Jump to content

How can I tell whether/what scheduled scan did with detected items?

greylander
 Share

Recommended Posts

greylander

greylander

Posted
Posted

Hi,

 

Malwarebytes just completed a scheduled scan indicating potential threats detected.  When I view the detailed log, I see the list of detected items, but the action column just says "No action by user" for all items, which is true -- I took not manual action.  But there is no indication of what, if any, automatic action was taken.

 

When I look in quarantine, none of the items found are listed, though I set up the schedule scan to automatically quarantine detected threats.

 

So basically I have no way of knowing, what, if anything, malwarebytes did with the detected items.

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

Hi:
 
From what you describe, it sounds as if the detections were probably non-malware detections (PUPs and PUMs).
Malware is automatically quarantined by default.
But the non-malware items (PUPs and PUMs) may not be automatically quarantined under version 2, IF the user previously did not have MBAM version 1 configured to do so or if the user has changed the version 2 default settings. 

IOW, if you do not tell MBAM to quarantine these detections, it will do nothing -- you are only notified.
The notification you received after the scan ought to have indicated whether these were malware or non-malware.


In any event, you can check to be sure MBAM is configured to "Treat as Malware" PUPs and PUMs.
Then you can rescan.
That will probably take care of things.
 
However, if you are not sure what the detections are, or how to handle them, you may wish to post back with the scan log, and we'll take a look.
(If you need help doing that, let us know.)

ALSO, for additional information:
There is an FAQ Section here: Common Questions, Issues, and their Solutions
And here are links to the MBAM 2.0 User Guide: Online and PDF
And there are many useful KB topics and videos at the helpdesk support page

 

Thanks,

post-29793-0-67847900-1404489885_thumb.p

post-29793-0-36829500-1404490418_thumb.p

post-29793-0-01851100-1404490422_thumb.p

Link to post
Share on other sites
greylander

greylander

Posted
  • Author
Posted

Thanks!

 

Yes it appears these are all PUPs.  So I guess the reason there is no indication of action taken is... because not action was taken.  :P

 

It looks like I had PUM's set to treat as malware but not PUPs, although I think I intended to set that some time ago, apparently I did not.

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

In fact, by default, a new install of version 2 does treat them both as malware (IOW it automatically quarantines them).

 

However, if the user previously did not have version 1.x configured that way, then I think an in-place upgrade to version 2 will retain the previous settings and will not automatically quarantine them.

 

If you need any further help sorting this out, please feel free to post back, preferably with a scan log.

 

Thanks,

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept