Jump to content
RubbeR DuckY

IMPORTANT: Web Blocking / RAM Usage

Recommended Posts

2 minutes ago, Heavus said:

Thanks for the email message and being open and upfront. I discovered Malwarebytes very soon after launch. I became an Affiliate when that program became available. This response to this incident is outstanding. How many emails have you received from Microsoft alerting you to an issue and detailing the solution so quickly? MBAM is still the best product for personal and Small Business protection and I will continue to recommend to my clients. 

You received an email? When was that? Many of us have received nothing. Or maybe it was for only certain classes of customers? 

Share this post


Link to post
1 minute ago, ebergerly said:

You received an email? When was that? Many of us have received nothing. Or maybe it was for only certain classes of customers? 

Ditto, I never received an email, I came to the forum when I discovered MBW was the cause.

Share this post


Link to post
2 hours ago, jebossom said:

 an email notice would have saved a lot of guess work.

Can't agree more .

2 hours ago, jebossom said:

I had initially tried the free version on my other daughter's laptop a few years ago when no other tool could find the issues plaguing her machine. It had found and cleaned up the issues - that is why I bought 3 licenses for all our laptops.

Indeed , I always recommend Malwarebytes to those user which their system had already be infected ,

Malwarebytes usually can detect some malware that traditional AntiVirus software can't find .

especially annoying ads or hijack .

 

Even Malwarebytes make a mistake this time ,

i will still keep using and recommend to other user .

(But please , Malwarebytes , this can't happen again , otherwise everyone won't trust Malwarebytes anymore)

 

------------------

 

I guess your daughter's laptop crash in short time , is because the laptop's RAM isn't much ,

so MB Service eating all the RAM in very short time .

 

I am also using laptop with 8GB RAM only ,

if i didn't use task manager to close the MB service when system boot and into desktop that moment ,

my system will crash less than 60 sec .

 

So my way is , when i reboot the system and when i saw the desktop , i immediately open the task manager ,

than close MB service before it crash my system .

And it works for me , i do not need to using safe mod to uninstall MB , or try to open freeze's Malwarebytes program .

Edited by KevinYu0504

Share this post


Link to post
2 minutes ago, 1776blues said:

Ditto, I never received an email, I came to the forum when I discovered MBW was the cause.

Yeah, it's beyond my comprehension the people tripping over themselves to congratulate a response that has been absolutely shameful.   

Share this post


Link to post
16 hours ago, 1776blues said:

So, care to elaborate how or what fix you used? Are you real?

OK so here's what I did... (I'm not very knowledgeable of computers in general, so bear with me if my language isn't correct):

- While MB was having memory leak, went to task manager and ended MB process... it re-launched itself a couple times but stopped trying to launch after I disabled web protection (which had been turning itself off and on repeatedly) and ended MB task a few more times
- Rebooted pc, disabled MB while it was starting itself up, went online to investigate
- Was directed to this forum post so I followed the instructions... ensured web protection was still turned off, updated MB, rebooted pc, re-launched MB and turned real time web protection back on. As of this morning (~8:50am PST) MB has been running at normal memory usage (around 255mb as of writing this, compared to 12K+ which crashed my computer earlier) and I've run a couple full scans to test it out. Everything appears normal so far, to the best of my understanding:

5a6e00a5ea2bd_malwarebytesstuff.thumb.png.a0d235f9318a7b4239293930ce320394.png

To answer your other question, I'm afraid I can't provide much input there. I'm pretty certain that I'm real and in human form, but metaphysics goes way over my head.

Share this post


Link to post

I am convinced that all those posting congratulating MB on doing such a “magnificent job” are post by employees or non-affected trolls.  No one in their right mind thinks this is all OK.  This is not the first time. The issues of CPU and memory utilization have been problematic for a while.  Pushed updates are also a problem.  That is the reason I will not update to Windows 10.  Give us the option to install updates. I do not want to be the first to install an update.  I typically wait a few days then install.  

