Malwarebytes
Event logs
Application specific files
| Name | Path | Notes |
|---|---|---|
| MalwareBytes Anti-Malware Logs | C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-*.xml |
|
| MalwareBytes Anti-Malware Service Logs | C:\ProgramData\Malwarebytes\MBAMService\logs\mbamservice.log* |
Indicates the timezone in the log file - appears that the log is recorded in Local time as per this entry. |
| MalwareBytes Anti-Malware Scan Logs | C:\Users\%user%\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware\Logs\ |
|
| MalwareBytes Anti-Malware Scan Results Logs | C:\ProgramData\Malwarebytes\MBAMService\ScanResults |
Contains JSON output of the scan results |
Timestamp format: YYYY/MM/DD - HH:MM:SS (timezone unknown)
Useful grep
Threat Detected
Registry
Have not identified anything other than settings related to detections. Further research required.
Quarantine
\ProgramData\Malwarebytes\MBAMService\Quarantine- Filename
.quar or .data - Notes: Sometimes the GUIDs for quar and data match but not always. Unsure why.