MDE Full Scan takes a long time

Question

Hi,

We have a situation where the Full Scan with MDE on Windows Server 2012 is starting on Saturdays at 2:00 am, the scan takes too long time (several hours >30) on some servers. Customer has had to stop the scan because it does not allow it to operate properly as the CPU utilization is too high. This happens on at least 3 servers working with an Automation Anywhere Enterprise (RPA) client tool.

We have already added files recommended by provider of this RPA application to MDE exceptions, but it continues with the same behavior.

Someone could know why scanning takes so long?

Thanks in advance

Answer 1

Hello

The length of time for an MDE scan depends on several factors:

1. Scanning engine design: signature database, heuristic scanning
2. Type of scan performed: full scan, quick scan, custom scan
3. Scanned disk size and used capacity
4. Whether to include an external drive scan
5. Whether the scanning engine stalls, hangs or freezes

Solution:

1. Delete temporary files <Open Settings - System - Storage - Temporary Files and Recycle Bin - Delete Temporary Files>
2. If there is a known folder on your computer that is causing problems with Windows Defender, you can have Windows Defender ignore it
3. Too much disk fragmentation will also slow down the scanning speed of Windows Defender. It is recommended to run "Disk Defragmenter"
4. Set the MsMpEng.exe file to a specific processor in your computer to avoid high CPU usage. <task manager-details-right-click msmpeng.exe set dependencies-CPU limit used by running processes>
5. Reset Windows Security App: https://www.tenforums.com/tutorials/165764-how-reset-windows-security-app-windows-10-a.html

Best Regards,
Wesley Li

Answer 2

Do you have any other questions?

If the above reply is helpful to you, please mark it as answer.

Thanks

Answer 3

Hello

Do you have any further questions?

How is the issue progressing so far?

Thanks