Many love to live on the cutting edge or technology –let them agree to test and report to you the problems.  Then update everyone; those who have production systems and networks.   

Like I said in previous post – Malwarebytes this is wake up call. You cannot abuse your customers and expect us to stay or continue to use your product.  I will not recommend this product to my clients until you have won back my trust. Your continued silence is not making me feel confident you understand the magnitude of the problem.  

 

Share this post


Link to post
7 minutes ago, GtomWilliams said:

I am convinced that all those posting congratulating MB on doing such a “magnificent job” are post by employees or non-affected trolls. 

Then you need to get a life.  Read back, and you will see that I was one of those affected (15,6GB of VM used by MWB).  And as for being an employee of MWB, I wish -- I am ten years into retirement and have paid for all of my MWB licences out of my own pocket.  But the real difference between you and I is that I live in the real world, where mistakes happen; I have made mistakes, I have no doubt that you have made mistakes, and on this occasion MWB made a mistake.  But they identified it, reported it (on the forum), and set to rectifying it in a timely manner.  What more could any reasonable person ask ?

Edited by small
Correct grammatical error.

Share this post


Link to post
6 minutes ago, GtomWilliams said:

I am convinced that all those posting congratulating MB on doing such a “magnificent job” are post by employees or non-affected trolls. 

 

Yeah, I think you're right. Or maybe some are IT guys who imagine themselves being the guy who make the "little mistake" that messed up millions of computers around the world, and want to sweep it under the rug. 

I can just imagine tomorrow when everyone goes back to work and starts comparing notes... "what?? your computer crashed too?? Hey someone said it was that Malwarebytes thing, is that true?". Should be interesting. 

By the way, I still haven't received an email from MB about this......

Share this post


Link to post
35 minutes ago, khemion said:

OK so here's what I did... (I'm not very knowledgeable of computers in general, so bear with me if my language isn't correct):

- While MB was having memory leak, went to task manager and ended MB process... it re-launched itself a couple times but stopped trying to launch after I disabled web protection (which had been turning itself off and on repeatedly) and ended MB task a few more times
- Rebooted pc, disabled MB while it was starting itself up, went online to investigate
- Was directed to this forum post so I followed the instructions... ensured web protection was still turned off, updated MB, rebooted pc, re-launched MB and turned real time web protection back on. As of this morning (~8:50am PST) MB has been running at normal memory usage (around 255mb as of writing this, compared to 12K+ which crashed my computer earlier) and I've run a couple full scans to test it out. Everything appears normal so far, to the best of my understanding:

5a6e00a5ea2bd_malwarebytesstuff.thumb.png.a0d235f9318a7b4239293930ce320394.png

To answer your other question, I'm afraid I can't provide much input there. I'm pretty certain that I'm real and in human form, but metaphysics goes way over my head.

Thanks

Share this post


Link to post

Hi All-

After performing the suggested steps offered by poster, I still had same behaviors (CPU/Ram Usage/Web Protection would not remain on).

I uninstalled and reinstalled Malwarebytes, and followed this with Windows reboot.  All good now.

Hope this helps some.

Environment: Windows 10 Home.

Best

1.PNG

Share this post


Link to post
8 minutes ago, small said:

I have made mistakes, I have no doubt that you have made mistakes, and on this occasion MWB made a mistake.  But they identified it, reported it (on the forum), and set to rectifying it in a timely manner.  What more could any reasonable person ask ?

True, we've all made mistakes. But nothing that has damaged and disrupted millions of computers around the world, solely because we didn't do something that was very simple. A whole lot different from putting a scratch in the car door, or leaving the milk out.

And what could any reasonable person ask? How about they send us an immediate email telling us about the issue so we don't waste a weekend, and so businesses don't lose money and have people working all night trying to figure this out. Is that not reasonable? Instead they hide it in this blog, put nothing on their website front page, and nothing in the general media about it.  

