MDE Full Scan takes a long time

Torres, Gabriel 1 Reputation point
2022-11-09T02:36:13.117+00:00

Hi,

We have a situation where the Full Scan with MDE on Windows Server 2012 is starting on Saturdays at 2:00 am, the scan takes too long time (several hours >30) on some servers. Customer has had to stop the scan because it does not allow it to operate properly as the CPU utilization is too high. This happens on at least 3 servers working with an Automation Anywhere Enterprise (RPA) client tool.

We have already added files recommended by provider of this RPA application to MDE exceptions, but it continues with the same behavior.

Someone could know why scanning takes so long?

Thanks in advance

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,599 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,778 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Wesley Li-MSFT 4,401 Reputation points Microsoft Vendor
    2022-11-10T06:45:38.873+00:00

    Hello

    The length of time for an MDE scan depends on several factors:

    1. Scanning engine design: signature database, heuristic scanning
    2. Type of scan performed: full scan, quick scan, custom scan
    3. Scanned disk size and used capacity
    4. Whether to include an external drive scan
    5. Whether the scanning engine stalls, hangs or freezes

    Solution:

    1. Delete temporary files <Open Settings - System - Storage - Temporary Files and Recycle Bin - Delete Temporary Files>
    2. If there is a known folder on your computer that is causing problems with Windows Defender, you can have Windows Defender ignore it
    3. Too much disk fragmentation will also slow down the scanning speed of Windows Defender. It is recommended to run "Disk Defragmenter"
    4. Set the MsMpEng.exe file to a specific processor in your computer to avoid high CPU usage. <task manager-details-right-click msmpeng.exe set dependencies-CPU limit used by running processes>
    5. Reset Windows Security App: https://www.tenforums.com/tutorials/165764-how-reset-windows-security-app-windows-10-a.html

    Best Regards,
    Wesley Li

    0 comments No comments

  2. Wesley Li-MSFT 4,401 Reputation points Microsoft Vendor
    2022-11-18T02:20:44.353+00:00

    Do you have any other questions?

    If the above reply is helpful to you, please mark it as answer.

    Thanks

    0 comments No comments

  3. Wesley Li-MSFT 4,401 Reputation points Microsoft Vendor
    2022-11-25T03:01:35.267+00:00

    Hello

    Do you have any further questions?

    How is the issue progressing so far?

    Thanks

    0 comments No comments