Jump to content

Recommended Posts

Hi!  I had a question about using the shell extension scan feature of MBAM (Free edition) and logging.  Today, I used the shell extension scan feature to scan a folder of infected ZIP files.  MBAM scanned the files and detected the threats, as expected.  I _did not_ allow MBAM to quarantine the threats.  After the scan, I clicked exit.

 

Later, I went to check the MBAM logs to see which threats it had detected, during the scan I mention above, and didn't see any log files.

 

Does MBAM usually save log files after completing a shell extension scan or must I allow MBAM to quarantine or delete the files it determines are "bad" before the log is generated?

 

Thanks!

Peace...

Link to post
Share on other sites

Hi, tomdkat:
 
Until the staff arrive to weigh in...

Disclaimer: I am using MBAM PRO (though I don't think it would be different between PRO and Free) and I don't know what version of Windows you are running (though I don't think that would matter, either).
 
I just tested the behavior by right-click scanning a txt file on my desktop.
MBAM scanned the file, reported that it was clean in a dialog window, and created a log of the scan.

I was able to view the scan log both ways:

  1. By opening the GUI from the desktop shortcut > logs tab > scrolling down, PAST the protection logs, to the scan logs, and finding the one with the correct date/time stamp.
  2. By browsing to the correct file path, using these instructions:

MBAM scan logs are saved to the following locations:
-- XP: C:\Documents and Settings\<username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7, 8: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-yyyy-mm-dd

 

So, unless what I did to reproduce the steps you described was somehow different, it appears that, YES, MBAM does indeed automatically produce a log when scanning a file this way.

As to how it would behave if the file were malicious and needing quarantine, I assume that would depend somewhat on whether you have MBAM configured in the scanner settings to automatically quarantine it, or not?

 

I hope this helped a bit for starters....

 

daledoc1

Link to post
Share on other sites

Thanks for the reply.  I don't have MBAM setup to automatically quarantine and usually, I have to manually remove the threats it finds after doing a scan.  In the case of the shell extension scans, I simply want to see if MBAM detects the infected files and that is all.   I'm running on a Windows XP Home Edition (SP3) system.   My primary profile encountered a problem, so when I did what I described above I was using a temporary profile Windows created when I first logged in to the system.  So, that might be having an impact on the logs not appearing.

 

On this system, I was doing a virus scan and the system hung, so I had to hold the power button to power it off.  After doing that, my primary profile somehow got corrupt (which is fine since this isn't my main system or anything :)).

 

I'll see if I can find the logs by looking at the file system, in the path you mention above.

 

Thanks!

 

Peace...

Link to post
Share on other sites

OK.

Sounds good.
It does sound as if there is more going on with this system (corrupt user profile, hanging antivirus/MBAM scans requiring hard shutdown, etc)?
 
If you'd like some expert help getting it checked out and cleaned, you might want to follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
A malware analyst will assist you with looking into your issue.

Thanks,

daledoc1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.