diff --git a/modules/security/malware-scanner.sh b/modules/security/malware-scanner.sh
index a5e07e4..fc7088c 100755
--- a/modules/security/malware-scanner.sh
+++ b/modules/security/malware-scanner.sh
@@ -854,9 +854,9 @@ for scanner in "${AVAILABLE_SCANNERS[@]}"; do
                             current_status=$(echo "$scan_info" | awk '{print $7}')  # Field 7 is SCAN_STATUS
 
                             # Check if this is our scan (created after we started)
-                            if [ "$created_time" -ge "$SCAN_START" ]; then
+                            if [[ "$created_time" =~ ^[0-9]+$ ]] && [ "$created_time" -ge "$SCAN_START" ]; then
                                 # Check if scan is complete (COMPLETED field has timestamp)
-                                if [ -n "$completed_time" ] && [ "$completed_time" != "COMPLETED" ] && [ "$completed_time" -gt 0 ]; then
+                                if [ -n "$completed_time" ] && [ "$completed_time" != "COMPLETED" ] && [[ "$completed_time" =~ ^[0-9]+$ ]] && [ "$completed_time" -gt 0 ]; then
                                     scan_running=false
                                     echo ""  # New line after progress
                                     log_message "ImunifyAV scan finished for $path (status: $current_status)"
@@ -1046,8 +1046,9 @@ for scanner in "${AVAILABLE_SCANNERS[@]}"; do
             echo ""
 
             # Run with --progress for real-time percentage updates
+            # Use -a flag to scan all files (not just recent modifications)
             # Timeout after 2 hours
-            timeout 7200 maldet -b -f "$TEMP_PATHLIST" 2>&1 | tee -a "$LOG_DIR/maldet.log" | while IFS= read -r line; do
+            timeout 7200 maldet -b -a -f "$TEMP_PATHLIST" 2>&1 | tee -a "$LOG_DIR/maldet.log" | while IFS= read -r line; do
                 # Parse progress lines: "files: 1234 (45%)"
                 if [[ "$line" =~ files:\ ([0-9]+)\ \(([0-9]+)%\) ]]; then
                     files_so_far="${BASH_REMATCH[1]}"