RogerPhuket

OK, thanks. If I get any new info I'll start a new thread. Regards, Roger

Ah, OK. But the problem I have - when it occurs - is definitely not the scheduled scan running. There appears to be an interaction between MalwareBytes and WmiPrvSE (Windows Management Instrumentation Provider Host) process, which just doesn't stop. I just Googled a bit more and the next time the CPU is running at 15% WmiPrvSE, I'll try to do what this Microsoft article says in order to identify the culprit: https://docs.microsoft.com/en-us/troubleshoot/windows-server/system-management-components/high-cpu-usage-wmiprvse-process-regular-intervals To misquote Mandy Rice-Davies: "Well, you would say that, wouldn't you?" ☺️ Regards, Roger (not Albert)

Sorry, I don't see the connection between the scheduled scan (which I believe I recall occurring just after booting) and the problem of WmiPrvSE running at 15% CPU literally all the time and causing the overheating problem (and other problems like Skype performing poorly). Currently, the laptop is right next to this PC and is at 46C (from "Speccy" in the system tray) and doing nothing - just dwm.exe at 2% CPU (from "Process Explorer" in the system tray). My next scheduled scan is at 08:56 tomorrow. The last scan was at 15:09 today. I think that's when I turned it on today.

This is weird. I don't know how I was logged in as "AlbertSteptoe" when I created this thread! I'll have to search through my "Password Safe" entries and delete the "AlbertSteptoe / Malware Bytes" entry. Anyway, back to the thread... So my laptop again started running WmiPrvSE.exe at 15% CPU and again started overheating. Here is the thread where I posted about it: https://forums.malwarebytes.com/topic/279218-why-is-malwarebytes-using-wmiprvse-it-makes-my-laptop-run-hot-and-high-cpu So the solution that worked about 10 days ago was not permanent: - quit MB using the system tray as described by Porthos above - kill "IPHelper", which is also using WmiPrvSE. Only then can I restart both WmiPrvSE and MB to stop the problem of 15% CPU by WmiPrvSE and 75C CPU temperature. So that is why I posted this thread about how to quit MB using a command file. It's always nice to fix things using a single click. In the original thread (link above) RootAdmin "AdvancedSetup" did suggest running a program to log what was going on on my laptop and upload it. I'm afraid I won't do that as I don't know what information will be in the logs. So, if there is no command line switch to do it, which obviously would be more than a little dangerous if hackers could use it, than I guess I'll have to do it using an Autohotkey macro. Regards, Roger (not Albert)

Thanks. Updated both and all OK.

Well, this is weird. I stopped Malwarebytes (MB) running about a week ago because of the overheating and the 15% WmiPrvSE process CPU usage that was being caused by Malwarebytes. Today I started MB and ticked the four protection boxes and the CPU temperature settled down to less than 50C and the CPU usage was a bout 3% (DWM.exe) - no WmiPrvSE usage. So, to be sure this was "normal", I restarted the laptop and the temp. is still below 50C and CPU is 2% (again Dwm.exe), i.e. no more WmiPrvSE usage. I even ran Skype which is the main reason I needed this problem fixed as the overloaded CPU caused stuttering on the sound and video. It ran OK. So I'm thinking now that something in Windows or Malwarebytes got mixed up and by turning off Malwarebytes and back on again appears to have fixed it, and it has stayed fixed even after a restart of Windows. The alternative (conspiracy) theory is that you secretly updated it while I wasn't running it and now it's fixed! A couple of observations: on my Windows 10 desktop, Malwarebytes (Premium) reports its version as 4.4.6. The Mbam.exe file version is 4.4.0.1117 on this Windows 10 laptop, Malwarebytes (Premium) reports its version as 4.4.0. The Mbam.exe file version is 4.4.0.997 Regards, Roger

Thanks for your reply - I only just saw it and it's way past my bedtime here. I'll do what you ask tomorrow. Regards, R.

For years my laptop ran at 47C with previous versions of Malwarebytes running. Now, with the latest Malwarebytes version (don't ask me when it changed - I didn't notice) the laptop is running at 77C. This is because my laptop is running a process called WmiPrvSE which is using 15% CPU continuously. When I try to stop WmiPrvSE it says it cannot be stopped because Malwarebytes is using this Windows process. So I just stopped Malwarebytes and WmiPrvSE is now using negligible CPU and the CPU is now 47C. So, Malwarebytes techies, please explain: 1. Why are you using WmiPrvSE? 2. Why can't you gather whatever data is being provided to you by WmiPrvSE some other way? 3. If you MUST used WmiPrvSE, why can't you access it less often? 4. Was this version of Malwarebytes tested on Windows 10 laptops? I'm close to cancelling my contract for this laptop if you can't fix this problem.

