Jump to content

MB Endpoint will not scan files on network drives?

Recommended Posts

Hi KBarry


Malwarebytes Anti-Malware generally will not scan network drives due to permissions issues.  I apologize for the inconvenience.


Malwarebytes Anti-Malware will still protect these computers as the realtime protection works by stopping malware on access.

Link to post
Share on other sites

Lazz and KBarry, Sorry for jumping into your conversation "uninvited".


I spent a few weeks going back-and-forth on this same issue.

I originally noticed this behaviour when I upgraded from MBAM version 1.75 to


It started with this:  https://forums.malwarebytes.org/index.php?/topic/145355-on-demand-scan-always-reports-objects-scanned-0/


Initially I thought the problem was with the new version of MBAM.

After a few weeks going thru a support ticket "Request #427533 right-click on demand scanning a file on NAS does not work" we determined that it was NOT an MBAM v1.75 vs. MBAM v2.00 issue, but instead a difference between WinXP and Win7!


On WinXP both MBAM v1.75 and v2.0 can scan a file on a network drive.

On Win7 neither MBAM v1.75 or v2.0 can scan a file on a network drive.

Therefore I am convinced that it is an OS permissions issue.


It is dangerous, because the pop-up _looks_ like it scanned and says all okay, but if you look closely it reports "Objects scanned: 0".
It is very easy to miss it because it still takes time to run the "prescan", and the results screen has a green banner reporting "Sacn completed successfully! No malicious items were detected!".


I still believe this issue should be clearly published somewhere.

Someone could easily get infected by installing something from a remote drive after they have scanned it and believe it to be clean.

(Perhaps not on a mchaine with MBAM installed since as Lazz mentions it would have real-time protection, but perhaps on another machine.)


Good Luck and Stay Safe!


Link to post
Share on other sites

  • 1 month later...

I was able to work around this, by manually opening the network drive contents and selecting the folders/sub-folders, then right-clicking and manually scanning. It will go through the pre-scan and then actually start and finish the scanning this way, verses it just completing the pre-scan and not actually looking into any objects on the network shares by initializing it through the mapped drive letter. 


It's my understanding that while this does work, it is just a top level scan and it doesn't use the DDA and DOR drivers. This isn't a concern for me since I'm not worried in scanning the actual endpoint machines, but rather just the file contents within the share. 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.