1PW

Hello @conehead: Since a continuous and unrestricted communications path must exist between the client MBARW's MBAMService.exe and Malwarebytes' licensing operations, the following will produce logs to assist in quality analysis and troubleshooting. Please download/run the following Malwarebytes written data gathering support tool, on the system in question, restarted in the Windows NORMAL boot mode: Download the trusted, Malwarebytes authored arwlogs.exe utility/tool and save to a system Administrator's desktop of the system in question. arwlogs.exe is an information gathering tool that neither installs nor does it make system/registry hive changes. Single right-click the arwlogs.exe icon and select Run as administrator. If a Windows User Account Control (UAC) alert/prompt for arwlogs.exe appears, select the "Yes" button to continue. If a Windows SmartScreen warning alert/prompt for arwlogs.exe appears, select "More info" then select the "Run anyway" button to continue. A Command window will appear and its contents may be mostly ignored. When "Press any key to continue . . . " appears at the bottom of the Command window, type an Enter key to close the window. A zipped archive (yyyy-mm-dd-{COMPUTERNAME}.zip) should have been generated to the system Administrator's desktop. Delete arwlogs.exe from the Administrator desktop. Attach the above zipped archive to your next reply in this topic. Since you may have not already done so by now, please consider selecting the "Follow" button, near the upper-right corner of your topic, to receive timely notifications regarding replies. Although more data may be required, after the requested data is posted, the Malwarebytes' team can commence their analysis. Thank you always for your assistance.ur assistance.

Hello @mkhoo1972: MB3 v3.0.5 had/has been replaced by many updates, of which the current release is v3.1.2.1733 and those updates contained very many fixes compared to your system's current version. Although the current MB3 update is being throttled out, an individual user is more than welcome to immediately install the update before your system's update is chosen on a random basis, or before the updating throttle is opened to full. This would certainly be the case if you are one of the few users experiencing an MB3 issue. Since at least one MB3 update was missed, please consider employing the MB-Clean support tool only for this one-time update process. As a safety precaution, please store the system's MB3 license key separately until the system in question and MB3 are running well with v3.1.2.1733. After completion, please respond to your topic with the status of the system. Thank you.

Hello @Nastajia: So as to protect the less experienced, but curious readers from inadvertent clicking, please type (or Copy and Paste) the URLs and/or IP addresses into a (<>) "Code" box that you believe were blocked by the Web Protection module of a previous version of MB3 but are not blocked now. Please make that your next reply to this topic. Thank you.

Hello @gageracer: It is a holiday weekend in the U.S.A. and those who may perform a fine grain analysis of the data logs are likely not available. In the meantime, please do a "Clean Install" of MBARW BETA 8 being careful to not delete any existing MBAM v2.2.1.1043 files/folders, and then reply to this topic with the status of the system. 1) Please delete any previous binaries of the MBARW_Setup.exe file(s) from the system in question. 2) Close all open user applications followed by a conventional Windows-based uninstall of Malwarebytes Anti-Ransomware through the Windows system Control Panel. 3) If MBARW Beta was uninstalled successfully, all of the possible following sub-directories will have been deleted from a typical Windows 10 x64 system: "%ProgramFiles%\Malwarebytes\" "%ProgramData%\MalwarebytesARW\" 4) If any of the above sub-directories remain, please delete them manually. If necessary, any remaining/uninstalled sub-directory may need to be deleted in the Windows 10 Safe mode. 5) Execute a conventional Windows restart to the Normal Windows boot mode and log-in through an Administrator's account. <===IMPORTANT! 6) Using an Administrator's account only, download a fresh MBARW_Setup.exe file and save to the Administrator's Desktop from the New version - BETA 8 - now available! topic. 7) Single right-click the saved MBARW_Setup.exe file and left-click Run as administrator from the Windows context menu and continue. 8) Upon a successful clean install, please restart the computer in a conventional manner to the Windows 10 Normal boot mode. Please reply to your topic with the status of your reported issue. Thank you for testing the perpetual MBARW BETA and your valued feedback. VT analysis of a known good MBARW_Setup.exe download from Malwarebytes' CDN: https://www.virustotal.com/file/d083b763222c24669a03fb6db66d300ec99ae2ff7d43b581fbef4f5a2ac05578/analysis/1495802106/

Hello @Solitario: Thank you for the good news update.

