tetonbob

Thanks, Paul. Log received, and message sent via PM.

@engdp you can send the file via private message, zipped. To gather detailed logs to help us assess this detection event, can you please run this utility on the affected endpoint? Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs

@yardbird - this was a false positive which has been resolved in database version 1.0.40189. Thanks for your report.

@yardbird - did you happen to be running a rootkit scan? Can you please provide logs from our MBST utility? Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be s

@cchilderhose - thanks for letting us know! Please do report back if the issue returns.

Hi Phil. This FP has already been addressed by the Research team. Thanks for your report.

Yes, TaskManager screenshot. I'm curious how you had it laid out where mbamtray was always on top. I can reproduce this issue (on VMs and hardware), but in my testing the CPU usage always returns to 0 after the spike. Further, I see a smaller but still consistent spike on any OS. I've filed a defect for this to be investigated by the team. Any additional information you can provide will be appreciated. Thanks!

@cchilderhose- could you please detail this for us a bit more? What utility are you using to see this? TaskManager? How do you have it configured? Could you share a screenshot, please? Does the spike release completely and then return, or is it cumulative? Does this spike seem to occur once per minute, approximately? Did you ever notice this behavior in Win10 20H2? Or just in the 21H1 build?

Thank you, @Bubblejunk!

@Bubblejunk can you upload this full crash dump to a file sharing service such as WeTransfer, and post back the link? C:\Windows\MEMORY.DMP The best way to upload this would be to copy it to your desktop first, then zip before uploading. You can find instructions for using WeTransfer in this previous post by AdvancedSetup https://forums.malwarebytes.com/topic/270017-numerous-bsods-daily-systems-very-slow/?tab=comments#comment-1436092 Thanks!

Thanks for letting us know! The latest Beta is now available: https://forums.malwarebytes.com/topic/267583-malwarebytes-43-beta/?tab=comments#comment-1436637

Great, thanks for confirming. My apologies for overlooking that part in your original comment. That experience, as Erix noted, is why we disabled this CU shortly after it was enabled. We've got that fixed in the next Beta.

@brad03 out of curiosity, did you receive a tray notification to reboot after this Component Update (CU) was applied?

With regards to this: That issue has been resolved and a new version of the Support Tool has been released. You should not see that issue now.

Hi @Rimmsi - we have now in Beta, a fix for this issue. See: https://forums.malwarebytes.com/topic/267583-malwarebytes-43-beta/?tab=comments#comment-1433990 If you are able to install this Beta, we would appreciate your feedback.