BD Episode 2: The Return of the Forced Scans
Some of you may be aware of the forced drive scans which plagued the client in early 2021. Scans would run one hour after every time you booted up your system and would go through reading all your drives and files using up CPU and thrashing physical drives (100% usage). These scans also completely ignored any exception settings you may have setup.
A few days ago, I noticed the behaviour had returned (ironically just a few days after BD informed me they were finally closing the original tickets from 2021). But BD had learnt from its past failures and this time the scans begin immediately the system boots into windows. The old tricks of using the ‘offline disk’ command to hide drives so they don’t get scanned no longer worked. The drives were immediately in use by BD and the command could not unmount drives when the scan had already begun. There was no way to stop the scans this time. The Empire (I mean BD) had won?
We are your overlords! Your system will be thrashed to within an inch of its life on start-up and you will like it! ?
The first scan I noticed, I shut down my computer mid-way and physically unplugged the drives I didn’t want scanned. After booting up all the remaining solid-state drives were scanned and I hoped that would be the end of it. Maybe it was just a one-off. But no, I’ve seen the scan run twice since then. Not on every boot up though, so perhaps it is on some kind of timer this time around.
NB: The sound of my 3 mechanical drives being thrashed is why I tend to notice this where others with only solid-state drives might not. My OS and programs run off the solid-state drives and I use the mechanical drives purely for data storage. They spend most of their life idle and when they spin up, I often have a look to see why and what is accessing them if it wasn’t a direct action on my part.
Why dont the BD developers understand that there are customers that want the real-time protection but want to run scans when they want to and not have them forced upon them?
The first time around it took over 4 months to get these forced scans removed from the client. Almost 3 months of that I was treated as if I was an idiot and my system had something wrong with it. Eventually being offered a reward by BD for identifying the issue with the client by the end of things. I’m not keen to spend another 4 months fighting BD support into acknowledging this is actually occurring. Please just fix whatever you recently changed.
Only run full system scans when the customer wishes them to occur. If there is some new vulnerability which makes you feel there should be a full scan of customer systems (this was the reasoning for the 2021 forced scans, log4j – in that case). How about adding a popup in the system try letting the customer know what yo are doing? I would much rather see a popup like that then the annoying popups prompting me to save all my passwords with you that keep appearing recently.
And just run the scan once (ONCE!) and let the real-time protection handle things after that. What is this obsession with forcing scans on customers every day or every boot over and over for the same thing?
I plan to investigate further and I will post back here if am able to add more information behind the behaviour of these new forced scans. Initially they look very similar to the ones last year, just triggering earlier after system start-up.
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
Comments
-
Hello @Ironbuket , Cristian Amarie from Bitdefender consumer team here.
First of all, be sure I will make this a priority. As for what is happening, I'm not convinced it is the same thing from 2021 - the scan from vulnerability - since I rechecked multiple times (and the test guys as well) the routines that triggered the disk enumeration are not anymore triggered. But since I do want to find what is happening (a bug from us, a regression, something new etc.) we will most likely need some more details. Tomorrow morning I will talk immediately to the test guys to recheck whatever it can happen, and then we will most likely compile a list of details.
If you can post here the product and the current version it will be great so we can gain a lot of time to nail this.
Regards,
Cristian
1 -
*Sigh*. I followed the old problem discussion closely. I want to thank IronBucket for his/her persistence back then, all the way towards a solution. Still up to this very day, 2 of my 3 mechanical hard drives remain offline/unmounted when not needed, b/c I don't really trust BD anymore.
And here we go again: Antivirus Plus v26.0.23.80, updated on 7th of August.
Immediately after every boot-up a forced scan is initiated. Using Process Explorer I can witness bdservicehost.exe systematically crawling all drives, including my mechanical data drives. My desktop system slows down noticeably. Meanwhile, even the BD tray icon remains gray and mouse-over tells me "Bitdefender services not responding". Once again I disabled vulnerability protection today. I don't know yet if this helps or not.
