Dandandan 0 Posted August 2, 2017 Share Posted August 2, 2017 So I recently installed file security on my Windows Server 2008 R2 and the first scan has now been going for 120 hours and seems to have no end in sight. A smart scan was also started by schedule and it too has now been going on for around 30 hours. The real time protection is still working but the scans are showing threats on my system but because the scans aren't finished the program isn't doing anything. How long should a scan usually take? Link to comment Share on other sites More sharing options...
Administrators Marcos 3,880 Posted August 2, 2017 Administrators Share Posted August 2, 2017 How long does it take to scan with ecls.exe (the command-line scanner) which is part of EFSW? Does the scan complete? Link to comment Share on other sites More sharing options...
Dandandan 0 Posted August 2, 2017 Author Share Posted August 2, 2017 @Marcos It hasn't even finished the first scan when installation is complete and it is at 120 hours Link to comment Share on other sites More sharing options...
Administrators Marcos 3,880 Posted August 2, 2017 Administrators Share Posted August 2, 2017 Did you really run the command-line scanner ecls.exe as I asked and not a scan from gui? Link to comment Share on other sites More sharing options...
Dandandan 0 Posted August 2, 2017 Author Share Posted August 2, 2017 @Marcos I tried running it but it says Scanner initialization failed Link to comment Share on other sites More sharing options...
Administrators Marcos 3,880 Posted August 3, 2017 Administrators Share Posted August 3, 2017 You must run it from the ESET install folder, otherwise you'll have to specify the path to the ESET install dir via the --base-dir= parameter. Link to comment Share on other sites More sharing options...
Dandandan 0 Posted August 7, 2017 Author Share Posted August 7, 2017 UPDATE: after a total combined time of 400 hours the "first scan" and the first scheduled scan have finally finished. Did not expect it to take that long. Link to comment Share on other sites More sharing options...
Administrators Marcos 3,880 Posted August 8, 2017 Administrators Share Posted August 8, 2017 7 hours ago, Dandandan said: UPDATE: after a total combined time of 400 hours the "first scan" and the first scheduled scan have finally finished. Did not expect it to take that long. You must have too many files, probably many archives or iso images that were scanned internally. You can try temporarily disabling scanning of archives to confirm my assumption. Anyways, the second scan should be much faster when it comes to stand-alone PE files as whitelisted files will be omitted from scanning. Link to comment Share on other sites More sharing options...
Dandandan 0 Posted August 8, 2017 Author Share Posted August 8, 2017 @MarcosHow do I set the scans so archives are left out? After an extensive review of the scan log it certainly appeared that archives seemed to be the big issue. I am working on a very large server that is running a large law firm so I expected some time to complete the scan. Also in the scans it said it detected several threats and yet nothing was done about them. What should I do for that? Link to comment Share on other sites More sharing options...
Administrators Marcos 3,880 Posted September 12, 2017 Administrators Share Posted September 12, 2017 For a list of parameters and switches, run "ecls.exe --help". To disable scanning of archives, use "/no-arch /no-sfx". To enable standard cleaning, use "/clean-mode=standard". Link to comment Share on other sites More sharing options...
Recommended Posts