Skip to content


Event logs

Application specific files

Name Path Notes
MalwareBytes Anti-Malware Logs C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-*.xml
MalwareBytes Anti-Malware Service Logs C:\ProgramData\Malwarebytes\MBAMService\logs\mbamservice.log* Indicates the timezone in the log file - appears that the log is recorded in Local time as per this entry.
MalwareBytes Anti-Malware Scan Logs C:\Users\%user%\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware\Logs\
MalwareBytes Anti-Malware Scan Results Logs C:\ProgramData\Malwarebytes\MBAMService\ScanResults Contains JSON output of the scan results

Timestamp format: YYYY/MM/DD - HH:MM:SS (timezone unknown)

Useful grep

Threat Detected


Have not identified anything other than settings related to detections. Further research required.


  • \ProgramData\Malwarebytes\MBAMService\Quarantine
  • Filename .quar or .data
  • Notes: Sometimes the GUIDs for quar and data match but not always. Unsure why.