All is left to say is that I 100% agree with IronBucket and everything said above. I've really come to hate these unpleasant surprises.
1 -
A short (ish) update:
I had been using my system for work all day yesterday, shut it down when finished. Then about an hour later realised I had forgotten something and turned it back on. It immediately started scanning my mechanical drives which was noticeable (I confirmed in resource monitor). I only needed to use the system for a few mins and shut it down whilst the scan was still going.
It is now 7 hours later and Im turning the system on again. I didn’t hear any drives and so thought the scan wasn’t happening. However, looking in the Resource Monitor I can see it is, but only to some of my solid state drives this time.
It seems like BD may be scanning different drives each reboot. Maybe to try to hide from the customer that this is going on?
More significantly though, after my initial post above (24hrs ago for me) I went in and added exceptions for every single drive I have, except for C.
Protection > Settings > Manage Exceptions
Turning on the ‘Antivirus’ and ‘Online Threat Prevention’ sliders, but leaving the ‘Advanced Threat Protection’ one off
I can confirm exceptions are yet again being completely ignored – just like occurred with the 2021 problem.
Unless BD has changed how it handles its client code updates, any fix is likely months away even if the code was written today. Someone from BD please correct me if this is no longer the case. BD has/had a very weird way of handling fixes to things like this and they have to wait for an update window and bundle fixes in with other feature updates instead of just pushing out emergency patches.
I’m going to give it a couple of days, but I highly suspect it will be the same situation as last year and I will be forced to uninstall BD and install something else for a few months until they sort this out. At least with the delayed scans last year there was the option of hiding the drives from the scans, this is far worse and probably some coder thinks they were really smart implementing it in this way and no customer would notice.
I’m sure someone in the development team will be able to come up with a justification for these scans, in the same way last year’s were justified by log4j. But I would like to ask the ‘smart’ coder that implemented this: Why do you need to scan more than once?
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
0 -
Sorry forgot to add my version info:
Bitdefender Internet Security Build 26.0.23.80 (paid version)
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
0 -
And here we go again, one thing gets fixed and they screw something else, I've been using the free version waiting for the paid version to be fixed but now is even worst, everytime I turn on my PC I get this annoying scanning, what's wrong with this people, how can they screw things this bad?
So I did what I should have done half a year ago, installed another AV (the one that starts with K) maybe I'll check back in a few months to see if this issue gets resolved, but definitely not installing this God awful software ever again
1 -
RE: 'how can they screw things this bad?'
I can’t say for sure if it is still the case, but from my experiences last year it seems to be lack of coordination between departments. Tech support don’t know what the development team add in their patches. So, when customers report problems there is no immediate connection made between a recent client change and a reported problem. It is only when a customer gets to talk directly to one of the developers that you get anywhere. But for most people you will give up long before that and switch over to using an alternative product. Even when the developers have a fix, it seems the bureaucracy within the company stops them pushing it out. Last year I think it was something like 4-6 weeks between the developer telling me they had a fix ready to push out and them actually being allowed to push to clients.
I would have thought after the mess last year BD would have implemented some kind of beta testing for new patches before sending them out to the wild. Maybe they test them internally, but if they do, that testing process needs looking at. Nobody in the testing team (if one exists) bothered to even look at CPU load from the client after a fresh boot?
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
1 -
Same thing happens to me with Bitdefender Free v26.0.23.80.
Here is another discussion on this issue and it is a widespread topic on everyone:
@BitLibra He opened the post.
So fix the problem now.
Thank you.
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
1 -
I have the same problem
I have a folder with hundreds of thousands of files and it takes a very long time to scan and the drive stays at 100%,and every time you reboot system it will scan, very annoying.
The version is BTS 26.0.23.80
2 -
Hello everyone,
May I kindly ask you to run a windows performance analyzer and send us the results, so our developers can gather more information and figure out what the issue might be?
As one of the reviews says, "If you ever wondered what was going on behind all that busy activity on Windows, this is the one tool to effectively raise those curtains."
