasons:

  • For use when you are on the forums and need to provide logs for assistance
  • For use when you don't need or want to create a ticket with Malwarebytes
  • For use when you want to perform local troubleshooting on your own

How to use the Advanced Options:

Spoiler
  1. Download Malwarebytes Support Tool
  2. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  3. Place a checkmark next to Accept License Agreement and click Next
  4. Navigate to the Advanced tab
  5. The Advanced menu page contains four categories:
    • Gather Logs: Collects troubleshooting information from the computer. As part of this process, Farbar Recovery Scan Tool (FRST) is run to perform a complete diagnosis. The information is saved to a file on the Desktop named mbst-grab-results.zip and can be added as an email attachment or uploaded to a forum post to assist with troubleshooting the issue at hand.
    • Clean: Performs an automated uninstallation of all Malwarebytes products installed to the computer and prompts to install the latest version of Malwarebytes for Windows afterwards. The Premium license key is backed up and reinstated. All user configurations and other data are removed. This process requires a reboot.
    •  Repair System: Includes various system-related repairs in case a Windows service is not functioning correctly that Malwarebytes for Windows is dependent on. It is not recommended to use any Repair System options unless instructed by a Malwarebytes Support agent.
    • Anonymously help the community by providing usage and threat statistics: Unchecking this option will prevent Malwarebytes Support Tool from sending anonymous telemetry data on usage of the program.
  6. To provide logs for review click the Gather Logs button
  7. Upon completion, click OK
  8. A file named mbst-grab-results.zip will be saved to your Desktop
  9. Please attach the file in your next reply.
  10. To uninstall all Malwarebytes Products, click the Clean button.
  11. Click the Yes button to proceed. 
  12. Save all your work and click OK when you are ready to reboot.
  13. After the reboot, you will have the option to re-install the latest version of Malwarebytes for Windows.
  14. Select Yes to install Malwarebytes.
  15. Malwarebytes for Windows will open once the installation completes successfully.

Screenshots:

Spoiler
 
 
 
 
Spoiler

 

 

01.png

02.png

03.png

04.png

05.png

06.png

 

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help

If you need help looking up your license details, please head here: Find my premium license key

 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

Link to post
Share on other sites

In addition to the instructions from gonzo above, I would also mention that, while you may still receive database updates, please keep in mind that the vast majority of threat signatures in the latest databases are actually incompatible with such an old release of Malwarebytes, so when using version 1.75 it will not be able to detect most of the threats that would normally be detected by the latest version of Malwarebytes using the same threat signatures/databases.  This is because Malwarebytes is written to ignore threat signatures in the database that it does not understand (this is to prevent false positives, as otherwise the newer signatures would likely cause the older version to malfunction) and over time, as newer and more efficient heuristics and threat signature syntax are developed to better target more threats, the Research team tends to rely on and adapt existing threat signatures to use the enhancements and newer capabilities provided by these newer signature types.  This will drastically impact the overall effectiveness of older versions like 1.75.

  • Like 1
Link to post
Share on other sites

I do not rely on Malwarebytes and treat it like an adjunct to my security software, scanning downloads and doing weekly scans just to check that nothing untoward has sneaked onto my system. When I tried updating to a more recent version on the PCs in question I found that just scanning manually an individual download took three times as long rendering it pretty much redundant for quick check purposes. I think I posted here about that at the time.

The fact is I've had no trouble downloading the definitions updates until this week, I'm guessing 9th August or around that date. Whatever the problem it appears to be across both the two Win 7 (64bit) PCs concerned and XP (32bit) VM running on one of them. They're all reporting that I have the latest definitions despite the fact one is showing it was updated on 07.08.20, the other two 08.08.20 and I have not been able to update them manually since.

Two PCs plus a VM not able to download/install up to date definitions - that's too much of a coincidence.

Consequently I have one PC with no Malwarebytes definitions at all rendering it useless and the other two with almost week old definitions.

That can't be right and my concern is that Malwarebytes has done something without warning to make the definition updates incompatible with the older version I'm using. I'm hoping it is not that but it would really help to know. Instead I'm possibly wasting my time looking for other causes and/or a fix when there is none.        

Link to post
Share on other sites

They have made no such change as far as I am aware, however I have seen several users over the past month or so reporting that they couldn't update, they all had the same internet provider, and switching their DNS settings allowed them to active/update in 100% of the cases, which indicates to me that for whatever reason, Malwarebytes is having trouble reaching its servers through that particular ISP.  The ISP is Xfinity/Comcast, however not everyone with this ISP has been having issues, so it is possibly an issue specific to a particular region and/or server belonging to Xfinity/Comcast.  If you don't have Xfinity or Comcast as your ISP, then please disregard, however it is still worth seeing if setting an alternate DNS allows the program to update on your systems.

Instructions on setting up Google DNS can be found in this article, or you may try OpenDNS instead, with instructions for setting it up located in this article.  Please try setting the alternate DNS on one of the systems affected, then reboot and see if it is then able to update and please let us know if it works or not.