Edited by ebergerly

Share this post


Link to post

jeebus,

My Windows 10/64-bit shows 4MB in the Malwarebytes Tray Application and 188.1MB in the Malwarebytes Service. This is about normal for the program.

Al

Share this post


Link to post
Just now, GtomWilliams said:

I am convinced that all those posting congratulating MB on doing such a “magnificent job” are post by employees or non-affected trolls.  No one in their right mind thinks this is all OK.  This is not the first time. The issues of CPU and memory utilization have been problematic for a while.  Pushed updates are also a problem.  That is the reason I will not update to Windows 10.  Give us the option to install updates. I do not want to be the first to install an update.  I typically wait a few days then install.  

Many love to live on the cutting edge or technology –let them agree to test and report to you the problems.  Then update everyone; those who have production systems and networks.   

Like I said in previous post – Malwarebytes this is wake up call. You cannot abuse your customers and expect us to stay or continue to use your product.  I will not recommend this product to my clients until you have won back my trust. Your continued silence is not making me feel confident you understand the magnitude of the problem.  

 

Respectfully, just because the patch/fix worked for me personally doesn't make me a "troll," and neither does it make me an employee or otherwise an avid proponent of MB's products and treatment of its customers.

I do agree however that this new trend of things automatically updating without my permission is downright ridiculous.

Share this post


Link to post

my web protection is always off now when ever i boot my PC.  I have rebooted several time and no change.  MB locks up my computer so I cant do anything else with as it starts a full scan and whatever else causing high memory, cpu and disk usage (i7 cpu with SSD).  was really fast until 24 hours ago.  How do I fix this? seems to be in an endless scan 22hour 21minutes 15seconds that automatically continues with each reboot.

Edited by flyerken
more info

Share this post


Link to post
2 minutes ago, topcat7736 said:

jeebus,

My Windows 10/64-bit shows 4MB in the Malwarebytes Tray Application and 188.1MB in the Malwarebytes Service. This is about normal for the program.

Al

same here for the tray app.  but malwarebytes service is usually around 240 MB on my computer.   by comparison, Norton uses up about 15 MB normally.  

that's why i was asking beldin_13 how much memory was being used on his system.  quite honestly, i had never bothered to notice how much memory MB typically uses until yesterday's meltdown.  i was hoping on the off chance he may not actually have a problem, so far as memory usage goes.

Share this post


Link to post

jeebus,

My Kaspersky Total Security normally shows around 51 MB active in the task manager but it is a 164 MB program during installation. Plus, it is going to use more storage for its data files. It's possible that MB is like an old style program where it allocates all the memory at one time instead of "growing" as it runs. Since it's now both an anti virus and anti malware program it will be using more memory than it did when only an anti malware program.

Al

Share this post


Link to post

Hello...

I had to boot each of our computers in safe mode with networking (Win7 | 64bit).  I couldn't move around to do anything when they were booted-up normally.

Once in safe mode, I removed MBytes Service from the task manager, waited a few seconds for the MB icon to reappear in the system tray and then updated the definitions.

To be sure that the definitions updated, I did two things:

  1. I right-clicked on the MB icon in the system tray and selected, "Check for Updates".
  2. Next, I opened MB.. left-clicked on "Scan", choose "Hyper Scan" and clicked-on the Start Scan button (first thing it does is check for updates).

Afterwards, I restarted all 3 of our computers and they were now back-to-normal.

Share this post


Link to post
7 minutes ago, topcat7736 said:

jeebus,

My Kaspersky Total Security normally shows around 51 MB active in the task manager but it is a 164 MB program during installation. Plus, it is going to use more storage for its data files. It's possible that MB is like an old style program where it allocates all the memory at one time instead of "growing" as it runs. Since it's now both an anti virus and anti malware program it will be using more memory than it did when only an anti malware program.

