New
#21
Not sure if the prevailing topic was intended to be any more than a pros/cons thread but at least I may get a helpful link out of it. A heading like "MS Security Essentials" would seem to infer more of a knowledge base than an editorial thread. At any rate...
Just installed MSE on a fresh Win7 Pro and ran a quick scan that proved clean (negative). Then I checked the documentation screens for evidence that the scan was run, but nada. Apparently, MSE will only list scan results when encountering defects, at least that's the only output I've been able to locate.
So... I went searching and found some rather cryptic (to me, anyway) instructions about how to possibly create a log of sorts through the Event Viewer to list the log dates. I gave up, though, because the rationale is just not clear to me. I need to understand the reasons related to the steps I follow to decide if it serves my end goal.
All I require is a plain text log that lists scan date/time with results... which could be as simple as pass/fail as far as I am concerned. Specific IDs of defects would be even more helpful but not really necessary since it seems that MSE will keep a running tally of all the defects. It would also be appropriate if the log could be simply copied/pasted or exported to a separate file. Can the MSE log of defects be cleared or does it just keep overwriting the previous scan result? Dunno without some anomaly to test it. I cannot recognize that MSE provides this functionality through its interface, but I could need some further education on its mechanics.
My rationale: For detection results positive or negative, I would like to identify defect patterns and possible relationship/timing with standard computing operations like installing new software, applying upgrades/patches and network browsing habits and settings. I had this access with my last AV app (either AVG or Norton, IIRC) and it can prove extremely valuable in diagnosing causative factors in detection. IMO it's not enough to identify and clean a defect but to be able to hazard an educated guess as to its origin. Hence, the need for a dated log.
Any ideas about how to do this and do any of the AV apps you folks use provide this functionality by default?
Thanks, in advance, for your perusal and time!
Hello Telich,
I don't use MSE myself, but I recall someone stating that you can use event viewer for MSE logs by running
eventvwr.msc. and selecting system log, then Microsoft Antimalware
Also, the files should be stored at: c:\ProgramData\Microsoft\Microsoft Antimalware
I'm not sure if this is exactly what you were looking for, my apologies if I misinterpreted the question
I just opened my MSE and on the first screen I see (Home Tab) it has Last Scan with the date and time.
Yes, I saw that myself but I can't highlight any of the text to manufacture my own comprehensive log file.
I am assuming the next scan will simply overwrite that details section anyway. I'm guessing that the ID of any anomalies wouldn't show up on the Home tab but on the History tab.
@Berkey: That log only shows that the scan started and then finished but has no record of scan results.
It's looking a lot like if I want a standing record of all scans with results I'll need to manually type the information I see on the screen (either Home tab or History tab depending on whether defects were uncovered or not) after each scan. Not at all handy IMO.
I'm not on a system with MSE right now, but this MS article may help you:
MSE should have a scan log history
I've used MSE for years because of a recommendation from Sevenforums which seems like eons ago. Since installation I've never had one problem with viruses, trojans, etc and MBAM has never detected anything that may have slipped through. That said, my system runs very sluggish at some of the most inopportune times. In running Process Explorer during those sluggish times MSE is always at the top of the processes list for CPU usage. If I disable "Monitor file and program activity..." then the system runs smoothly again.
I'm here to read opinions on what other AV/AM programs people use because I can no longer stand the slow response times of my system while MSE is doing its thing. I've gotta believe that Avast, Panda and others offer the same protection without sucking system resources.