You can upload the results here.
Regards
Premium Security & Bitdefender Endpoint Security Tools user
0 -
I ask a simple question ...
Is it possible that in Bitdefender we don't have PCs on which to test the product, run the performance tests to understand what the problem is?
Being a problem reported by several users, it will surely be a problem related to some Windows update that took place in the last few days that creates conflict or a regression or other problem, but these tests should be done by the developers ...
I think the information on the problem is clear and provided.
If even on 10 test PCs the problem occurs on one PC, the reason is analyzed and a solution is sought.
The disclaimer is different if only one user has problems.
So are we all unfortunate users to have the problem?
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
1 -
What is the purpose of having customers run performance analyzer? To see how much impact it has on the system so you can decide if it is worth fixing or not? Surely it can’t be to track down what is causing the scan. I can tell you already that the cause is BD.
As Nunzio said, BD should be able to test this themselves or at least better explain why they need customers to do this testing work for them. Your testing team (you have one?) is not seeing these scans run? How many different variations of OS did you try this on? Are you testing on actual machines or VMs?
Windows 10 Pro 21H2 for me
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
2 -
I'd like to add a few bits of information.
Me: Once again I disabled vulnerability protection today. I don't know yet if this helps or not.
Update: No, that does nothing. I booted my machine twice today, which resulted in two more (full) scans. Each of those scans takes about 8 minutes for me... As a consequence, I took my last remaining mechanical drive offline as well today.
IronBuket: It seems like BD may be scanning different drives each reboot.
Can't confirm that. Using Process Explorer again, I see BD (bdservicehost.exe) crawling each and every remote sub-folder on every drive. Interestingly, the scan pays special attention to .JAR files. Here it pauses to decode its contents. No other archive formats (zip, rar, ...) seems to get processed in depth. Weird...
Alexandru_BD: May I kindly ask you to run a windows performance analyzer
Erm... no. That doesn't feel right. I'm not getting paid to do extensive testing. Sorry.
1 -
Fired up my system this morning and within about 10seconds it was hammering my mechanical drives with 100% usage (confirmed was BD via resource monitor). This is in contrast to yesterday (approx. 24hrs ago) when on that bootup it only scanned my SSDs. I can confirm it is scanning different drives each day - at least on systems with 5 or more drives as is the case with me.
I restarted the system in the middle of the scan in hopes it might scan something else after a reboot, but today is HDD day and it insists on scanning the HDDs. Again, I tried the ‘offline disk’ command trick (I still have the batch file I used with the BD bug last year). But the system doesn’t have time to unmount the drives before BD has at them.
I had to yet again open up my computer case and remove physical power from my HDDs to stop them being scanned immediatly on bootup. Whilst I was at it, I uninstalled BD and switched over to a free client alternative (déjà vu of last year). See you in a few months, I guess. By then we might have an estimate of when BD is going to fix this.
NB: No forced scans once BD was removed.
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
1 -
Are there any updates and resolution times?
Thanks!
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
0 -
Just to make sure, Early boot scan is off for everyone, yes?
Premium Security & Bitdefender Endpoint Security Tools user
0 -
In the free version it is not editable, so what should I do?
Should I switch to another free antivirus?
I had no problems before.
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
0 -
"Early boot scan" is always on for me, since the installation of Bitdefender i turned it on and never been turned off.
Yesterday i did some research and here you can see the results:
Regards.
1 -
Can we get any official answers from the developers?
Apparently the problem is there so rather than trial and error, perhaps it would be useful to have answers on the problem and resolution times.
@camarie give us some official answers?
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
0 -
Yes, I turned off Early boot scan, but it will still auto scan after boot up, no matter on or off.
1 -
Same issue for me I think. I am on the free version 26.0.23.80. I used Resource Monitor to see the activity of bdservicehost and it seems to systematically scanning the whole of my C drive at every boot.
2 -
Even if everyone had it turned on, the client would still be forcing the scans by ignoring drive exclusion settings?
