Jump to content

CPU - Memory concerns


Recommended Posts

  • Staff

Greetings,

This thread is about an issue with intermittent internet connectivity issues related to Web Protection and has nothing to do with performance issues or CPU/RAM usage.  If you are experiencing problems with Malwarebytes 4.1 and it seems to be causing poor system performance/high resource usage please create a new topic in the Malwarebytes for Windows support area by clicking here and provide the following logs so that we may assist you:

  1. Download and run the Malwarebytes Support Tool
  2. Accept the EULA and click Advanced tab on the left (not Start Repair)
  3. Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply

Thanks

Link to post
Share on other sites

  • Staff

I would recommend gathering the logs from a 4.0.4 install just in case there is something else on the system conflicting with Malwarebytes.  I don't believe the DNS/IPv6 issue causes the application to lock up/become unresponsive so I suspect something else may be going on here such as an AV conflict or driver conflict of some kind.

Edited by exile360
Link to post
Share on other sites

  • Staff

I see that you have Symantec Endpoint Protection; does it make any difference at all if you disable or remove SEP?  I see that you already have exclusions for it in Malwarebytes, but if there is some sort of conflict there then exclusions may not resolve the problem so I think it's worth a try disabling/removing it to test if you haven't done so already.  You also appear to have iolo System Mechanic installed.  I would also recommend trying to uninstall it and restarting the system to see if that helps the issue.

If disabling/removing either of those products resolves the issue then we can seek a workaround or alternative solution while we await any updates from the Developers assuming it is caused by an issue they can address.

Link to post
Share on other sites

I am going to remove System Mechanic but the option to remove SEP is a no-go as it is a requirement for work.  I will see what removing System Mechanic does and report back.  I know when removing MB the system moves fast then slows down some when MB is back on with SEP.  I have exclusions in both apps for each other as noted on the forums for exclusions, etc.  We will see and do this one at a time.  Report back soon.

Link to post
Share on other sites

  • Root Admin

Okay, I don't see any "smoking gun" reason beyond possibly your Symantec antivirus causing such a huge lag on system resources as some type of conflict with Malwarebytes

Can we do a few things here.

1. Right click over the Malwarebytes tray icon and one by one disable ALL protection.
2. Restart the computer and ensure that all the protection modules in Malwarebytes are still disabled.
3. Assuming the system is now functional and no obvious slow downs please post back and let us know if that is true or not
4. If item 3 is correct, then right click over the Malwarebytes tray icon and enable just Malware Protection. Leave the other 3 off.
5. Run the computer and see if there are any issues. Reboot the computer and see if any issues again with just that Malwarebytes protection module on.

Post back your results and we'll go from there.

Thanks

 

The information below is just general questions or things to jog your own memory. I do not believe any of them are part of the issue or cause of reduced system performance here beyond normal. I'd probably look at removing items from startup not needed but that would be for general performance improvement not due to current issue you're reporting.

 

I don't believe this is an error specific to Symantec / Norton but searching on Google shows it to come up for them as well as ESET and others often.

Application errors:
==================
Error: (03/24/2020 09:15:37 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON.

 

Have you taken a work computer home?

System errors:
=============
Error: (03/24/2020 09:02:55 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.


 

As I'm sure you're aware (based on your credentials posted) any crash may be benign but it's also possible to cause unexpected issues to the system or other programs

Error: (03/24/2020 07:33:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel(R) PROSet/Wireless Zero Configuration Service service terminated with the following error:
%%2147770990

 

What is the program used for?
(Altair Technologies Ltd. -> Altair Technologies Ltd.) [File not signed] C:\Program Files (x86)\EvLog 3.0\EvLog3Service.exe

https://altairusa.com/img-expands-capabilities-with-acquisition-of-altair-technologies/

 


Is this still up to date and valid backup software on your system? You also have Veeam Backup running

(Commvault Systems, Inc. -> CommVault) C:\Program Files\CommVault\Simpana\Base\cvd.exe
(Commvault Systems, Inc. -> CommVault) C:\Program Files\CommVault\Simpana\Base\EvMgrC.exe
(Commvault Systems, Inc. -> CommVault) C:\Program Files\CommVault\Simpana\Base\Laptop2Taskbaricon.exe

Commvault is set to drop the Simpana name from its backup software product. In December 2015 it will simply become Commvault Software and will add a host of new features.


