Slow scanning

Discussion in 'Prevx Releases' started by Tarnak, Nov 30, 2011.

Thread Status:
Not open for further replies.
  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    In one of my snapshots, scanning has become inordinately slow.

    ScreenShot_WSA_scan_slow_01.jpg

    Previous scans:

    Previous Scan Results

    CLEAN - [Tue 2011-11-29 17:04:57] 107910 files scanned, 0 infections found in 42m 11s
    INFECTED - [Tue 2011-11-29 15:49:13] 125838 files scanned, 19 infections found in 35m 22s
    INFECTED - [Sun 2011-11-27 09:29:01] 117003 files scanned, 4 infections found in 33m 46s
    INFECTED - [Thu 2011-11-24 08:36:00] 37559 files scanned, 1 infection found in 6m 3s
    CLEAN - [Wed 2011-11-23 09:24:04] 31814 files scanned, 0 infections found in 2m 39s
    CLEAN - [Mon 2011-11-21 08:53:37] 32885 files scanned, 0 infections found in 3m 10s
    CLEAN - [Tue 2011-11-15 13:51:56] 25938 files scanned, 0 infections found in 3m 31s
    CLEAN - [Mon 2011-11-07 08:36:14] 25034 files scanned, 0 infections found in 2m 37s
    CLEAN - [Sun 2011-11-06 09:20:21] 33492 files scanned, 0 infections found in 3m 31s
    CLEAN - [Fri 2011-11-04 08:00:09] 32668 files scanned, 0 infections found in 2m 51s
    CLEAN - [Fri 2011-11-04 07:55:39] 36173 files scanned, 0 infections found in 4m 16s
    CLEAN - [Sat 2011-10-29 08:11:40] 32270 files scanned, 0 infections found in 3m 28s
    CLEAN - [Sat 2011-10-29 08:10:20] 2 files scanned, 0 infections found in 46s
     
  2. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    Just finished.

    ScreenShot_WSA_scan_slow_02.jpg
     
  3. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    If an infection is detected, the scan will become more cautious, scanning more idle files. It will return to normal speeds after it re-establishes that the system is clean. I suspect part of it is due to the other snapshots being scanned as well, but there probably isn't a reliable way of getting around that without compromising security.

    If you wanted, you can uninstall/reboot/reinstall which should improve it.

    Let me know your results! :)
     
  4. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    It seemed it was mostly irrelevant detections, so I will see how the scans go before going to all that trouble with uninstall/reinstall. ;)

    See recent log:

    Webroot Scan Log (Version v8.0.1.20)
    Log saved at Tue 29-11-2011 17:10:21

    v8.0.1.20
    Windows XP Professional Service Pack 3 (Build 2600) 32bit
    Scan Started: Tue 2011-11-29 15:49:13
    Files Scanned: 125838
    Malicious Files: 19
    Duration: 35m 22s

    Some legitimate files are not included in this log
    c:\$isr\5\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp13\a0018296.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\5\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp13\a0018340.exe [MD5: 00833E81BD031CECE649559C2822ECDA] [Flags: 08080000.5986] [Threat: W32.Malware.Gen]
    c:\$isr\4\unzipped\regdllview\regdllview\regdllview.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\5\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp13\a0019096.exe [MD5: 59827D8737656D7B6A9B244C1E15BF52] [Flags: 08080000.5990] [Threat: W32.Malware.Gen]
    c:\$isr\3\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp322\a0431145.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\3\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp322\a0431144.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\3\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp323\a0437472.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\3\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp321\a0431070.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\3\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp321\a0431058.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\3\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp323\a0436495.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\3\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp323\a0434400.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\3\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp323\a0436496.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\1\unzipped\regdllview\regdllview\regdllview.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\3\system volume information\_restore{eaf808e9-a451-4f6f-acb7-2ee5af7cb4e6}\rp321\a0431064.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\5\unzipped\regdllview\regdllview\regdllview.exe [MD5: 6F53909D1BC2007FD9CC7D8D06198F25] [Flags: 08080000.5985] [Threat: W32.Trojan.dx!tqt]
    c:\$isr\1\utilities\copy of usb key-damaged\ice sword\1.22beta1\icesword122enb1\icesword.exe [MD5: 59827D8737656D7B6A9B244C1E15BF52] [Flags: 08080000.5990] [Threat: W32.Malware.Gen]
     
  5. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    sped up again....;)

    Webroot Scan Log (Version v8.0.1.23)
    Log saved at Thu 01-12-2011 08:53:54

    v8.0.1.23
    Windows XP Professional Service Pack 3 (Build 2600) 32bit
    Scan Started: Thu 2011-12-01 08:36:10
    Files Scanned: 29865
    Malicious Files: 0
    Duration: 2m 31s
     
  6. m0unds

    m0unds Guest

    OT but sort of relevant - how's WRSA getting along w/VIPRE? I always had issues with Prevx on my machines that run VIPRE Premium (IS now)
     
  7. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    I have Vipre 2012 AV (5.0.5074) co-existing very peacefully here with WSA Essentials 8.0.1.23, and both scanning fast also...about 90-100 secs for WSA, and approx 2 1/2 mins quick scan for Vipre. On x86 Windows 7 HP.
     
  8. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    I have noticed that there is 100% harddrive activity when updating definitions.

    It takes longer now with the latest Vipre 2012 release. Apparently, a new method has been implemented, "to prevent definitions from ever going to version 0, even if a definition update fails."

    ScreenShot_Vipre_SBAMSvc_heavy_disk_usage_05.jpg
     
Thread Status:
Not open for further replies.