Can BD please confirm if they have or have not seen this behaviour on their own test machines? Could BD also please confirm if they actually have a testing team and test machines (not VMs)?
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
2 -
News about this problem from the developers?
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
0 -
LOL. Sorry I was in the old thread. Just today a part of my brain thought "Maybe I install Bitdefender again, see if they fixed the problem". A different small and very valuable part of my brain said "Maybe check the forums of the old problem first". Needless to say after reading the old problem thread, and coming to this new thread, the answer is NO.
Hi Ironbuket, long time no see. Maybe we should have a drink one day as the "Bitdefender wants to kill my mechanical drives society meeting."
Seriously this is still an issue? Bitdefender still totally ignores user settings? Why have user settings if you do not intend to pay any attention? This is just a joke now. I am sat here laughing at how bad this is.
Previously despite my frustrations and annoyance I tried to communicate in good faith, to be polite, to assume the company wanted to take customer feedback on board and improve the product. Now it just seems to be like a scam, I have no faith left in this company, just cowboys.
You always put the duty on the customer to jump through hoops to raise an issue. Do you not know how your own product works? Do you not use your own product?
Tell me this one question : How many Bitdefender developers have at least one mechanical hard drive in their development PCs? I bet you any money the answer is ZERO. If you wanted to fix this issue at least one of you would have added a mechanical drive, put some files on it, and then wait to see what happens. And while you were working and that mechanical drive was going nuts you would have thought "oh this is a problem, I need to find out what's going wrong and fix it". But no, it's the customer's problem so who cares?
You are lucky I am not Bitdefender management I would make you all work from mechanical drives only including the operating systems to get this fixed. I bet you would resolve it in a single day if it affected you.
Since the last thread I have built myself my first NAS from M.2 drives for speed, and mechanical drives for capacity. It is attached to my PC as a network drive. I dread to think what Bitdefender would do to that. How long does 17Tb of 100% mechanical load take?
Good luck Ironbuket and everyone else affected. I shall check back in another six months to see how this train wreck of incompetence is going. Probably scanning the network for other computers to scan their mechanic drives too so everyone can join in the fun.
2 -
@lechiffre
Welcome back. The problem last year did get fixed (in May 2021), but the issue was in the client for a good 4-5months I believe. From May 2021 until now, I havent had any issues. I noticed this new problem around 14 August 2022.
I like the idea of your "Bitdefender wants to kill my mechanical drives society meeting." Maybe we could get ‘My hard drive survived BitDefender’ T-shirts?
I don’t think it is really about mechanical hard drives though. I notice my NVME spiked to 100% during one of these scans. There is also not in significant CPU load when these scans run. On my system the CPU load is not really a problem, but on older machines it could be more significant.
I guess there is a remote possibility that a Windows update triggered this problem, but I’ve been down this path last year where BD tended to first look everywhere for a cause apart from their own code.
I don’t know how many times I said to them last year, just to honour the drive exclusions no matter what and then bugs like this wouldn’t matter so much. I guess they never listened.
The really sad thing is that unless they changed how they push out patches from last year, it could be months to get this fixed even if they found a solution today. It’s not that I’m out to pick on BD, but the way they run themselves seems to be really odd for an apparently large organisation. I really wish they would get their act together as after using them for so many years I would prefer to stick with them than go elsewhere.
Come on guys, you can do it! Pretend you are an organised company and fix this problem in less than a week. Prove my predictions wrong.
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
2 -
Kindly for the developers, can I know the resolution times you hypothesize?
If it's a few days, that's not a problem, but if it's a few months then I'll move on to another AV solution.
My hard disk is already about 15 years old and I would not want this to be its coup de grace every time the PC is turned on ...
I use the free version, so I can safely go back to Avast Free, if this problem is solved in a few months ...
I hope to receive an exhaustive answer.
Thank you.
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
0 -
I tested multiple possibilities myself on several machines and, while I did not get the spikes reported, the problem looks real, and it is very recent. I talked to all the teams that could be involved, and talking in detail brought up a possible cause. And while I understand some of the comments above, one cannot identify why an issue is happening with the same speed another sees that an issue is happening.
