Jump to content

Malwarebytes Service goes berserk


Recommended Posts

Folks,

I am a Premium user, currently running v4.3.0.98. I have always had Administrator privileges on my Windows account, and everything has worked well. Today I thought that I would remove those privileges and run as a standard user. And then the Malwarebytes Service went totally berserk. It constantly ran at approx. 40% CPU. I restarted the computer. Same thing. It crossed my mind to uninstall the program and reinstall it, but first I thought I'd put back the Administrator privileges and see what happens, and then Malwarebytes went back to normal. Is it not possible to run the program as a standard user and get it to behave normally? I realize that it is possible to right click on the icon and choose "Run as Administrator", but the program starts automatically when I log in. And if I remove the autostart function, I will most likely forget to start the program manually.

Kind regards,
PJ

Link to post
Share on other sites

  • Staff

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes for Windows Help forum.

If you are having technical issues with our Windows product, please do the following:

Malwarebytes Support Tool - Advanced Options

This feature is designed for the following reasons:

  • For use when you are on the forums and need to provide logs for assistance
  • For use when you don't need or want to create a ticket with Malwarebytes
  • For use when you want to perform local troubleshooting on your own

How to use the Advanced Options:

Spoiler
  1. Download Malwarebytes Support Tool
  2. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  3. Place a checkmark next to Accept License Agreement and click Next
  4. Navigate to the Advanced tab
  5. The Advanced menu page contains four categories:
    • Gather Logs: Collects troubleshooting information from the computer. As part of this process, Farbar Recovery Scan Tool (FRST) is run to perform a complete diagnosis. The information is saved to a file on the Desktop named mbst-grab-results.zip and can be added as an email attachment or uploaded to a forum post to assist with troubleshooting the issue at hand.
    • Clean: Performs an automated uninstallation of all Malwarebytes products installed to the computer and prompts to install the latest version of Malwarebytes for Windows afterwards. The Premium license key is backed up and reinstated. All user configurations and other data are removed. This process requires a reboot.
    •  Repair System: Includes various system-related repairs in case a Windows service is not functioning correctly that Malwarebytes for Windows is dependent on. It is not recommended to use any Repair System options unless instructed by a Malwarebytes Support agent.
    • Anonymously help the community by providing usage and threat statistics: Unchecking this option will prevent Malwarebytes Support Tool from sending anonymous telemetry data on usage of the program.
  6. To provide logs for review click the Gather Logs button
  7. Upon completion, click OK
  8. A file named mbst-grab-results.zip will be saved to your Desktop
  9. Please attach the file in your next reply.
  10. To uninstall all Malwarebytes Products, click the Clean button.
  11. Click the Yes button to proceed. 
  12. Save all your work and click OK when you are ready to reboot.
  13. After the reboot, you will have the option to re-install the latest version of Malwarebytes for Windows.
  14. Select Yes to install Malwarebytes.
  15. Malwarebytes for Windows will open once the installation completes successfully.

Screenshots:

Spoiler
 
 
 
 
Spoiler

 

 

01.png

02.png

03.png

04.png

05.png

06.png

 

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help

If you need help looking up your license details, please head here: Find my premium license key

 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

Link to post
Share on other sites

1 hour ago, Surfside67 said:

Today I thought that I would remove those privileges and run as a standard user.

I'm sorry the software isn't working properly but we'll do our best to help.

Personally, I do not subscribe to the use a standard user account approach, But Malwarebytes will run properly in one.

Did you completely sign out of the Admin account instead of log off?

To begin, please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  1. Download and run the Malwarebytes Support Tool
  2. Accept the EULA and click Advanced tab on the left (not Start Repair)
  3. Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply

Thanks

 

Edited by Porthos
Link to post
Share on other sites

Hello,

I just logged out from my personal account, logged in to the Administrator account, removed the Administrators group from my personal account, logged out and logged in again to my personal account. And that's when the Malwarebytes Service started to act up. Was that not the correct procedure?

I have been a computer technician for 37 years, and in recent years we have tried to avoid letting our users be local administrators as much as possible. According to a Microsoft representative, this will reduce the harm that a virus or malware can do by 95%, especially of course, if it is a totally new virus that the antivirus system doesn't know about. So I thought I'd try that approach also in my home computers.

I will look into the support tool and logs when I get home from work.

Sincerely,
PJ

Link to post
Share on other sites

14 minutes ago, Surfside67 said:

I have been a computer technician for 37 years

You have 17 over me.

 

14 minutes ago, Surfside67 said:

and in recent years we have tried to avoid letting our users be local administrators as much as possible.

That is fine especially in a business network and when users do not have the admin password.

15 minutes ago, Surfside67 said:

this will reduce the harm that a virus or malware can do by 95%, especially of course, if it is a totally new virus that the antivirus system doesn't know about. So I thought I'd try that approach also in my home computers.

You are correct but... Malware can install at the system level and bypass user accounts. Although you are an advanced user like myself. User account control is useless in a home setting as the user is so used to clicking yes to the elevation prompt, many do not even stop and think any longer they just use the password for the admin account (if it even has one) and proceed blindly.

I will wait on further evaluation of your issue until I get a chance to look at the logs.🙂

Link to post
Share on other sites

2 minutes ago, Surfside67 said:

Here are the logs.

Quote

AVG Internet Security

I suggest turning off fast startup in Windows. Then restart.

https://www.tenforums.com/tutorials/4189-turn-off-fast-startup-windows-10-a.html

Please also refer to this support article which lists several known applications which conflict with the Web Protection in Malwarebytes currently, which includes AVG Internet Security.

Link to post
Share on other sites

It is an M82.

Hibernate is required for fast startup, right? And hibernate is disabled. And besides, if I choose Restart and not Shutdown, then fast startup is bypassed, isn't it?

Thanks for the info about conflicting applications! I read somewhere that MB is designed to run together with other antivirus applications, so I thought that it was okay...

PJ
 

Link to post
Share on other sites

7 minutes ago, Surfside67 said:

Hibernate is required for fast startup, right? And hibernate is disabled.

Fast start is not hibernate. But your log shoes both are on.

Quote

Hibernation :                    On
Fast Startup:                    On

 

8 minutes ago, Surfside67 said:

if I choose Restart and not Shutdown, then fast startup is bypassed, isn't it?

That is true.

9 minutes ago, Surfside67 said:

I read somewhere that MB is designed to run together with other antivirus applications, so I thought that it was okay...

It is compatible with most but there are exceptions. I just use Defender and Malwarebytes myself and all of my clients.

11 minutes ago, Surfside67 said:

It is an M82.

The 3rd and 4th generation M series towers are my go to refurbs for my clients. I have a m93p I7 with 32 gig ram and SSD my self.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.