Thanks

Link to post
Share on other sites

29 minutes ago, ColdlyIndifferent said:

I found that just scanning manually an individual download took three times as long rendering it pretty much redundant for quick check purposes.

Because the newer versions have a cloud component.

Also depending on what you downloaded and scan it may be a waste of time anyway. Also might be giving you a false sense of security.

Quote

Malwarebytes does not target script files during a scan.. That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

 

 

Edited by Porthos
Link to post
Share on other sites

14 minutes ago, exile360 said:

They have made no such change as far as I am aware, however I have seen several users over the past month or so reporting that they couldn't update, they all had the same internet provider, and switching their DNS settings allowed them to active/update in 100% of the cases, which indicates to me that for whatever reason, Malwarebytes is having trouble reaching its servers through that particular ISP.  The ISP is Xfinity/Comcast, however not everyone with this ISP has been having issues, so it is possibly an issue specific to a particular region and/or server belonging to Xfinity/Comcast.  If you don't have Xfinity or Comcast as your ISP, then please disregard, however it is still worth seeing if setting an alternate DNS allows the program to update on your systems.

Instructions on setting up Google DNS can be found in this article, or you may try OpenDNS instead, with instructions for setting it up located in this article.  Please try setting the alternate DNS on one of the systems affected, then reboot and see if it is then able to update and please let us know if it works or not.

Thanks

I tried the full Windows 7 resetting the DNS cache thing:-

Windows 7

    Click Start > All Programs > Accessories.
    Right-click Command Prompt and choose Run as administrator.
    When asked whether to allow Command Prompt to make changes to your computer, select Yes.

    Note: If you are asked for an administrative login, you will need to contact your system administrator.
    Type "ipconfig /flushdns" and press Enter.
    Type "ipconfig /registerdns" and press Enter.
    Type "ipconfig /release" and press Enter.
    Type "ipconfig /renew" and press Enter.
    Type "netsh winsock reset" and press Enter.
   

Restart the computer.

Did all that and.........................same problem. 🙁

I'll try an alternative DNS later. I'm not with Xfinity or Comcast.

Link to post
Share on other sites

No, no VPN or Proxy.

I've not tried changing the DNS yet but what I have managed to do is copy in the most the last definitions update from the other PC so at least I have a working MB installation.

When I tried just copying over the rules.ref file it didn't work, I had the missing/corruption message but I thought I'd try simply replacing all the MB's folder content ie. Program Files (x86), Program Data and User AppData. Everything but the Windows Explorer DLL (in use) copied fine. I thought that was unlikely to be  problem and it wasn't.

On reboot MB was showing the replacement definitions update and most importantly it works fine. In fact I've done a full scan just to be certain that this problem is as a result of some malware interfering with the update. It would appear everything in that respect is OK but it is still reporting that I have the latest definitions when I try to use the manual update.

Link to post
Share on other sites

Just changed the DNS (to Google) and.....................................it worked.

But what does this mean? I'm using my ISPs default DNS and have been for a decade without any problems until now. Why would it be blocking one particular thing and Malwarebytes definition updates in particular?

I've done a whole load of updating as I do at the end of every week without a similar problem for any of them.

Anyway big thanks to those here for their help and exile360 in particular. I would never have thought to check if this was a DNS issue myself.

Link to post
Share on other sites

I have no idea why it's blocked, however it could be for any number of reasons.  Here are a few (hypothetical) examples just off the top of my head:

  1. Your ISP has a node/routing server which would normally route to the sites/servers (the backbone of the internet for routing) that is failing to connect or timing out (taking too long, possibly because the server is bogged down/damaged/corrupt/infected/overloaded etc.) or due to some configuration issue
  2. There is a problem with the caching/repeating for connections to Malwarebytes' servers which results in the connection being lost or giving back bad data (i.e. packet corruption/dropped packets etc.)
  3. Your ISP does some kind of filtering/blocking on their end and has misidentified Malwarebytes' update servers as one of the sites/servers they should be blocking (for example, if your ISP does any filtering for torrenting applications/peer-to-peer applications) or they are trying to block malicious sites/content and have misidentified Malwarebytes' update servers as malicious content/traffic (not impossible considering pretty much all of Malwarebytes' servers have the term 'malware' in their domain names/URLs, so if they're using some kind of keyword blocking system, a false positive could easily occur).

Those are just a few common potential issues.  I would suggest perhaps having one of our more adept diagnosticians take a look to completely rule out anything on your system as the cause, and if the issue still persists you should contact your ISP's technical support to have them check the issue on their end (they can trace the connection and see where it is getting blocked or dropping/failing etc.).

To get the system analyzed, please follow the instructions in this topic then create a new topic in our malware removal area by clicking here I will request @AdvancedSetup to take a look.  He's one of our foremost experts on both malware removal as well as networking issues and Windows in general, so if there is a problem on your system causing it he will be very likely to find and fix it.

Edited by exile360
Link to post
Share on other sites

I've already posted about this matter on the ISP's forum - their preferred way of initial contact and as I've found out the quickest way of getting a response. Not heard back from them yet and probably will not for several days.