In the next hours I will receive an internal build to be tested by me and one of my test guys, and hopefully 1. what I suspect is true and 2. they will provide me with a build that solves the problem.
After that, if we confirm the issue fixing to them, the other team will release to update via signatures update in the beginning of the next week. At least this is how I see it at this time.
Will get back with news as soon as I know more.
5 -
Not sure what you mean by not seeing spikes. In cpu and drive usage after bootup? Blink and you may miss it on an SSD on a fresh build. The scan doesn’t last very long at all on a C drive that has nothing on it but the OS - at least that is what I saw in previous scans of this kind. Test on a system with a mechanical drive with some data on it and it becomes very obvious when it is doing it.
You should be looking for drive read activity associated with BD rather than for spikes in usage, because these can be hidden on a more powerful system or lost among other bootup processes?
And as I mentioned before, at least for me, it was changing each day which drives it was scanning. When it was only targeting the SSDs I didn’t even notice it was doing it, unless I specifically went looking.
If you can narrow it down to a client update, then just to a version roll back, or is that not possible?
Have you considered my beta test suggestion? Let some customers opt in to updates earlier and then you aren’t screwing your entire client base when you put out a bugged update?
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
1 -
@Ironbuket I read one of the original reports
I'm on windows 11. After the latest Bitdefender Internet Security update, every time windows starts Bdservicehost (bitdefender virus shield) uses 50% of the hd for a long time, slowing down the normal use of the PC. It happens every time windows start or restart.
which indicated a prolonged period of time and a high spike of 50%.
The version rollback is out of my hand, but I will ask. I am still restarting the same test machine and I am still not getting two consistent results in a row. For the moment I am still concentrating to pinpoint the cause to 100%.
2 -
@Camarie "I am still restarting the same test machine and I am still not getting two consistent results in a row."
If your product behaves in a logical manner how are you not getting consistent results on your test machine? Does that in itself not point to a problem? If you can't predict how the software you make is going to behave, does that not tell you the software you make behaves unpredictably?
Why does your software not behave in a way that even the people who make it can understand?
0 -
We dont have details on that system though? If it was a system with only 1 large capacity drive then it makes sense. You are testing on systems with only one drive and these systems are real systems, not just just fresh builds with nothing on them but the OS?
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
0 -
This is hogging my HDD lately so is new for me. This will run my HD at 100% for at least 30 minutes when I do a Restart as well as a fresh Start Up and on occasion just whenever. This issue has been around since 2019 as far as I can see, with no resolution yet. I have disabled all Startup services 2 ways/10 Pro. 30 + minutes is way too long for any startup scan, considering this has never happened before/3 years with Bitdefender.may come to an end soon.
I have contacted Support to no avail. Any ideas in how this started and how to stop it from a startup scan?
Many thanks/Doug
-1 -
You're in the best hands with @camarie ', but @Alexandru_BD and myself will watch and see if we can support internally on this.
Intel Core i7-7700 @ 3.60Ghz, 64GB DDR4 || Gigabyte nVIDIA GeForce® GTX 1070 G1 8GB || WD Blue NAND 500GB + 1TB
0 -
I meant I am not getting the reproduction of the problem consistently: once it spiked around 10%, the next 5 runs never got over 1-2%. A great deal of data is cached and while a first scan might go on Very High indicator of CPU, the subsequent scans might do next to nothing.
0 -
We have the details, but I admit, I do not have such a specialized machine with multiple SSD and mechanical drives. And not, I am testing on a real machine, with multiple repositories cloned and a high number of partitions, and very high number of files and directories.
0 -
If this is around 2019, then it is not the same issue; the log4j scan involved in both cases - the one signaled by @Ironbuket and several other users months ago, and this new one - did not exist at that time.
Can you specify the process or processes that are upping the disk to 100%? At least to know exactly where to start.
