Jump to content

Malwarebytes using 100% cpu regularly


Recommended Posts

I have Kaspersky Pure 3.0 and Malwarebytes trial protecting my PC. I have set up mutual exclusions in both softwares.

 

I though Kaspersky was a hog but Malwarebytes is leaving it for dead in that respect. I do something as simple as open a Word document and MB takes up all the cpu for 2 or 3 minutes, while I sit and do absolutely nothing. Typing is constantly delayed, i.e. there's a time delay between the key being pressed and the character appearing on screen. If I shut down MB all these issues go away.

 

Now my system is only XP with 1.75 gig of ram, and a 2.71 Ghz  AMD Athlon 1640B processor. Does MB need a fairly powerful computer to get rid of the said issues.

 

Cheers,

 

Keith.

Link to post
Share on other sites

Hi:
 
That's not very robust hardware for running PURE.
Nowadays, a minimum of 2 GB RAM would probably be needed to run today's software programs, not just security applications.

Perhaps your system would support adding more RAM (which is pretty cheap these days)?
PURE also has many "bells and whistles" added features that likely consume resources. 

When your PURE license expires, you might want to consider switching to KIS instead (it requires a different license, because it is a different product), if you don't need all those extra components?
 
If you have already set mutual exclusions, you might want to post back with a bit of system information in the form of some diagnostic logs.
They may point to something that could help to improve your system performance.

Please read the following and post back attached to your next reply the 3 requested logs - Diagnostic Logs (the 3 logs are: FRST.txt, Addition.txt and CheckResults.txt)

 

They will provide a starting point for helping the staff to determine if your system performance can be improved.

 

Thank you,

Link to post
Share on other sites

Thanks Daledoc,

 

but you seem to have immediately shifted the blame to Kaspersky when as I said, it is Malwarebytes taking up all the cpu.

 

If Kaspersky Pure was the one that needed the computing power then wouldn't it be the one taking up all the cpu ?

 

I'll get onto those diagnostic logs and look into getting the ram increased to the max of 4 gig (32 bit OS).

 

Cheers,

 

Keith.

Link to post
Share on other sites

Hi:

 

Nope, not shifting blame. :)

No reason to, as I'm just a paid, home user of both KL products and MBAM.

Merely suggesting an alternative that might help you out on an older system with older older hardware and OS.

Unless there is a change to the programming of MBAM under the hood with a new version, it probably is what it is, to some extent.

So, I tried to help with a suggestion.

That's all.

 

In any event, if you wish, please post back with those logs.

With any luck, the staff and experts will have some other advice for you when they've had a chance to review them.

 

Cheers,

Link to post
Share on other sites

FRST.txtAddition.txtCheckResults.txtHi Daledoc,

 

sorry if you are offended by what I said, it was not meant that way. 

 

I appreciate your input but I am simply trying to understand the technical reasoning behind Kaspersky being the resource hog but MB taking up all the cpu. I assumed your statement had some technical reasoning and that you could pass it onto me and that is why I asked the question:

 

If Kaspersky Pure was the one that needed the computing power then wouldn't it be the one taking up all the cpu ?

 

Once again thanks for your input. I'm attaching the log files for the staff.

 

Keith.

Link to post
Share on other sites

Hi:
 
Nope, I'm not offended. :)
And I'm not blaming PURE.
I'm just suggesting something that might free up some resources.
FWIW, PURE needs 512 MB of AVAILABLE RAM and MBAM needs 256 MB (on XP). :)
So, not counting the OS and all the other applications requiring memory, the 1.75 of installed RAM might be a bit low to run both programs on this system.

Also, is this the same computer for which you recently reinstalled the OS?
Did you reinstall all the latest drivers for your devices and peripherals, and all available Windows security/stability patches?
 
Preliminary review of your logs show that you have been recently infected and have several items (at least PUPs) in quarantine.  So, you have been recently infected and there might still be hidden remnants.
 
However, we'll need to wait for the staff/experts to review them in greater detail and make further recommendations. :)
It's the end of a long holiday weekend in the U.S., where most staff members are based.
So, please try to be patient until someone can assist you.
 
If you prefer, you might want to take advantage of free, expert help checking your system for other remnants or damage from malware.
To do, so please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
It explains the options for free, expert help AND the preliminary steps to take to expedite the process.

>>>Since you have already run FRST and mbam-check, you'd just need to start a new topic in the malware removal section with the same logs.
A malware analyst will guide you through the scanning and cleanup process.

 

I will now turn you over to the staff and experts for further guidance. :)

 

Cheers,

Link to post
Share on other sites

Thanks very much Daledoc,

 

well I've got 4 gig of ram ordered and I've also ordered the most powerful cpu my motherboard can accomodate. The cpu seems to be a decent upgrade compared to what I have now so even if that's not the issue I should have a somewhat improved computer.

 

I'm in no great rush so I'm happy to wait for staff to check the scan logs, but I'll still have a look at the link you supplied.

 

Cheers,

 

Keith.

Link to post
Share on other sites

  • Root Admin

The logs indicate that the computer is having multiple issues. My initial guess is that it is probably due to Kaspersky (not certain and just a guess at this point)

 

Error: (08/27/2014 04:26:55 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.3655 - Unrecoverable system error.

Error: (08/27/2014 04:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application myphoneexplorer.exe, version 1.8.0.6, faulting module msvbvm60.dll, version 6.0.98.2, fault address 0x000d0d1c.
Processing media-specific event for [myphoneexplorer.exe!ws!]

Error: (08/27/2014 03:21:08 PM) (Source: MsiInstaller) (EventID: 11722) (User: LENOVO-OFFICE)
Description: Product: Apple Software Update -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action SoftwareUpdate_RegServer, location: C:\Program Files\Apple Software Update\SoftwareUpdate.exe, command: /RegServer

Error: (08/27/2014 01:54:44 PM) (Source: Protexis Licensing Service) (EventID: 49) (User: )
Description: Failed to Release Mutex
 Error ID = Returned Error 1

 

System errors:
=============
Error: (08/31/2014 04:20:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

 

 

 

What I would suggest to rule out these errors are caused or related to Kaspersky is to temporarily uninstall Kaspersky.

Reboot the computer at least 3 times AFTER the full removal of Kaspesky.

 

Then run new scans with FRST and make sure you place a check mark in the Additions.txt check box and post back both new logs.

 

DO NOT browse the Internet or read emails, etc while Kaspersky is removed. Then once testing is done please reinstall and update Kaspersky.

 

Then we'll review the logs and see if those errors went away or not.

Link to post
Share on other sites

  • Staff

Pardon me for stepping in...just reading posts before I go home.  Have you checked your available disk space and memory usage when your computer is thrashing?  Sometimes long lags are due to excessive CPU usage, and sometimes due to lack of available RAM forcing swap files to be written to disk instead.  If disk is already busy, it goes into the write queue and lags result.  That should be pretty easy to check.  I hope there's an easy solution for you!

Link to post
Share on other sites

  • Root Admin

So how did the computer run while Kaspersky was uninstalled?
 
Was the CPU % down back to normal with it removed?
 
Interesting is that on 9/1 and 9/2 there were no errors reported for MBAM but once again on 9/3 the errors were back again.
 
Error: (09/03/2014 11:51:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (08/31/2014 04:20:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
 
 
Before we proceed any further please let me know how it was while Kaspersky was uninstalled.
 
Let me have you run this as well and post back the log.
 
 
Please download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!

 

 

 

 

NEXT:

 

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.

 

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.