Slow scan

[Dulouige]

The last time I used Malwarebytes full scan it lasted 15 freaking hours! before I install it again let me just ask you guys this, did they fix the scanning problem?

[AdvancedSetup]

Hello @Dulouige

Can you please be a bit more specific and post your scan log so that we can review.

Thank you

 

[exile360]

I would also mention that Malwarebytes is not an antivirus and its scan engine does not work like one.  Scanning your entire drive with Malwarebytes is unnecessary which is why the default scan type is the Threat scan which looks in all known locations where malware installs itself along with all loading points/startup locations, the registry, temp and data folders, as well as all active processes and threads in memory which means that any threats active on the system, even if running from an unorthodox location or even a different drive, should still be detected since any active threat, regardless of where it might be stored on disk, must run in memory to be active and must use some sort of mechanism to get loaded on startup.  The Malwarebytes Research team can also adjust where the scan looks dynamically through database updates; no program updates are required for them to add new locations for the default Threat scan to check.

Edited April 19, 2020 by exile360

[AdvancedSetup]

I cannot duplicate slow scans on any of my physical or virtual systems.

 

 

[Firefox]

14 hours ago, Dulouige said:

Malwarebytes full scan it lasted 15 freaking hours!

@AdvancedSetup in case you missed it, the OP mentioned FULL scan...

[AdvancedSetup]

Thanks @Firefox but it wold still be good to get the logs and see what was really scanned, what options chosen, and what is running on the computer as well. If you have another antivirus running that is doing either file or behavior monitoring then every object you scan it too is going to check causing a slow down due to resource usage.

However, we have never advocated using a Full scan either. The way malware works it has known launch points and locations. We monitor all known locations and scan those locations. We also scan memory and paths of objects in memory so even if scan new locations if something is using a different path. Scanning hundreds of thousands of old files is of little use. If one really wanted to do a flat file scanning like that including archives, etc. then using an older style antivirus such as Norton or Kaspersky would probably be a better choice as they would have a huge database of files from probably even a decade ago. Once a file system has been scanned like that then it would never really need to be scanned again as the vast majority of the file systems don't change like that and anything new that comes along should be caught by current protection modules.

I know from years ago when doing full scan and archive scans using different AV products that it would often take over night so if the user has thousands of archives and a TB or more of data amounting to a million plus files then I could see it taking that long. But without logs it's all just guessing.

I once helped a customer contract with what they thought was a file copy issue. It turns out they had over 300K small zip files each was about a K in size but their disk was set up with 16K allocations sizes so every file took 16K to copy. As you can imagine that took a long time to copy compared to when they hit files that were in the multi MB size as those copied very quickly. Once I saw and explained what was happening they understood and held some internal meetings to discuss future changes. Unfortunately I was just contracted for the issue so not sure what they ended up doing in the long run.

 

 

Edited April 20, 2020 by AdvancedSetup
updated information

[AdvancedSetup]

Hello @Dulouige

I went ahead and ran a FULL custom scan on my own system to test how long it takes Malwarebytes to complete a full scan. The following are my results. As you can see on a high-end system with 731K plus objects (that includes specific registry keys searched as well) my scan completed in well under 1 hour. Just barely over 31 minutes. Obviously your results can vary depending on hardware and amount of files on disk and amount of archive files on disk. etc. The scan was also started just after a fresh computer restart with Windows Defender enabled and running as well. I'm pretty sure that if I disabled Windows Defender the scan would complete much sooner.

 

I just performed a FULL custom scan on my system. Including check within Archive files and Rootkit scanning. The full scan took just over 31 minutes. I included some files for it to detect on purpose as well so it was not a clean system. I told Malwarebytes to ignore them at the end of the scan.

I do have a very high-end computer though.

Main disk Windows is installed on

Samsung (MZ-V7S1T0B/AM) 970 EVO Plus SSD 1TB - M.2 NVMe Interface Internal Solid State Drive with V-NAND Technology
Max Sequential Read Speed: Up to 3,500 MB/s
Max Sequential Write Speed: Up to 2,500 MB/s

Processor: i9-9900K 3.6GHz over-clocked to 4.8GHz
64 GB RAM

FINAL RESULTS