Jump to content

Scan Engine To Slow


Guest DasFox

Recommended Posts

It's a fact that spyware/malware, etc., only shows up under certain extensions unless someone packs it into another extension.

With this thought in mind, I hope in the future Malwarebyte's can increase the engine speed.

I think it's an awesome program but the scanning engine is extremely slow.

As a tech when cleaning clients computers I need something that works and is fast, unfortunalty because of how slow Malwarebytes' is, I can't use it unless I'm dealing with an extremely small amount of data.

I peronsally don't get why the engine is so slow. As an example yesterday I had a client that wanted is portable USB drive scanned with data he backed up, because he wasn't sure if there was anything on it or not.

After 20 mins. Malwarebytes' had only scanned around 2-3GB of data. I don't know about you, but 20 mins to scan 3GB, this is terrible... :wub:

Don't take me wrong here, I love the program when you have the time to scan, but that's the problem, TIME!

Link to post
Share on other sites

Are you scanning with the full scan? There is really no need, quick scan is designed to catch 100% of malware. :wub:

I right clicked on the USB drive to bring up the Context Menu and picked Malwarebytes' and scanned like this, which automatically starts Malwarebytes' scanning, you don't get to pick a type of scan like this...

Link to post
Share on other sites

Are you scanning with the full scan? There is really no need, quick scan is designed to catch 100% of malware. :wub:

Yup, +1 to that because just as malware only uses certain file extensions, it also only hides in certain places (when active) and that's where the quick scan is designed to look. It typically takes between 1-5 mins. to do a quick scan which to me is completely reasonable, especially considering how effective it is.

Link to post
Share on other sites

You could potentially just scan the Windows folder and Program Files folder if scanning a slave drive, but doing so instead of scanning a drive that's active means you miss anything that would normally be loaded into memory as well as the registry, which are key points MBAM uses to detect active infections on a system. I can understand slaving a drive to scan if you absolutely can't boot, but otherwise most tools work much better on a system that's booted, especially MBAM.

Link to post
Share on other sites

I'm putting the USB hard drive on a clean system, the only thing that needs to be scanned is this external drive. The only way I see you can then do this is to right click it, bring up the Context Menu, click Malwarebytes' and let it scan, but this scan is way to slow.

Call it what you want, but doing a scan this way, well all you're doing is scanning data on a drive, and it's slow... :wub:

Link to post
Share on other sites

I have done a controlled test. I ran malwarebytes quick mode, and full mode. On a VM box. After It was done doing the quick scan, I then ran the full scan. To my suprise it still found a few more infections the quick scan missed, so to say it finds 100% of malware in quick scan is false....

Link to post
Share on other sites

I have done a controlled test. I ran malwarebytes quick mode, and full mode. On a VM box. After It was done doing the quick scan, I then ran the full scan. To my suprise it still found a few more infections the quick scan missed, so to say it finds 100% of malware in quick scan is false....

I don't see how anyone can make this claim, because a Quick Scan does not go through every directory on the box.

You always have to do a full scan to be sure you found everthing.

Link to post
Share on other sites

And could you please post those results? I'm willing to bet they were leftovers and nothing to worry about. I still say a full scan is not needed, quick scan is more than enough.

Just so people here can see this, please list the direcs that a Quick Scan does?

I don't recall seeing anything that says on the app, what programs this is?

Does the Quick Scan, scan the entire system, and only with a different scanning method?

According to the program, 'quick scanning technology' is the only thing it's saying, which makes you think the entire system is scanned?

THANKS

Link to post
Share on other sites

Typo:

I don't recall seeing anything that says on the app, what programs this is? /what direcs this is?

P.S. We need to be able to EDIT our posts, where's the 'EDIT' function?

Link to post
Share on other sites

  • Root Admin

Let me shed some light on this,

I have done a controlled test. I ran malwarebytes quick mode, and full mode. On a VM box. After It was done doing the quick scan, I then ran the full scan. To my suprise it still found a few more infections the quick scan missed, so to say it finds 100% of malware in quick scan is false....

