Malwarebytes' Anti-Malware URL database

Discussion in 'other anti-malware software' started by m00nbl00d, Feb 25, 2012.

Thread Status:
Not open for further replies.
  1. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Is anyone aware if there's a new URL where one can verifiy the latest database version?

    I used to use this one: http://data-cdn.mbamupdates.com/v0/database/version.check

    But, it appears that it holds the old version numbering. And, in fact, when I downloaded from here -http://data-cdn.mbamupdates.com/v0/database/data/rules.912022505.ref and applied the update, MBAM loads with a message saying it's corrupted and if I'd like to download a new database version instead. I imagine the file downloaded is from the old versioning.

    There's been a long time, but I think I was able to replace the rules.ref file just fine before. I did rename rules.912022505.ref to rules.ref, by the way.

    I think the version from -http://data-cdn.mbamupdates.com/tools/mbam-rules.exe is not as up-to-date either. It's not frequently updated, that is; I think it's updated once a week or so.

    Anyway, I'm not in hurry and I do know MBAM staff do come in here and if they see this, maybe you could say a word about it.


    Thanks
     
  2. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    i guess that rules.ref is actually a composit of a big file and some minor updates

    long version of log

    http://data-cdn.mbamupdates.com/v1/config/consumer/version.chk
    --> "1625"

    http://data-cdn.mbamupdates.com/v1/news/consumer/version.chk
    --> "1627"

    http://data-cdn.mbamupdates.com/v1/custom/consumer/version.chk
    --> "1625"

    http://data-cdn.mbamupdates.com/v1/database/rules/version.chk
    --> "v2012.02.25.06"

    http://data-cdn.mbamupdates.com/v1/database/rules/data/rules.v2012.02.25.06.ref.yaml
    http://data-cdn.mbamupdates.com/v1/database/rules/data/rules.v2012.02.25.05.ref.yaml

    aso.

    then
    http://data-cdn.mbamupdates.com/v1/database/rules/data/rules.v2012.02.25.01_v2012.02.24.04.ref.inc
    --> incremental update

    and some more. composite result is rules.ref


    short version

    v1.5x
    http://data-cdn.mbamupdates.com/v0/database/version.check
    --> "912022506"

    http://data-cdn.mbamupdates.com/v0/database/rules/data/rules.912022506.ref

    v1.6x
    http://data-cdn.mbamupdates.com/v1/database/rules/version.chk
    --> "v2012.02.25.06"

    http://data-cdn.mbamupdates.com/v1/database/rules/data/rules.v2012.02.25.06.ref


    Result of both
    Code:
    89d138a89c4eac85c68932c980041a91|rules.ref
    89d138a89c4eac85c68932c980041a91|rules.912022506.ref
    89d138a89c4eac85c68932c980041a91|rules.v2012.02.25.06.ref
    
    advantage of incremental updates - same result but smaller download.

    HTH
     
  3. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
  4. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    another test here - downloading the actiual def and inserting results in
    "corrupt database" as you mentioned. i guess that mbam protects itself.
    The information behind may stored in \Configuration\database.conf
    all files are crypted for reason.

    so i think with v1.6 there is no longer the option to download a standalone version.
     
  5. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    The reason why MBAM reported a corrupted/not found database had to do with downloading, and therefore replacing the previous database file with one that's meant/was meant for version 1.5x.

    Replacing with the file I downloaded from the links you provided works. At least, it did not present any errors after applying the right version.

    But, I'll download a new file and see what happens. Maybe the file was not replaced, when I used the robocopy command-line utility. I actually did not pay enough attention to the report.
     
  6. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    You were right, actually. It doesn't work, anymore. :( So, now I can't download and provide it to a relative who has no Internet connection. :ouch:
     
  7. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    as long you share all files in that folder there is no problem - i do so for 3 systems.
     
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    That's great to know. :)


    Thanks! :thumb:
     
  9. Shadowwar

    Shadowwar Spyware Expert

    Joined:
    Feb 26, 2004
    Posts:
    305
    With 1.6x and on there are two files that need to be replaced on a non internet connected system.

    rules.ref

    configuration\database.conf

    The best way to do this is to copy from a system that is connected and updated.

    We added checksumming of the defs to prevent corrupt downloads and without the matching database.conf manually downloading the rules.ref alone from the cdn will not work because the checksum doesnt match.

    Hope that explains it.
     
  10. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Yes, it does explain it. :) Thank you. :thumb:
     
  11. Shadowwar

    Shadowwar Spyware Expert

    Joined:
    Feb 26, 2004
    Posts:
    305
    Quite Welcome!
     
Loading...
Thread Status:
Not open for further replies.