Rubbish. The "false positives" problem is simple to prevent - update all Malwarebytes employees' phones one day before releasing to the world. This problem should NEVER happen

Now that I know that having "78 Malwares" reported by Malwarebytes on my phone is probably just "bad data" from Malwarebytes, I too will be continuing my subscription but will head straight to my Windows 10 PC the next time it happens to Google the problem before doing what my phone tells me to do which is to remove all the infected apps. We live and learn. I note that in their Wikipedia entry there is no mention of a Quality Assurance manager: As of 2018, key individuals working for Malwarebytes included: Marcin Kleczynski – CEO Tom Fox – chief financial officer Adam Hyder – SVP of Engineering Elena Verna – SVP of Consumer Dariusz Paczuski - SVP of Marketing Akshay Bhargava – Chief Product Officer Pedro Bustamante – Vice President of Technology Fernando Francisco – Vice President of Corporate Development and Strategy https://en.wikipedia.org/wiki/Malwarebytes In my company, the Quality Assurance manager was at the same level as the Hardware Manager, Software Manager and Production Manager and reported directly to the General Manager (CEO). But then, my company was ISO 9001 Certified. Also, there wouldn't be a need for a "False Positives" forum if the "Bad data" was tested sufficiently on multiple phones (maybe on a few dozen of their 800 employees' phones?) before being released out in the wild. Have Malwarebytes not heard of "Field trials"? This is what my company did after all "code walkthroughs" and in-house testing was complete: we released the software under controlled conditions to participating customers. Only after successful field trials was any software released to the world. Still waiting for a full explanation from the company.

THIS 100%!!! As a paying customer I would also like to know how this happened and what is being done to prevent such a panic from happening again! Not even a sorry!?!? Thank you for putting out a fix so quickly but you owe us an explanation! So, is Malwarebytes not an ISO 9001 Accredited company? https://the9000store.com/what-are-iso-9000-standards/what-is-iso-9001/ Does Malwarebytes not have a Quality Management System maintained by a Quality Assurance department? Is Malwarebytes not regularly audited by an external Certification Body? Does Malwarebytes not have Standard Operating Procedures which define the actions that must be taken before any product is released to the public? Not surprisingly, when I was a Software Manager and Engineering Manager, the answer to all the above was "Yes".

Of course I read the thread. The cause of this problem has not been sufficiently explained. I want to know: 1. how this "bad data" was allowed to be downloaded to millions of users 2. what checks does Malwarebytes perform on their "data" before allowing it to be automatically downloaded to people's phones 3. does Malwarebytes update their own systems to test the "data" before allowing the update to be downloaded to everyone 4. has the person responsible for this chaos been reprimanded or, preferably, sacked 5. what changes have Malwarebytes implemented to their Quality Assurance procedures to ensure this will not happen again.

(This is a copy of my post on another thread. Still waiting for a detailed explanation.) This is not what we expect from Malwarebytes. You should explain to us exactly what the problem was and how you will ensure it never happens again. How many people woke up today to find 78 malwares reported? How many dutifully tried to remove them, only to find they were "System apps" that needed to be ignored or "whitelisted"? How many of your customers know what all of that means? I rebooted and scanned again. I let Malwarebytes remove 23 of 77 (not 78 as reported the first scan) malwares. I rebooted and scanned again - only 13 malwares reported. Then I found the "Force Update" function, rebooted and scanned again - 0 malware. So what 23 "malwares" did Malwarebytes remove earlier? How will that affect my phone? Were they real malware or was it "a mistake". You must explain in detail before you lose a lot of credibility. This is a sad day for Malwarebytes.

This is not what we expect from Malwarebytes. You should explain to us exactly what the problem was and how you will ensure it never happens again. How many people woke up today to find 78 malwares reported? How many dutifully tried to remove them, only to find they were "System apps" that needed to be ignored or "whitelisted"? How many of your customers know what all of that means? I rebooted and scanned again. I let Malwarebytes remove 23 of 77 (not 78 as reported the first scan) malwares. I rebooted and scanned again - only 13 malwares reported. Then I found the "Force Update" function, rebooted and scanned again - 0 malware. So what 23 "malwares" did Malwarebytes remove earlier? How will that affect my phone? Were they real malware or was it "a mistake". You must explain in detail before you lose a lot of credibility. This is a sad day for Malwarebytes.

Sorry for late reply - couldn't log in using old version of Firefox. Now using Chrome. Anyway, I found out which device was the premium - quite easy really: just run it and see what it says at the top of the window! Only one device says "Premium". One says "Premium Trial", the phone says "Premium trial has expired", and another PC says nothing about Premium.

I have three PCs - 2 running Windows 10 and 1 running Windows XP - and an Android mobile. I got an email saying my subscription payment had failed. This was because my credit card had expired and had been renewed. So I updated the payment information but now I have some questions: 1. It was a year or two ago that I first updated to premium and can't remember which device I updated. 2. How many PCs can I run the Premium on with one license key? 3. How can I tell which of my PCs or my mobile is running the Premium version? I'm not trying to cheat, I just can't remember which of my devices is supposed to be running the Premium version, or whether they all are.