Jump to content

ESET File Security Scan taking 100+ Hours


Recommended Posts

So I recently installed file security on my Windows Server 2008 R2 and the first scan has now been going for 120 hours and seems to have no end in sight. A smart scan was also started by schedule and it too has now been going on for around 30 hours.

The real time protection is still working but the scans are showing threats on my system but because the scans aren't finished the program isn't doing anything.

How long should a scan usually take?

Link to comment
Share on other sites

  • Administrators

How long does it take to scan with ecls.exe (the command-line scanner) which is part of EFSW? Does the scan complete?

Link to comment
Share on other sites

  • Administrators

You must run it from the ESET install folder, otherwise you'll have to specify the path to the ESET install dir via the --base-dir= parameter.

Link to comment
Share on other sites

UPDATE: after a total combined time of 400 hours the "first scan" and the first scheduled scan have finally finished. Did not expect it to take that long.

Link to comment
Share on other sites

  • Administrators
7 hours ago, Dandandan said:

UPDATE: after a total combined time of 400 hours the "first scan" and the first scheduled scan have finally finished. Did not expect it to take that long.

You must have too many files, probably many archives or iso images that were scanned internally. You can try temporarily disabling scanning of archives to confirm my assumption. Anyways, the second scan should be much faster when it comes to stand-alone PE files as whitelisted files will be omitted from scanning.

Link to comment
Share on other sites

@MarcosHow do I set the scans so archives are left out? After an extensive review of the scan log it certainly appeared that archives seemed to be the big issue. I am working on a very large server that is running a large law firm so I expected some time to complete the scan.

Also in the scans it said it detected several threats and yet nothing was done about them. What should I do for that?

Link to comment
Share on other sites

  • 1 month later...
  • Administrators

For a list of parameters and switches, run "ecls.exe --help". To disable scanning of archives, use "/no-arch /no-sfx". To enable standard cleaning, use "/clean-mode=standard".

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...