Malware archives do not count! Please posts the results and we will see exactly what was detected.

P.S. We need to be able to EDIT our posts, where's the 'EDIT' function?

Yes, I apologize, there were some bad eggs that edited their posts after someone already read them and it was just a mess.

Anyway, the quick scan catches 99.9% of malware the full scan catches. The only reason are anomalies such as malware archives and new malware hiding in new locations (which we detect a few hours after it is detected). So basically, it is like Lysol. Lysol is a germ killing spray, but in the commercials they say they kill 99.9% of germs. Reason -- some mutant strains and they get sued. I know, I know, bad analogy, but you get the point :).

Link to post
Share on other sites

Let me shed some light on this,

Malware archives do not count! Please posts the results and we will see exactly what was detected.

Yes, I apologize, there were some bad eggs that edited their posts after someone already read them and it was just a mess.

Anyway, the quick scan catches 99.9% of malware the full scan catches. The only reason are anomalies such as malware archives and new malware hiding in new locations (which we detect a few hours after it is detected). So basically, it is like Lysol. Lysol is a germ killing spray, but in the commercials they say they kill 99.9% of germs. Reason -- some mutant strains and they get sued. I know, I know, bad analogy, but you get the point :).

Ok if the Quick Scan does the job, then why is the Full Scan even in the program as an option? See you are confusing users, LOL...

If it's not really need as you are pointing out then please remove it.

I'm a geek and a Tech, but I'm not a coder, so even at my level of experience I am seeing these as two choices. Do one when you don't have the time to get some of the nasties, do the other when you have more time to get the nasties the Quick Scan can't, or didn't pick up. See my point now?

THANKS

Link to post
Share on other sites

Ok if the Quick Scan does the job, then why is the Full Scan even in the program as an option? See you are confusing users, LOL...

If it's not really need as you are pointing out then please remove it.

I'm a geek and a Tech, but I'm not a coder, so even at my level of experience I am seeing these as two choices. Do one when you don't have the time to get some of the nasties, do the other when you have more time to get the nasties the Quick Scan can't, or didn't pick up. See my point now?

THANKS

Full scan's best use as far as I can tell would be to scan for malware on a slaved hard drive from a PC that won't boot, and also to use the software's built in heuristics to detect malware in the rare case that it isn't in the default location. One thing you might notice though, is that unlike most security scanning tools, the default option is quick scan and not full scan. The first thing most AV/AS softwares want a user to do is update and perform a full scan to make sure the system is clean, primarily because they work based on file signatures only instead of the kinds of detection algorithms that MBAM uses, which is why MBAM is so efficient at scanning and why the database files are so small.

Link to post
Share on other sites

Oh sorry, that was meant for IT Expert, not you.

We cannot allow people to edit posts, sorry, people have just abused the feature too much. :)

I did not save the logs, but I will next time. I have long since formated over my infection box. I will keep an eye on it, I typically always scan quick first then scan full just to make sure everythings gone.

Link to post
Share on other sites

The full scan cant catch any more malware that has the ability to enter memory because that portion of the scan is identical for both versions . Both versions use the same registry scanner , same heuristic checks , same load point checks and same memory checks . The only thing that full scan can do better is to catch a few extra traces .

I cant go into all the details but there are at least 5 ways we can hit files not inside of the usual quick scan locations so the smaller number of places we look has nothing to do with where we can hit a file , it only has to do with reducing the amount of time wasted looking at files that have no chance of being malware .

Someone asked why have a full scan option then , that is simple , people (even knowing the full specs) would rather have the ability to catch these occasional traces then to have that option taken away from them .

This next statement I stand behind 100% as the lead researcher for Malwarebytes Corp .

I have not even one single time needed to run a full scan with MBAM while researching new malware to completely kill its ability to enter memory on reboot .

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.