What are the Managed Client logs?

Document created by drossler Employee on May 11, 2017Last modified by jyamada on Jun 9, 2017
Version 3Show Document
  • View in full screen mode

SCCOMM Logs
C:\ProgramData\sccomm\Logs\sccomm.txt in version 1.7
C:\ProgramData\sccomm\sccomm.txt in version 1.6 and below.

 

These logs contain information on what the managed client is doing, as well as communication to the server.  This includes, but is not limited to:

  • Managed Client and endpoint client versions
  • Policy configurations and their results
  • Database updates
  • Manual commands sent from the console
  • Registration and server information
  • And any errors related to the above

 

Inno Setup Logs

  • For Manual or Standalone installs:  C:\Users\username\AppData\Local\Temp\Setup Log yyyy-mm-dd #xxx.txt
  • For Managed deployments: C:\Windows\Temp

 

This log details the setup and installation of MBAM and MBAE, independent of the SCCOMM and MSI logs.  This includes, but is not limited to:

  • Copying of files to their proper directory
  • Registering of DLLs
  • Creation of registry keys
  • And any errors related to the above

 

Malwarebytes Anti-Malware specific logs:

The following logs are located at C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs:

 

Protection - Either archivedxxxx-protection-log-yyyy-mm-dd.txt or protection-log-yyyy-mm-dd.txt

 

These logs contain information on various automatic functions of MBAM.  This includes:

  • Database updates
  • Protection Module refresh
  • Scheduled items occurring and finishing

 

MBAM Logs - Either "archivedxxxx-mbam-log-yyyy-mm-dd.txt" or "mbam-log-yyyy-mm-dd.txt"

 

These logs contain the results of both manual and scheduled scans.

 

Malwarebytes Anti-Exploit specific logs:

  • C:\ProgramData\Malwarebytes Anti-Exploit\Logs (Managed)
  • C:\ProgramData\Malwarebytes Anti-Exploit\ (Standalone)

 

Service - Either archived-xxxx-mbae-service.txt or mbae-service.txt

These logs contain infoormation on the status of the Malwarebytes Anti-Exploit service, as well as the version of Anti-Exploit.

 

Alert
These logs contain information on any blocks reported by Anti-Exploit.

 

Default - C:\ProgramData\Malwarebytes Anti-Exploit\mbae-default.txt

  • This log contains detailed information on Anti-Exploit and it's interactions during protection.
  • This log is encrypted and can only be viewed by Anti-Exploit specialists.

Attachments

    Outcomes