Rory_Mercury Posted March 27, 2017 ID:1112618 Share Posted March 27, 2017 Threat scan only seems to scan through the SSD that I have win7 and Malwarebytes 3.0 is installed in. For example, when I perform a threat scan, it goes through 355,000 items. I disconnect my second SSD drive and power cable (the one that doesnt have win7 and Malwarebytes 3.0 installed) and perform another threat scan and only 355,000 items are scanned. Anyway to configure it so threat scans include both of my SSDs? Thanks! Link to post Share on other sites More sharing options...
Firefox Posted March 28, 2017 ID:1112681 Share Posted March 28, 2017 You have to perform a Custom Scan, then select the drive letter of the second drive. By default Malwarebytes only scans the installed OS drive (usually C: drive) Link to post Share on other sites More sharing options...
Rory_Mercury Posted March 28, 2017 Author ID:1112691 Share Posted March 28, 2017 Thanks for the reply, Firefox! I thought so, I hope they implement multiple drives in the future. Link to post Share on other sites More sharing options...
gonzo Posted March 28, 2017 ID:1112697 Share Posted March 28, 2017 I doubt that would happen. A threat scan is designed to scan places which are commonly used for malware attacks. No attacker would depend on the presence of a second drive to deliver their "goodwill." Link to post Share on other sites More sharing options...
Rory_Mercury Posted March 28, 2017 Author ID:1112698 Share Posted March 28, 2017 Your comment has quite insightful, wasn't aware of that before. Link to post Share on other sites More sharing options...
gonzo Posted March 28, 2017 ID:1112699 Share Posted March 28, 2017 Thanks. I try to help. I don't know if you have seen this, but this web page helps explain as much of Malwarebytes as I could say for public consumption. https://www.malwarebytes.com/support/guides/mb/ Click SCAN on the left side to find out what the different scans do. Lotsa good stuff in there! Link to post Share on other sites More sharing options...
Rory_Mercury Posted March 28, 2017 Author ID:1112702 Share Posted March 28, 2017 No, I haven't seen this. You've been very helpful and have shed a lot of light on this. Thanks! Link to post Share on other sites More sharing options...
seasquared Posted February 23, 2019 ID:1300278 Share Posted February 23, 2019 Of course, since all downloads go to my second Data Drive, the bad guys don't have to know it's my second drive., good thing MS Security Essentials scans all drives. I never would have guessed that MB scans only the C Drive. Link to post Share on other sites More sharing options...
exile360 Posted February 23, 2019 ID:1300323 Share Posted February 23, 2019 It scans the boot sector of every drive and it also checks any processes, modules and threads in memory along with their associated files no matter where they might be located so even if a threat is installed on a secondary drive, Malwarebytes should still detect it. The same goes for the real-time protection component. It doesn't only check processes running from the main system drive, but those from anywhere on the system. Additionally, Malwarebytes will scan other drives if you use the right-click context menu Scan with Malwarebytes option in Explorer, or you can perform a Custom scan which is accessible via the Scan tab in Malwarebytes and select any of your drives or even just specific folders to be scanned if you wish. The reason that the Threat scan only checks the inactive files on the main system drive is because that is how threats install themselves and it was designed to look for and remove actively installed threats. If it were to scan all drives/files by default the scan would take a very long time. In fact, most AV/AM products have such a scan. Microsoft Security Essentials and Windows Defender do not scan any other drives by default in their quick scans either, neither do most other AVs for the same reason, though just like Malwarebytes, they offer the option to scan those other drives manually if you wish. Link to post Share on other sites More sharing options...
