Jump to content

Recommended Posts

Hello.

I have the latest free MBAM program in my updated Windows (32-bit XP Pro. SP3 and 64-bit W7 HPE). Is there a way to to manually scan in registry only? I tried unselecting all drives, but it won't let me scan. I am trying to figure out which program(s) [i have a lot] is causing detected infection (not sure if it is a false positive/FP).

Thank you in advance. :)

Link to post
Share on other sites

Hello Ant Dude,

post-60618-0-11283100-1325181574.png

Setting the scanner settings to only scan registry objects should yield the results you are expecting.

Thank you.

Hmm, doing full scan still asks for a drive after trying your settings.
Link to post
Share on other sites

Use the Quick Scan option. The Full Scan is designed to scan your drives, so at least one hard drive must be selected. That's not true of the Quick Scan. Also note that some registry detections may be the result of a file being detected, so the easiest way to do what you want would be to set all the scan options to their defaults and perform a Quick Scan.

Link to post
Share on other sites

Use the Quick Scan option. The Full Scan is designed to scan your drives, so at least one hard drive must be selected. That's not true of the Quick Scan. Also note that some registry detections may be the result of a file being detected, so the easiest way to do what you want would be to set all the scan options to their defaults and perform a Quick Scan.

Ah thanks. Perfect! :)

Question: What is the difference between quick and full scan?

Link to post
Share on other sites

Ah thanks. Perfect! :)

Question: What is the difference between quick and full scan?

You're very welcome :)

The quick scan checks every single location that our research team sees infections actually installing themselves. The full scan checks the same locations, but also checks locations where we don't see infections installing themselves. The full scan can be useful for removing dormant traces of infections occasionally (though very rarely quite honestly), but both our developers and research team recommend the quick scan instead of the full scan.

In fact, the only time I've ever had a detection from a full scan that wasn't in a quick scan, it was an item that was already removed and was in System Restore, which you don't want to fix using a security scanner anyway, since doing so actually breaks the restore point, so in such cases, you're better off creating a new clean restore point (assuming your system has no live infections on it), and then deleting the restore point that contains the infection. A bit more detail on System Restore can be found here.

Link to post
Share on other sites

You're very welcome :)

The quick scan checks every single location that our research team sees infections actually installing themselves. The full scan checks the same locations, but also checks locations where we don't see infections installing themselves. The full scan can be useful for removing dormant traces of infections occasionally (though very rarely quite honestly), but both our developers and research team recommend the quick scan instead of the full scan.

In fact, the only time I've ever had a detection from a full scan that wasn't in a quick scan, it was an item that was already removed and was in System Restore, which you don't want to fix using a security scanner anyway, since doing so actually breaks the restore point, so in such cases, you're better off creating a new clean restore point (assuming your system has no live infections on it), and then deleting the restore point that contains the infection. A bit more detail on System Restore can be found here.

Ah interesting. I always do full scans in all scanners to catch those common and rare ones. Hence, why I was using full scan earlier. :)
Link to post
Share on other sites

Ah interesting. I always do full scans in all scanners to catch those common and rare ones. Hence, why I was using full scan earlier. :)

Yep, several of our users do, however, to be perfectly honest, MBAM is not a typical scanner by any means. It relies on heuristics detection far more than just raw file scanning. It uses a very smart engine and knows where to look, that being said, there's certainly no harm in using the full scan, it just takes a LOT longer.

Link to post
Share on other sites

Yep, several of our users do, however, to be perfectly honest, MBAM is not a typical scanner by any means. It relies on heuristics detection far more than just raw file scanning. It uses a very smart engine and knows where to look, that being said, there's certainly no harm in using the full scan, it just takes a LOT longer.

I have no problems with long scans. I rarely do them and do them when I am not using the computers for hours like overnight when asleep. ;)
Link to post
Share on other sites

Speaking of scan types. Is there a way to force a full scan when doing right click scan with MBAM instead of quick scan?

No, in fact, it's not a quick scan either. It used to be called a 'quick scan' in the GUI/logs, but that was inaccurate. It's now correctly displayed as being a 'Custom scan'. Do keep in mind that such scans do not use all of our heuristics, so some things that would be detected by a Quick scan will not be detected by a context menu scan.

Link to post
Share on other sites

No, in fact, it's not a quick scan either. It used to be called a 'quick scan' in the GUI/logs, but that was inaccurate. It's now correctly displayed as being a 'Custom scan'. Do keep in mind that such scans do not use all of our heuristics, so some things that would be detected by a Quick scan will not be detected by a context menu scan.

Oh, they changed it. Was it changed in this latest version? Hmm, too bad there is no way to do a full scan through Windows Explorer's right click scan method. It would be nice! Maybe add it as a suggestion for future versions? :)
Link to post
Share on other sites

Oh, they changed it. Was it changed in this latest version? Hmm, too bad there is no way to do a full scan through Windows Explorer's right click scan method. It would be nice! Maybe add it as a suggestion for future versions? :)

Yes, we changed what it's called in this latest version.

As for making it a full scan, it basically is. The primary functions of our heuristics checks depend on the methods used in the quick scan (this is one of the reasons that a full scan is generally unnecessary as well).

Basically, when you scan any location that is not normally checked by our quick scan, be it a folder or drive, MBAM will not have its full heuristics capabilities in that location. This includes when it scans a folder with a context menu scan or when it scans a secondary drive in a full scan.

Link to post
Share on other sites

Yes, we changed what it's called in this latest version.

As for making it a full scan, it basically is. The primary functions of our heuristics checks depend on the methods used in the quick scan (this is one of the reasons that a full scan is generally unnecessary as well).

Basically, when you scan any location that is not normally checked by our quick scan, be it a folder or drive, MBAM will not have its full heuristics capabilities in that location. This includes when it scans a folder with a context menu scan or when it scans a secondary drive in a full scan.

Interesting and thanks. :)
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.