Jump to content

Custom Scans take 8 to 12 hours or more to complete.

Tex10
 Share

Recommended Posts

Tex10

Tex10

Posted
Posted

Hi All; I have been running the Custom Scan on multiple computers and it is taking far too long to complete, 8 to 12 hours or more. I have found that if I DESELECT the folder called C:\Windows\winsxs then the scan time is greatly reduced to 2 to 3 hours. I really can't afford to have my computers tied up for 8 to 12 hours or more.

Questions:

1. Is it dangerous to NOT scan the C:\Windows\winsxs folder? Do you know if this folder ever gets infected?

2. The older Malwarebyte's Anti-Malware version 2.2.1.1043 did allow you to select "Scan for rootkits" and to DESELECT the folder called C:\Windows\winsxs. The new version 3.2.2.2029 of Malwarebytes doesn't allow one to select "Scan for rootkits" and DESELECT the folder called C:\Windows\winsxs so this means that in order to scan for rootkits, one has to select all folders.  This causes the LONG scan times of 8 to 12 hours or more. This is just NOT practical. Is it important to "Scan for rootkits" or is this only necessary to do when one knows the computer is infected?

Link to post
Share on other sites
Tex10

Tex10

Posted
  • Author
Posted

Hi Porthos; Thanks for the reply. You say "A regular threat scan is all you need." so I have to ask what is the purpose of the "Custom Scan" (Full Scan)? It must be available for a reason. I thought maybe it is there to allow one to do a complete, thorough scan. Am I confused?

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted (edited)

The things that MB detects on a scan are limited. MB is more for detecting live threats on your computer. I assume you are using the paid version.

Malwarebytes does not target script files during a regular scan or a right click scan.

That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

While our anti-malware engine does not explicitly detect the above files directly, your anti-exploit component does actually target exploits which utilize these and other file types, not just the payloads they might try to download.  This means that if you have a Word document, PDF, MP3 or some other non-executable file which contains malicious code/an exploit that as soon as the file is opened and the exploit code attempts to launch, our exploit protection should stop it and quarantine the file accordingly long before the exploit is given the opportunity to reach out to the web to grab an executable payload. If it does reach out to the web, the web protection is there to intercept it.

 

Edited by Porthos
Link to post
Share on other sites
Tex10

Tex10

Posted
  • Author
Posted

Hi KenW; WOW, I would love to be able to do "Custom Scan" in 1 hr. 44 min. 25 sec. I am assuming you selected all folder and files on your C:\ Drive...

Hi Porthos; Thanks for the explanation in your previous post about what is scanned and what is not. Not sure I totally understand, but thanks anyway....

Hi Firefox; Thanks for the link that explains the different types of scans, but that still doesn't answer the question about when to use what type of scan. Maybe it is just me, but a "Custom Scan" (Full Scan) should be the most thorough scan as it will scan all folders and files. If it takes 8 to 12 hours or more, then I just can't have my computer tied up that long. It just isn't practical....

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted

Let us get some logs to get a better look.

·  Create and obtain Farbar Recovery Scan Tool (FRST) logs

  1. Download FRST and save it to your desktop
    Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit
  2. Double-click to run FRST and when the tool opens click "Yes" to the disclaimer
  3. Press the "Scan" button
  4. This will produce two files in the same location (directory) as FRST: FRST.txt and Addition.txt
    • Leave the log files in the current location, they will be automatically collected by mb-check once you complete the next set of instructions

·  Create and obtain an mb-check log

  1. Download MB-Check and save to your desktop
  2. Double-click to run MB-Check and within a few second the command window will open, press "Enter" to accept the EULA then click "OK" 
  3. This will produce one log file on your desktop: mb-check-results.zip
    • This file will include the FRST logs generated from the previous set of instructions
    • Attach this file to your forum post by clicking on the "Drag files here to attach, or choose files..." or simply drag the file to the attachment area
Link to post
Share on other sites
Tex10

Tex10

Posted
  • Author
Posted

Hi Porthos; I have uninstalled Malwarebytes 3 and went back to the older Malwarebyte's Anti-Malware version 2.2.1.1043 so that I could run the "Custom Scan" (Full Scan) with "Scan for rootkits" and DESELECTING the C:\Windows\winsxs. Also I have stated that multiple computers are having the same long times to run the "Custom Scan" which would make me question what running Farbar Recovery Scan Tool (FRST) and the MB-Check on any one computer would actually tell us? Do you suggest I pick one computer and reinstall Malwarebytes 3, do a "Custom Scan" which will take 8 to 12 hours or more and then follow your instructions? Not sure this will be helpful....