Hello @Solitario: Thank you for the perfect FRST logs. As you may have read, the Windows Event Logs show that two MBARW files (mbarw.exe and MB3Service.exe) may be indirectly involved in Windows detected 0xc0000005 (Access Violation) application errors. Question: Is the MBAM Service/MB3Service CPU utilization percentage high, as you have illustrated, at all times? As an extremely brief test, please temporarily suspend the Kaspersky product(s) from operating and then check to see if the MBAM Service CPU utilization percentage normalizes and then return all to normal operation. Follow by replying to this forum topic with the results of that brief test. A request will has been made to Malwarebytes' management for escalation regarding the system's issue. Please understand that the U.S.A. (where much of the management and MBARW technical expertise lives) is celebrating a long weekend involving a federal holiday (Memorial Day). Thank you for your patience and understanding.

Hello @Nastajia: The Malwarebytes' developers/staffers/helpers must have good log data for a quality fault analysis to commence. 1) Setup Log search: Please log in as an Administrator and hold down the system's keyboard Windows Key + Press "R". If successful, the system will open a Run window. Type, the following into the Run window's Open: text box: %TEMP%. Then, single left-click this window's OK button. If the previous step was successful, an Explorer window will appear and may contain miscellaneous folders/files. Only if it/they exist(s), Copy and Paste to the Administrator's desktop, only the latest Setup Log {yyyy-mm-dd #nnn}.txt file that corresponds to the last MB3 install date/time. If the last step did not show a Setup Log file, skip to step 2 of this procedure and make note of this in your next forum reply. 2) From the locked/pinned topics, at the beginning of this sub-forum, please follow all the applicable steps within the topic at Having problems using Malwarebytes? Please follow these steps 3) In the next reply to your topic, please only attach the separate files that are developed above: mb-check-results.zip, FRST.txt, Addition.txt, and Setup Log.txt. 4) Since you may have not already done so by now, please consider selecting the "Follow" button, near the upper-right corner of your topic, to receive timely notifications regarding replies. Thank you.

Hello @Solitario: I agree that the Windows 10's MBAM Service CPU use should be at 0% on an otherwise idle system. The data produced by the Farbar Recovery Scan Tool (FRST64) logs may be of further troubleshooting assistance. Please download FRST64.exe to an Administrator's desktop only. Single right-click the icon and select Run as administrator to start the tool in the passive reporting mode. If a Windows User Account Control (UAC) alert/prompt window for FRST64.exe appears, select the "Yes" button to continue. If a Windows SmartScreen warning alert/prompt window for FRST64.exe appears, select "More info" then select the "Run anyway" button to continue. When the FRST's (x64) GUI opens, left-click "Yes" button in the Disclaimer of warranty window. Please do not uncheck any Whitelist boxes. Ensure that only the Optional Scan's Addition.txt box is checked. Select the "Scan" button and wait until the tool has run to completion. (About 3-5 minutes or less.) The FRST64 tool should have written two log files to the Administrator's desktop (FRST.txt and Addition.txt) and will also open them with the system's default text editor. Close the two FRST text report windows and the FRST (x64) GUI window. Only attach the two (2) separate text (.txt) files to your next reply to this topic. Thank you for your help.

Hello @Solitario: A cursory examination of the data logs did not produce an immediate reason for increased CPU use. Rather than a simple re-install of MBARW BETA, please consider a clean install of MBARW BETA 8 (v0.9.17.661) that guarantees the highest integrity and file/directory ownership: 1) Please delete any previous copies of the MBARW_Setup.exe file(s) from the system in question. 2) Close all open user applications followed by a conventional Windows-based uninstall of Malwarebytes Anti-Ransomware through the Windows system Control Panel. 3) If MBARW Beta was uninstalled successfully, all of the possible following sub-directories will have been deleted from a typical Windows 10 x64 system: "%ProgramFiles%\Malwarebytes\" "%ProgramData%\MalwarebytesARW\" 4) If any of the above sub-directories remain, please delete them manually. If necessary, any remaining/uninstalled sub-directory may need to be deleted in the Windows 10 Safe mode. 5) Execute a conventional Windows restart to the Normal Windows boot mode and log-in through an Administrator's account. <===IMPORTANT! 6) Using an Administrator's account only, download a fresh MBARW_Setup.exe file and save to the Administrator's Desktop from the New version - BETA 8 - now available! topic. 7) Single right-click the saved MBARW_Setup.exe file and left-click Run as administrator from the context menu and continue. 8) Upon a successful clean install, please restart the computer in a conventional manner to the Windows 10 Normal boot mode. Please reply to your topic with the status of your reported issue. Thank you for testing the perpetual MBARW BETA and your valued feedback. VT analysis of a known good MBARW_Setup.exe download from Malwarebytes' CDN: https://www.virustotal.com/file/d083b763222c24669a03fb6db66d300ec99ae2ff7d43b581fbef4f5a2ac05578/analysis/1495802106/