My suspicion is your third suggestion - it would be 'in character' for my ISP.

I really doubt a system issue my end. The fact that it has affected two PCs which, whilst they share the same router, are not networked and have never even been on at the same time specifically to reduce the likelihood of cross contamination. I've done full system AV, Rootkit, MW, ADW scans on both with nothing untoward being reported.

The definitions are up to date now and as said Malwarebytes is not my primary security program its really only used as an extra safety net, for which it is ideal. 

What I didn't mention is the fact my DNS settings were on automatic (always have been until now) and the two primary DNS (CLOUDFLARE.NET, US), presumably my ISP's preferred ones, have some sort of reported problem status when I checked using a DNS viewer/benchmark program: "DNS enquiries are not being consistently answered". They're the only two working ones available with such a status report.

Not sure if that is significant or not in regard to this particular matter.     

Link to post
Share on other sites

Ah, I be that's it.  If the default servers they're routing you to for DNS queries are unstable/dropping packets, that could easily break Malwarebytes' ability to update since it's a secured connection requiring that everything it download be hash and signature verified (like most security apps these days).  Hopefully they'll track the issue down and get it fixed.  It may be taking a while because their technicians are diagnosing/troubleshooting the servers and the routing to them to locate the problem, at least I hope so.

Who is your ISP, if you don't mind me asking?  I'd like to know in case any others show up with similar issues as it may turn out they are using the same one.

Link to post
Share on other sites

  • 2 years later...
On 8/13/2020 at 9:53 AM, exile360 said:

In addition to the instructions from gonzo above, I would also mention that, while you may still receive database updates, please keep in mind that the vast majority of threat signatures in the latest databases are actually incompatible with such an old release of Malwarebytes, so when using version 1.75 it will not be able to detect most of the threats that would normally be detected by the latest version of Malwarebytes using the same threat signatures/databases.  This is because Malwarebytes is written to ignore threat signatures in the database that it does not understand (this is to prevent false positives, as otherwise the newer signatures would likely cause the older version to malfunction) and over time, as newer and more efficient heuristics and threat signature syntax are developed to better target more threats, the Research team tends to rely on and adapt existing threat signatures to use the enhancements and newer capabilities provided by these newer signature types.  This will drastically impact the overall effectiveness of older versions like 1.75.

My apologies for resurrecting this old topic, but I am NOT posting to seek personal assistance. (If I needed help, I would certainly start my own topic.)

A couple of Windows XP diehards at the MSFN forum (their last stronghold) have recently reported that Malwarebytes 1.75 (now 10 years old) is still able to download definition updates in July 2023, and have posted some rather convincing screenshots:

 

https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/?do=findComment&comment=1248964

 

I have quoted exile360’s August 13, 2020 post above because I tend to agree with his opinion that current definitions cannot be expected to work effectively with a 10-year-old version of Malwarebytes, however I am not an expert on that myself.

Edited by AdvancedSetup
Disabled hyperlink
Link to post
Share on other sites

10 hours ago, Abzyx said:

however I am not an expert on that myself.

That is clear to see. But being snide and mocking fans of good operating systems, which aren't littered with junk, always works, doesn't it? 🤔 And, I am always pleased to see how kindly people like you judge others who do not want want to use the modern crap. 👎

Link to post
Share on other sites

11 hours ago, Abzyx said:

however I am not an expert on that myself.

That is clear to see. But being snide and mocking fans of good operating systems, which aren't littered with junk, always works, doesn't it? 🤔 And, I am always pleased to see how kindly people like you judge others who do not want to use the modern crap. 👎

PS: Post above can be deleted. Due to the fact that editing posts is impossible in this forum I had to correct my previous post this way.

Link to post
Share on other sites

1 hour ago, AstroSkipper said:

That is clear to see. But being snide and mocking fans of good operating systems, which aren't littered with junk, always works, doesn't it? 🤔 And, I am always pleased to see how kindly people like you judge others who do not want to use the modern crap. 👎

I presume you are the same AstroSkipper whose MSFN post I linked to above. If Windows XP users do not like the term “diehards,” then I offer my apologies. I obviously thought your efforts were noteworthy enough to mention in this topic. Peace! 🙂

Link to post
Share on other sites

:OT
Why does not exist an editing function for posts in this forum?
:End of OT
Another correction, previous post can be deleted:

32 minutes ago, Abzyx said:

I presume you are the same AstroSkipper whose MSFN post I linked to above. If Windows XP users do not like the term “diehards,” then I offer my apologies. I obviously thought your efforts were noteworthy enough to mention in this topic. Peace! 🙂

Right! I am that gif_23.gifAstroSkipper. TBH, I didn't expect such a reply. Your apology is accepted. approvedsmile.gif BTW, MSFN is a great, technical forum with many talented and technically versed members. It is definitely not a last stronghold for Windows XP diehard fans, although I am such one indeed, but a technical forum for all Windows OSs and much more. Only FYI. 🙂

Cheers, AstroSkipper matrix.gif

 

  • Like 1
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.