PS Personal comment: on my home laptop I experienced for 6 months disk staying on 100%, without anything else installed than Windows 10 and its native defender. Nothing helped after prolonged forums' sessions: turned out it was a combo of Windows 10 and driver bugs. I would say to try to exclude such an issue first, if possible.
0 -
FYI Today we're set to receive a new version of the involved components (from the team delivering them) to retest on all of our available machines. It is basically a version which will do not perform the startup caching of log4j lookup, and thus removing the most likely cause of this issue.
If our tests will look green after this first round of checking, we'll give them the ok and most likely the next signature update will come up with the fix.
I will follow up anyways as soon as I have updates.
3 -
Not sure if this is still of any use at this stage, but regarding the not seeing 100% usage: As someone that has a mix of most types of drives and long experience of these scans, I can say that it is only mechanical drives that will consistently hit 100% usage. SSD tended not to hit 100%, but usage was still high. NVME tends to only spike for a few seconds and only rarely hits 100%. Implying heavily that the speed of your system and what types of drives you have will influence what kind of load you will see. The scans also seemed to particularly take an interest in Steam folders and spend a lot of time in there. Maybe install Steam and few free games as bait on your test machines.
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
2 -
@Ironbuket I am cloning several large repositories, and will try your very good suggestion with Steam (I do have like 30 games bought so I can fill up the disk with a good number of files and directories), let's hope I'm not blocked on corp connection by firewall filters.
I do have 4 machines with NVMe only, NVMe+HDD, and HDD only, so I can check up all the scenarios. I did noticed spikes on NVMe only, but not consistently, that's why I said in a previous comment that I can't isolate a consistent behavior regarding the spikes.
Just now I got both a debug and the release latest builds to integrate in an existing installation, and the developer specifically added in their internal logs if the scan routine starts (or not).
As I said, will follow up - only this will take some time to test on 3-4 machines, restarts, read the logs, compare disk activity with/without. (Then we'll do the development build, the test team has to do the testing as well, then to let the fully automated tests to run several times for hours to see if this is fixed; then the official build from the other team, then our official build and again the functionality and the endurance tests - I'm telling this to be clear that it will do take some time until the release with the fix).
1 -
Is the problem fixed in this update: 26.0.25.84 or will it be fixed in the next update?
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
0 -
Re: restarting over and over to see something different. As I mentioned originally, I was seeing it scan different drives on different days. I know it sounds completely crazy, but that is what it seemed to be doing. Another thing I noticed about these scans, and also last year's scans, was that during a scan it tended to hammer particular drives more than others.
Rather unsurprisingly it tended to target drives which contained files that potentially could contain a virus. A drive I have full of video files, got almost no attention at all as far as I can recall.
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
0 -
Logged on here to see if other people had a similar issue, glad I'm not the only one. It has been quite frustrating to have my mechanical hard drives thrashed so badly after every boot up.
So last night decided to do full scan on one of the partitions for one of my drives, took more than 4 hours, but it would show me whether bitdefender will scan that partition again after a new start, keeping in mind that the option for "Scan only new and modified files" is turned on. But unfortunately after turning on my PC today, it immediately started scanning the whole drive again. So the "scan only new and modified files" option is pretty much useless and/or something else is wrong.
I hope this issue can be resolved soon, as I have lost count of how many weeks this has been going on.
Windows 10 Pro, Bitdefender Total Security Build 26.0.23.80
2 -
Update: tested with both debug and release versions of the files supplied, and I did not notice any related startup scan log4j related. The test team will do this thoroughly on their machines to confirm if this has been solved, and then the endurance tests no. 1 with the development version of product.
Will followup with progress as soon as they get back with results.
4 -
Very good!
We look forward to further updates.
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
1 -
Fair play despite my earlier rant you guys do seem to be taking the problem seriously now, so I have to give you credit for that. Apologies if my rant is offensive but this problem is very frustrating.