Al

to your point... from a different thread in March 2017:

"I thought I should add some info here to try to clear things up as best I can with regards to our RAM usage and other performance metrics. First off, Malwarebytes has several modules that protect against various threats and attack vectors (4 currently; 5 if you count self-protection) so that has something to do with it. Also, we've discovered that keeping as much of our database loaded into memory as possible actually results in better overall system performance, not worse. The reason for this is simply because many AVs/other anti-malware products, in order to seem like they are using less resources/RAM etc. will actually not load much of their database(s) into memory until a new file is downloaded/executed etc. This results in often serious lag when attempting to run a new process in memory (even clean processes) as they end up having to scan the item/load those databases anyway. We avoid eating up so much CPU by keeping our databases in memory so that analysis and detection (if something is a threat) are almost instantaneous."

https://forums.malwarebytes.com/topic/197270-malwarebytes-ram-usage-should-be-less-than-100mb/?tab=comments#comment-1108100

Share this post


Link to post

Yesterday, I was affected by this issue too my system crashed big time!

But I'll thank MalwareBytes to handle this issue as fast as they did.

Believe me, MANY companies can learn from MalwareBytes!

 

And YES if you have uninstalled MalwareBytes, a new downloaded install file will fix this issue.

Share this post


Link to post

I followed the instructions listed on MWB Labs page and it was successful with one reboot. While I was waiting for the update my memory didn't rise much and it even went down a percent or two.

1. Open Malwarebytes
2. Turn OFF web protection by Clicking on “settings”, click to turn web protection OFF
3. Under Scan Status (right side), click next to “Updates” to have Malwarebytes download the latest database
4. Restart PC
(Note it may take up to 2 restarts after the update to stabilize the system)

To confirm that you are on the latest database please follow the steps below:

1. Open Malwarebytes
2. Click on Settings
3. Click on the About tab
4. Next to “Update package version” if you see version 1.0.3803 or higher you are on the latest database which addresses the issue.

Share this post


Link to post
4 hours ago, ebergerly said:

You received an email? When was that? Many of us have received nothing. Or maybe it was for only certain classes of customers? 

Was distributed last night at 11:09 PM via the Computer Reseller Channel of distributes and affiliates.  

Share this post


Link to post

I "rescued"/resurrected 85 of over 120 computers over the last 24 hours.  It was exhausting.  Starting at 10:30-11 AM on Saturday (1/27/18) up to now 4 PM (Sunday 1/28/18).

IF Malwarebytes saves face moving forward, I look to have a reduced renewal fees and additional licenses offered as a means of patching the relationship.  However, it has to improve.

Fortunately, being a LogMeIn Central subscriber to support my end users it was beneficial.  By using LogMeIn to access those machines that were either unresponsive for the end user or inhibiting access via most any means, the interface for LMI (Windows access) has a 'Reboot' button which forces a reboot.  I forced the reboot and most of them responded, and after the reboot they were automatically updated to the most recent version of Malwarebytes, circumventing the nightmare issues that have been discussed here.  Not all of the remote reboots responded and will either need an onsite visit or end user intervention.  As a side note, I'm transitioning from LogMeIn to Splashtop, and although Splashtop is far more economical and does what is needed to do for remote access, it was FAIL big time, as many of the machines that showed available on LMI were "offline" and inaccessible via Splashtop, and even after regaining access after the LMI reboot, Splashtop was disengaged/off (the 'streamer') which necessitated me to turn it back on after gaining access.  If not, then I'd have to walk the end user to instruct them how to turn it on or physically visit the various sites to address.  The odd part was that some of those Splashtop clients lost credentials and grouping, a real nightmare.  Kudos to LogMeIn, it's a shame that they are so costly, and Splashtop is a great economical alternative, but it did not cut the mustard to help me bail out the end users if it does not work.  Maybe they need to step up the game to be a viable contender.  Another conversation for a different time and forum.

