Jump to content

MBAM Uninstall Logging Function


RandyC

Recommended Posts

I have a suggestion relating to the uninstall function of Malwarebytes. Perhaps log entries could be made, both in the MBAM log itself, and to the Eventviewer logging function, whenever MBAM is uninstalled.

Why? Simply this. I ran into a case the other day, where AVG, MBAM and GoToAssist were uninstalled by malware (a fake AV - XP Security 2012). The only evidence I had of the uninstalls were the AVG Eventviewer log entries and the web site request for the reason for the uninstall of AVG.

A request for AVG (not your business, I know) would be for them to distinguish between silent uninstalls via a command line and that done by Add/Remove programs (XP) or Programs and Features (Vista/7). I intend to ask for that. I don't know if MBAM offers command line uninstalls, too, but if so, it would be great to be able to distinguish between various types of uninstalls. I believe it would help in diagnosing what went wrong - and when. Even if not, a log of the uninstall time (and perhaps user name) would be very helpful.

Thanks for listening.

Randy

Link to post
Share on other sites

It's an interesting proposal, but I'm not sure how useful it would be for most users (most aren't even aware of Event Viewer's existence). I could possibly see it being useful in a corporate environment though. For many users, especially these days given the nature of the current rogues, once they start seeing the fake alerts that they're infected and that their security software has either been removed or simply disabled from being able to run, they pursue other means to get their machines cleaned, such as requesting help on a security forum (like ours), contacting the support for their security products for assistance, fix it themselves if they know how or they take it to a tech shop for repair.

Once the damage is repaired that was caused by the infections, they'll be able to reinstall all of their security products again (or even before that if there are ways around the infection to get the security apps reinstalled and running so that they can remove the infections).

Link to post
Share on other sites

I was a corporate tech for nearly 30 years, until they said "the door's over there - don't let it hit you on the way out." That was in 2002.

Many of my client's want to know how and when (sometimes they are concerned about their children) they got attacked. I think knowing when the uninstall happened could/would be useful.

The example I gave was for a client who had paid versions of AVG and MBAM - and both got removed without their knowledge or permission.

I do have a paid technician license (and reseller for both commercial and non-commercial licenses) for anyone who thinks I'm a freeloader.

I was a developer for many of those corporate years - I know what I'm asking for - just would like to know if my request will be considered.

Thank you.

Randy

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.