 

I don't think you're going to find too many computer support experts that agree this software should be used, but up to you.
(Koshy John -> KoshyJohn.com) C:\Users\chris.childerhose.THINKON\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe

 

Why do you have this running if your work mandates you use Symantec AV?   
Task: {271CE074-EDCA-4D5D-9B11-5F03E26320F8} - System32\Tasks\Reason Antivirus UI => C:\Program [Argument = Files\Reason\Reason Antivirus\ReasonAV.exe MMO]

 

This is part of your System Mechanic and should be removed
Task: {A1C622E7-A37D-44FB-8045-8FB05EB5B9CA} - System32\Tasks\Phoenix360 => C:\Program Files (x86)\Phoenix360\phoenix360.exe


CCleaner
https://www.howtogeek.com/361112/heres-what-you-should-use-instead-of-ccleaner/
https://helpdeskgeek.com/free-tools-review/why-you-shouldnt-download-ccleaner-for-windows-anymore/

 

 

Edited by AdvancedSetup
upated information
Link to post
Share on other sites

2 hours ago, AdvancedSetup said:

Okay, I don't see any "smoking gun" reason beyond possibly your Symantec antivirus causing such a huge lag on system resources as some type of conflict with Malwarebytes

Can we do a few things here.

1. Right click over the Malwarebytes tray icon and one by one disable ALL protection.
2. Restart the computer and ensure that all the protection modules in Malwarebytes are still disabled.
3. Assuming the system is now functional and no obvious slow downs please post back and let us know if that is true or not
4. If item 3 is correct, then right click over the Malwarebytes tray icon and enable just Malware Protection. Leave the other 3 off.
5. Run the computer and see if there are any issues. Reboot the computer and see if any issues again with just that Malwarebytes protection module on.

Post back your results and we'll go from there.

Thanks

 

The information below is just general questions or things to jog your own memory. I do not believe any of them are part of the issue or cause of reduced system performance here beyond normal. I'd probably look at removing items from startup not needed but that would be for general performance improvement not due to current issue you're reporting.

 

I don't believe this is an error specific to Symantec / Norton but searching on Google shows it to come up for them as well as ESET and others often.

Application errors:
==================
Error: (03/24/2020 09:15:37 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON.

 

Have you taken a work computer home?

System errors:
=============
Error: (03/24/2020 09:02:55 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.


 

As I'm sure you're aware (based on your credentials posted) any crash may be benign but it's also possible to cause unexpected issues to the system or other programs

Error: (03/24/2020 07:33:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel(R) PROSet/Wireless Zero Configuration Service service terminated with the following error:
%%2147770990

 

What is the program used for?
(Altair Technologies Ltd. -> Altair Technologies Ltd.) [File not signed] C:\Program Files (x86)\EvLog 3.0\EvLog3Service.exe

https://altairusa.com/img-expands-capabilities-with-acquisition-of-altair-technologies/

 


Is this still up to date and valid backup software on your system? You also have Veeam Backup running

(Commvault Systems, Inc. -> CommVault) C:\Program Files\CommVault\Simpana\Base\cvd.exe
(Commvault Systems, Inc. -> CommVault) C:\Program Files\CommVault\Simpana\Base\EvMgrC.exe
(Commvault Systems, Inc. -> CommVault) C:\Program Files\CommVault\Simpana\Base\Laptop2Taskbaricon.exe

Commvault is set to drop the Simpana name from its backup software product. In December 2015 it will simply become Commvault Software and will add a host of new features.


 

I don't think you're going to find too many computer support experts that agree this software should be used, but up to you.
(Koshy John -> KoshyJohn.com) C:\Users\chris.childerhose.THINKON\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe

 

Why do you have this running if your work mandates you use Symantec AV?   
Task: {271CE074-EDCA-4D5D-9B11-5F03E26320F8} - System32\Tasks\Reason Antivirus UI => C:\Program [Argument = Files\Reason\Reason Antivirus\ReasonAV.exe MMO]

 

This is part of your System Mechanic and should be removed
Task: {A1C622E7-A37D-44FB-8045-8FB05EB5B9CA} - System32\Tasks\Phoenix360 => C:\Program Files (x86)\Phoenix360\phoenix360.exe


CCleaner
https://www.howtogeek.com/361112/heres-what-you-should-use-instead-of-ccleaner/
https://helpdeskgeek.com/free-tools-review/why-you-shouldnt-download-ccleaner-for-windows-anymore/

 

 

Most of the stuff you noted at the bottom I have cleaned up.  The Commvault is an Agent backup for my laptop at work and yes I also have Veeam Agent installed as I manage the product so use it for testing, etc.

Yes I do have my computer at home from the office and that is probably why the GPO messages show.  I will see about addressing that.

I will test the options you have noted and will say this - without MB installed the system is fast as well as when MB 4.0.4 is installed it is the same.  So there is something in 4.1 that could now be a conflict with SEP and I will try to narrow it down as noted.

Report back in a while.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.