Link to post
Share on other sites
exile360

exile360

Posted
Posted

Hello,

Because we are not seeing this behavior/long scan times on any of our systems, we need to get logs to tell us more about the systems you're seeing this issue on, so providing an FRST and MB-Check log for one of the systems should hopefully give us an idea of how your systems differ from our own so that we can hopefully isolate the cause of the issue in order to provide our Developers with the info they need to fix the problem if they can.  You don't need to scan with Malwarebytes 3 again, we just need the FRST and MB-Check logs.

Of course it is totally up to you and if you do not wish to continue troubleshooting this issue with us that is of course your choice.  We simply wish to do all we can to both help you as well as isolate and fix any bugs which might exist in our products.

Thanks

Link to post
Share on other sites
KenW

KenW

Posted
Posted

You asked for help and that is what they are doing. I only included my scan log because I never run a full custom scan. I may run a custom scan of a file 

or folder for something I suspect may be a problem. If you don't take advice, there is nothing anyone can do !!!

Link to post
Share on other sites
Tex10

Tex10

Posted
  • Author
Posted

Hi exile360 and KenW; I think I have given you the wrong impression. It isn't that I don't want to continue troubleshooting this issue or that I am unwilling to take your advice. The reason I am posting to this site is to get a resolution to this issue. I am very sorry if I have given anyone the wrong impression. Please answer these questions:

1. Do you want me to first upgrade the existing application from Malwarebyte's Anti-Malware version 2.2.1.1043 to the new Malwarebytes 3 version 3.2.2.2029?

2. Do I run a "Custom Scan" (Full Scan) with "Scan for rootkits" selected before I run the Farbar Recovery Scan Tool (FRST) and the MB-Check?

Please advise. Thanks...

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
8 minutes ago, Tex10 said:

1. Do you want me to first upgrade the existing application from Malwarebyte's Anti-Malware version 2.2.1.1043 to the new Malwarebytes 3 version 3.2.2.2029?

Yes but use the below instructions.

Let us get a clean install of the current version.

We have another tool called MB-Clean which will automate the whole process for you including backing up your key and reactivating.

 Tool can be found at https://downloads.malwarebytes.com/file/mb_clean

1. After downloading the tool run the tool.

2. The tool will automatically clean up the older possibly damaged installation and will ask you for a restart.

3. Restart your system and then the MB-Clean tool will prompt you to re-install the latest product .

4. Click on "Yes" to reinstall MB 3.×.

5. Now you will have the latest product installed.

Then run a THREAT scan with rootkit-enabled and then  Get the logs. We will attempt a custom scan after we review the logs.

 

Link to post
Share on other sites
exile360

exile360

Posted
Posted
2 hours ago, Tex10 said:

Hi exile360 and KenW; I think I have given you the wrong impression. It isn't that I don't want to continue troubleshooting this issue or that I am unwilling to take your advice. The reason I am posting to this site is to get a resolution to this issue. I am very sorry if I have given anyone the wrong impression. Please answer these questions:

No worries, if a scan took that long I wouldn't want to have to keep running them to test either.

Thank you for providing the logs.  Our team will take a look and hopefully we'll be able to spot the cause.

Link to post
Share on other sites
UweJo

UweJo

Posted
Posted (edited)

Hello, i have the same problem... starting malwarebytes premium 3.2.2.2029 , starting full or hyper scan and the processor usagage will go to 100% ...

The Scan will be 8-10h on different computers...

MBAM Service will use the processor up to 100% permanently...

 

Edited by UweJo
Link to post
Share on other sites
UweJo

UweJo

Posted
Posted
32 minutes ago, UweJo said:

Hello, i have the same problem... starting malwarebytes premium 3.2.2.2029 , starting full or hyper scan and the processor usagage will go to 100% ...

The Scan will be 8-10h on different computers...

MBAM Service will use the processor up to 100% permanently...

Windows 7 X64 ...

 

 

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
3 hours ago, UweJo said:

Hello, i have the same problem... starting malwarebytes premium 3.2.2.2029 , starting full or hyper scan and the processor usagage will go to 100% ...

The Scan will be 8-10h on different computers...

MBAM Service will use the processor up to 100% permanently...

 

change the setting in the

screenshot below

scan priorty.png

Link to post
Share on other sites
Tex10

Tex10

Posted
  • Author
Posted

Hi Porthos; I looked at the setting in Malwarebytes 3 and I found that the default setting for "Impact of Scans on System" was already selected for "Manual scans have high priority and will finish more quickly." I assume this is correct that it is the default?

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
9 minutes ago, Tex10 said:

Hi Porthos; I looked at the setting in Malwarebytes 3 and I found that the default setting for "Impact of Scans on System" was already selected for "Manual scans have high priority and will finish more quickly." I assume this is correct that it is the default?

That was not for you but for the user who butted in on your topic.

 

21 hours ago, exile360 said:

Our team will take a look and hopefully we'll be able to spot the cause.

@dcollins@nikhils@AdvancedSetup Will check back with you most likely after the weekend.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.