Hello @Solitario: The Malwarebytes' developers/staffers/helpers must have good data for a quality fault analysis. Thank you for the data archive. The Malwarebytes' developers/staffers have written a recently updated data gathering tool to assist their analysis. Please download/run the following Malwarebytes written data gathering support tool, on the system in question, freshly restarted in the Windows NORMAL boot mode: Download the trusted, Malwarebytes authored arwlogs.exe utility/tool and save to a system Administrator's desktop of the system in question. arwlogs.exe is an information gathering tool that neither installs nor does it make system/registry hive changes. Single right-click the arwlogs.exe icon and select Run as administrator. If a Windows User Account Control (UAC) alert/prompt for arwlogs.exe appears, select the "Yes" button to continue. If a Windows SmartScreen warning alert/prompt for arwlogs.exe appears, select "More info" then select the "Run anyway" button to continue. A Command window will appear and its contents may be mostly ignored. When "Press any key to continue . . . " appears at the bottom of the Command window, type an Enter key to close the window. A zipped archive (yyyy-mm-dd-{COMPUTERNAME}.zip) should have been generated to the system Administrator's desktop. Delete arwlogs.exe from the Administrator desktop. Attach the above zipped archive to your next reply in this topic. Although more data may be required, after the requested data is posted, the Malwarebytes' team can commence their analysis. Thank you always for your assistance.

Hello @alvin6 and The Malwarebytes' developers/staffers/helpers must have good log data for a quality fault analysis to commence. 1) From the locked/pinned topics, at the beginning of this sub-forum, please follow the steps within the topic at Having problems using Malwarebytes? Please follow these steps 2) In the next reply to your topic, please only attach the three (3) separate files that are developed above: mb-check-results.zip, FRST.txt, and Addition.txt. 3) Since you may have not already done so by now, please consider selecting the "Follow" button, near the upper-right corner of your topic, to receive timely notifications regarding replies. Thank you.

Hello @kdubherse: Thank you for the good news feedback.

Hello @amd098 and MB3 v3.0.6.1469 had/has been replaced by more than one update, of which the current release is v3.1.2.1733 and those updates contained very many fixes compared to your system's current version. Although the current MB3 update is being throttled out, an individual user is more than welcome to immediately install the update before your system's update is chosen on a random basis, or before the updating throttle is opened to full. This would certainly be the case if you are one of the few users experiencing an MB3 issue. Since at least one MB3 update was missed, please consider employing the MB-Clean support tool only for this one-time update process. As a safety precaution, please store the system's MB3 license key separately until the system in question and MB3 are running well with v3.1.2.1733. After completion, please respond to your topic with the status of the system. Since you may have not already done so by now, please consider selecting the "Follow" button, near the upper-right corner of your topic, to receive timely notifications regarding replies. Thank you.

Hello @ecbritz: Although technically no new pure virus classifications have appeared since about 2012, many MB3 Premium users have a full-time, installed, top-tier antivirus application of their choice running in parallel. Your call. Thank you for your query.

Hello @kdubherse and MB3 v3.0.6.1469 had/has been replaced by more than one update, of which the current release is v3.1.2.1733 and those updates contained very many fixes compared to your system's current version. Although the current MB3 update is being throttled out, an individual user is more than welcome to immediately install the update before your system's update is chosen on a random basis, or before the updating throttle is opened to full. This would certainly be the case if you are one of the few users experiencing an MB3 issue. Since at least one MB3 update was missed, please consider employing the MB-Clean support tool only for this one-time update process. As a safety precaution, please store the system's MB3 license key separately until the system in question and MB3 are running well with v3.1.2.1733. After completion, please respond to your topic with the status of the system. Thank you.