Jump to content

Look for ways for speeding up scan


LiFers
 Share

Recommended Posts

MBAM is my first go to tool for A/V repairs (I'm a network admin / IT support contractor so this is usually weekly) and it's easily over 90% effective, however with my clients volumes getting larger and larger (particularly with photos, music and videos), even on fast computers it's taking 2+ hrs per scan (and you need to run at least two).

Ideas:

- Make MBAM more thready if possible. Looking at resource monitor it's only using 1 CPU (out of 8) however currently it is hitting a storage bottleneck.

- When multiple volumes are selected, scan them simultaneously as long as they're not on the same infrastructure. For example when 2 partitions, 2 internal HDDs, and 1 external HDD are selected, scan everything simultaneously except the partitions, which will need to be scanned sequentially for optimum speed.

- Is it possible to white list or use File Signatures to speed up the scan? Scanning WinSxS is often almost 50% of the scanning time. All these files should be digitally signed (as well as others in \Windows\). Is it not faster/possible to verify the signature and checksum and get through these official files faster?

- Optimise for SSDs: Perhaps there are scanning methods that work faster with SSDs as random access speeds will be similar to sequential access speeds. Maybe run a scan engine for the number of CPUs and divide the file system between engines, rather than 1 scan engine proceeding sequentially through the drive.

Link to post
Share on other sites

Hello and welcome, LiFers: :)

Thanks for your support of MBAM & for your suggestions.

I am just a home user/forum volunteer, so we'll definitely need to wait for one of the staff to respond to your specific, technical suggestions. :)

Until then, however, I would mention that routine Full scans with MBAM are generally neither necessary nor recommended.

Under most circumstances, Quick scans are all that is needed.

This is explained a bit here: What is the difference between the three scan types in Malwarebytes Anti-Malware? and here:

...we always recommend the Quick Scan over the Full Scan as it is quite comprehensive and is designed to look in every location where infections are known to hide. http://forums.malwar...ndpost&p=565867

The scan duration will of course vary according to many factors, including hardware specs and the number of files on the system.

However, especially on 64-bit systems, Quick scans are quite fast, especially with disk caching (my main desktop rig scans in just over 1 min).

As your post suggests that you are using MBAM in a corporate/enterprise environment, if you are experiencing performance issues with any specific system(s), you may wish to directly contact corporate support >>HERE<< for personal assistance.

HTH for starters,

daledoc1

Link to post
Share on other sites

Good point, however the reason why I'm running full scans is that a) I strongly suspect there's a virus due to particular PC behaviour or b) I know there's a virus because I can see it's behaviour.

Also, when I leave the site (or return the computer) I must be 100% certain that all malicious software has been expunged from the PC.

As an IT Technician I'm routinely scanning PCs I know have an infection. I'm not using Full Scan on an uninfected PC as a routine system maintenance item. Further, as I'm charging for the service, there can be no mistakes. Hence a minimum of 2 full scans with MBAM and on the tricky ones I have to rope in an additional 2 scans with Trend's HouseCall (which truly redefines the word slow, but in my experience has been the most aggressive scanner of the lot), not to mention fast scans with more specific Rootkit detectors etc.

(Off topic: And just to keep life interesting, every now and again I see a virus that no scanner can find. Last time a client saw this they had GFI A/V, and GFI remoted in, found the virus (which was in an obvious location in the end) and added it to their protection tools. I think I submitted it to MBAM at the time.)

Link to post
Share on other sites

  • Root Admin

Well I can tell you that if a Quick Scan does not find it then it's simply a dormant file if a Full Scan finds it. Using your antivirus to scan for dormant files will be much more effective than Malwarebytes Anti-Malware will. We specifically target live active malware and not dormant files so even if we happen to find a file on a full scan it is very unlikely to be live.

The vast majority of infections these days are redirects from javascript, plugin, add-in browser objects and rootkits, the most common being ZeroAccess. For ZeroAccess you will need our Anti-Rootkit software as the main program only deals with certain portions of it. Then follow up with a coupe different antivirus scans to confirm the system is clean.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.