Quite frankly, a lot of offered solutions here in these postings make the assumption that you can access and still have control and management functions, which a lot of users did not have, not did I when attempting to access remotely.  So if you do have the ability to access and perform some of the corrective steps offered as a solution, then it should work fine, if not, then a reboot is mandated (forced, 'dirty' shutdown, whether remotely initiated or locally by the end user) to "push" the required patched version of Malwarebytes.  As a secondary step, a second reboot helps things, in my experience from my involvement over the last 24 hours (I slept only 4 hours since the onset of performing the management of the corrective steps needed to bring these machines back form the dead).

Finally, given the course of events of the last few weeks with the Intel fiasco and the Microsoft patches (at least here in the Windows side of things), those slowdown items on top of this Malwarebytes issue have had a tremendous effect on older hardware, and if the Malwarebytes patch is not the precipitator to encourage users to eventually consider more robust hardware, I can suggest it may, as I feel thing will get much worse in months to come (hardware affected slowdowns, software patches that don't play nice with older stuff, etc.).  I have only my firsthand experience with what I have experienced over the last day as described above and even if we all had 8th generation CPU's, we would all have still had this Malwarebytes thing happen, but I think the severity would be less on newer equipment, as well as moving forward with my references to all the slowdown items occurring.  Sure, Generation 8 CPU's had to be hard rebooted too, no rhyme or reasoning here other than just saying, Intel CPU patches, Microsoft Patches, AV patches, nightmare results, we are all the testing bed for the future solutions.

Share this post


Link to post
On 1/27/2018 at 10:55 AM, RubbeR DuckY said:

Earlier this morning, we published a protection update that caused connection issues for many of our customers. As a side effect of the web protection blocks, the product also spiked memory usage and possibly caused a crash. We have triaged this issue and pushed a protection update that resolves it.

If the update does not resolve the issue automatically for you, please shut down web protection, check for protection updates, and restart your computer.

The root cause of the issue was a malformed protection update that the client couldn't process correctly. We have pushed upwards of 20,000 of these protection updates routinely. We test every single one before it goes out. We pride ourselves on the safety and accuracy of our detection engines. To say I am heartbroken is an understatement.

We are working hard to not only triage your issues and get your computer or business back up and running but to also rebuild your trust. We are going to overhaul how we publish these protection updates so that this never happens again.

I am personally available to discuss both on this forum via personal message or at mkleczynski@malwarebytes.com

While I appreciate the response, this isn't the first time you guys have pushed a bad update.

The Ransomware protection added in 3.x still breaks application updates (ie. games/apps installed via Steam), as well as Visual Studio compilation. I've permanently disabled that feature, since it has not been resolved for months. MBAM doesn't even tell you it flagged something, the updates/builds just give errors (file locked), or the file returns if trying to delete it (even manually).

This has been documented elsewhere on the forums.

Overall, it seems quality has gone downhill since the early 2.x days.

Share this post


Link to post

Subject: FAST STARTUP FEATURE, enabling/disabling

Some have recommended disabling this feature. I suggest anyone considering changing this feature's default setting first check out Microsoft's Window's Support at https://support.microsoft.com/en-us/help/4011287/windows-updates-not-install-with-fast-startup

A finer point of usage not mentioned in any of the posts that I've seen discussing this do not mention the following:

"Full shutdown only occurs when you restart a computer or when other event causes the computer to process a full shutdown. 

In order to make sure Windows updates that require pending operations being installed properly, you have to restart your computer to complete the installation."
 
By default (in most cases), restarting bypasses this feature.
 
In other words, a normal shutdown results in a partial shutdown using the Fast Startup feature preparing the PC up for a fast startup.
 
Restarting a PC initiates a full shutdown that in turn processes pending operations. 
 
So there is no real need to disable this feature if you only remember that to process any pending changes/operations, you need to restart your PC rather than shut it down. Restarting is the usual/common user behavior when processing updates.
 
Just sayin' it's something to think about before making another change to your system.

Share this post


Link to post
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.