seasquared Posted February 24, 2019 ID:1300338 Share Posted February 24, 2019 1 hour ago, exile360 said: It scans the boot sector of every drive and it also checks any processes, modules and threads in memory along with their associated files no matter where they might be located so even if a threat is installed on a secondary drive, Malwarebytes should still detect it. The same goes for the real-time protection component. It doesn't only check processes running from the main system drive, but those from anywhere on the system. Additionally, Malwarebytes will scan other drives if you use the right-click context menu Scan with Malwarebytes option in Explorer, or you can perform a Custom scan which is accessible via the Scan tab in Malwarebytes and select any of your drives or even just specific folders to be scanned if you wish. The reason that the Threat scan only checks the inactive files on the main system drive is because that is how threats install themselves and it was designed to look for and remove actively installed threats. If it were to scan all drives/files by default the scan would take a very long time. In fact, most AV/AM products have such a scan. Microsoft Security Essentials and Windows Defender do not scan any other drives by default in their quick scans either, neither do most other AVs for the same reason, though just like Malwarebytes, they offer the option to scan those other drives manually if you wish. Nevertheless when I scanned my data drive MB came up with 18 threats. 3 GeneralMalware/Suspicious, 2 Trojan Agents, 13 PUPs Link to post Share on other sites More sharing options...
Porthos Posted February 24, 2019 ID:1300342 Share Posted February 24, 2019 34 minutes ago, seasquared said: Nevertheless when I scanned my data drive MB came up with 18 threats. 3 GeneralMalware/Suspicious, 2 Trojan Agents, 13 PUPs Love to see that log. Link to post Share on other sites More sharing options...
seasquared Posted February 24, 2019 ID:1300344 Share Posted February 24, 2019 Here is the scanlog 20190223scanlog.txt Link to post Share on other sites More sharing options...
exile360 Posted February 24, 2019 ID:1300346 Share Posted February 24, 2019 Yeah, the scan log shows only files detected, 0 processes or memory modules meaning every one of those objects is dormant/inactive. It shows the directory as though it were for an active Windows installation, is that a slaved drive from another system or are you just installing your programs there/moved your user profile and downloads folders there? The reason I ask is because if you actually redirected them to that drive in your currently loaded OS then they should have been scanned as Malwarebytes will follow the same system variables that Windows uses, at least as far as I know it does (otherwise it wouldn't work properly for scanning other users' profiles as well as OS installations when the current/active OS is installed on a drive other than C:, which is possible in older operating systems like XP). Link to post Share on other sites More sharing options...
seasquared Posted February 24, 2019 ID:1300350 Share Posted February 24, 2019 I don't remember, everything as its been a while but I added an SSD as the C drive and it has the system and programs on it but all my files photos and downloads go to my I drive. I believe I originally replaced my original drive with the larger drive, which is now my Data Drive. This system is Win 7 and older, I certainly could clean up a lot of remnants from the data drive but why take the time? I also have a Win 10 laptop that I added a second SSD to with the same architecture;windows and programs on the C drive, files ,photos, etc , on the second drive. Link to post Share on other sites More sharing options...
exile360 Posted February 24, 2019 ID:1300361 Share Posted February 24, 2019 (edited) 4 hours ago, seasquared said: I believe I originally replaced my original drive with the larger drive, which is now my Data Drive. That explains it. Those detections are from the previous Windows installation from when that drive was the main drive with the OS and programs on it which also explains why the items found were under Program Files etc. on that drive (directories that would normally be on your C:\ drive). Since they are from a previous Windows installation, not the current one, none of those items are actually active which also explains why no processes were detected in memory and no registry entries/keys were detected either (settings for those detections and loading points that would normally be used to allow them to run at startup when you boot your system). So basically, because they are from the old Windows installation and not the current one, they're completely harmless. With that said, it's always a good idea to scan any drive with files on it when you first attach it to your system just to make sure it's clean. You can do this by right-clicking on the drive and selecting Scan with Malwarebytes, and of course if you'd have had Malwarebytes scan the your system back when that data drive was the primary/OS drive, it would have most likely detected those items even with just the default Threat scan. Also, FYI, the default scan for Microsoft Security Essentials is the Quick scan which also would not have scanned those locations on your data drive and wouldn't have detected them unless they were active in memory or you'd have scanned that drive specifically or performed a Full scan or Custom scan: As I said, most AV/AM products work this way because the Developers figure that users would prefer their scans to be as fast as possible as long as they detect/remove anything that is an imminent/active threat, plus of course they expect that as long as you have your protection active that even if you were to access a file located on a secondary drive and try to run it, their real-time protection would detect it, block it from running and remove it so that you'd still be protected from it even though the drive had never been scanned. Edited February 24, 2019 by exile360 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now