To try and add useful data into the investigation process my experience with the mechanical hard drive 100% for long periods is that it seems to me to be worse with large numbers of small files. Say you had two mechanical drives one with movies - big files and the second with an enormous amount of small files e.g. config and text files the second drive would be much worse hit by the 100% mechanical thrash issue.
In my case I had downloaded the Free version of Vivado FPGA design tools from Xilinx onto my 8Tb mechanical drive.
From this link choose standard edition and then install it on a mechanical drive. The standard version will run in free mode.
Don't use the suggested web installer, use the full offline download for maximum effect of number of files. Run it once for it to generate all the config files it wants.
It installs an ENORMOUS amount of files like many tens of thousands. Actually scratch that it generates an insane amount of files on my system the one folder for that application is 121Gb and a little under half a million files. Yes just under half a million. in 55 thousand sub folders. Photo attached to prove I'm not bullshitting. Most of them are tiny. That on a mechanical drive with Bitdefender causes absolute carnage to the mechanical drive.
I hope this helps you get to the bottom of the issue.
2 -
Forum software won't let me post links to the software or my image of the folders and files. Trying again here.
Image of how many files - No forum software won't let me. Can't attach either.
Link to software
www.xilinx.com/products/design-tools/vivado/vivado-ml.html
Tried to Direct Message the image to camarie but forum software still won't let me.
2 -
Premium Security & Bitdefender Endpoint Security Tools user
0 -
Thank you Alexandru
Image of xilinx install folder.
2 -
Below is one of many folders I have on a mechanical drive which seems to be particularly hammered by the forced scans. It is packed full of small files as described by lechiffre. However, in my case these are actual personal data files and images and not just application files.
I do have another folder on the same drive which is mostly apdata
There are more folders than this. I havent checked but I expect well over a million files on this drive alone. And I have 2 other mechanical drives which are similar in capacity, but less numbers of files per drive (larger files).
Im not sure what camarie meant by 'I did not notice any related startup scan log4j related.' Does this mean camarie saw no log4j related scans or did see scans but those scans were not log4j related? If the testing team is not seeing any forced scans at all that is very worrying and my earlier estimate of a few months to fix this, may have been a bit optimistic.
Internet Security (Paid), Windows10 Pro64, Ryzen7 5800X, 32GB RAM, RTX3070, 5 internal storage drives, 2x ext hot-swap drives
0 -
I'm wondering is there an algorithm that Bitdefender uses to choose the order it scans files in?
For example the most simple and obvious algorithm would be to recursively iterate through all the files and folders in the current directory, and scan each in turn. But I expect anti-virus software might have a more complex file order for scanning algorithm. e.g. scan files than can be run first e.g. .exe .bat. scripts etc... But also possibly for there to be some sort of load balancing, and "files to scan next" queue. Perhaps if there is an algorithm that it doesn't deal with large numbers of small files well. Possibly even the file pathnames get very long with subdirectories many levels deep, and that causes the algorithm difficulty. Clearly the algorithm does make it all the way though so it "works" but may be causing this 100% battering to mechanical drives as a symptom of the algorithm having difficulty with so many files, directories to parse, huge amount of file meta data, long file pathnames etc...
Although I'm not going to be the one to do it but I suggest an experiment. Two equal make and model mechanical drives - one with a large number of small files, the other with a much smaller number of large files e.g. gig plus movie files to the same total size as the large number of small files. Does Bitdefender deal with one more gracefully than the other?
When I right clicked on my xilinx folder and asked windows for the properties it took a good 5-10 minutes for even windows to count all the files and folders, and size. If Bitdefender is asking windows to enumerate 55K folders and half a million files folder by folder that's a good 30 minute job on its own. If at the same time you start AV scanning some of the file contents, that could cause utter havoc on a mechanical drive. Especially if the heads are moving back and forth between the filesystem tables where the disk stores info about where the files are stored and how long they are, versus the actual file data that needs to be scanned. These two are not held close to each other on a mechanical drive and continually flicking back and forth between both would 100% the drive, and not do it any good, especially if you did that for an hour or so every single day.
0