Malwarebytes slow at statup Windows10

[paninodimerda]

Hello,

I've Malwabytes Premium (version 4.4.6.132)  installed on my PC with Windows 10 Pro (version 10.0.19043 Build 19043).

In attachments the logs which I retrieved through MB SupportTool.

The problem is that Malwarebytes it really takes a long time to start (about 5 minutes). I have already tried to unistall it and re-install through the MB SupportTool, but unfortunately without solving the problem.

I hope you can help me, it's quite annoying and frustrating.. thank you!

mbst-grab-results.zip

[AdvancedSetup]

Hello @paninodimerda

Can you please try temporarily removing the custom HOSTS file you have running and restore it back to the default HOSTS file and restart the computer. Then let me know if still having an issue launching Malwarebytes

Also, what are these PowerShell scripts doing running on the system? Did you set  them up? It's also extremely not normal to run anything permanently from the Temp folder.

 

Task: {00C27DF7-C921-40BC-935A-63A7B3BFD106} - System32\Tasks\Sophia Script\SoftwareDistribution => powershell.exe 0
Task: {12AE759D-362B-45B1-862C-955A020408C0} - System32\Tasks\Sophia Script\Windows Cleanup => powershell.exe 0
Task: {1A39B8AA-AE2C-4479-A93C-4F243281096F} - System32\Tasks\Sophia Script\Temp => powershell.exe Get-ChildItem -Path C:\Users\Dj_MA\AppData\Local\Temp -Force -Recurse | Remove-Item -Recurse -Force

The entries look like an attempt to use PowerShell to clear Temp folders and Distribution folders. There are tools dedicated to doing this as well as a simple batch file with RD /Q /S.   Using PowerShell can potentially trigger security software to block or alert as a detection

 

Edited October 1, 2021 by AdvancedSetup
updated information

[paninodimerda]

Hello @AdvancedSetup

Quote

Can you please try temporarily removing the custom HOSTS file you have running and restore it back to the default HOSTS file and restart the computer. Then let me know if still having an issue launching Malwarebytes

I try as soon as I have time I'll give it a try and I'll let you know. 

 

Quote

Also, what are these PowerShell scripts doing running on the system? Did you set  them up? It's also extremely not normal to run anything permanently from the Temp folder.

Yes, I set these scripts to clean temp folder and performs other clean operation of the system. They are harmless, but if you suggest other tools I'll appreciate if you can indicate me what tool use.

[AdvancedSetup]

A batch run with Admin rights should be enough to clear all temp files that are not in use. I keep a folder called D:\Admin\Batch  where I store batch files.

@echo off
CD "%TEMP%\"
RD /S /Q "%TEMP%\"
CD "%WINDIR%\TEMP"
RD /S /Q "%WINDIR%\TEMP"

By changing into the folder and issuing the command the main folder will not be removed.

 

Disk cleanup in Windows 10
https://support.microsoft.com/en-us/windows/disk-cleanup-in-windows-10-8a96ff42-5751-39ad-23d6-434b4d5b9a68

The Best Way to Clean Windows 10: A Step-by-Step Guide
https://www.makeuseof.com/tag/best-way-clean-windows-10-step-step-guide/

Use Windows 10’s New "Free Up Space" Tool to Clean Up Your Hard Drive
https://www.howtogeek.com/348635/use-windows-10s-new-free-up-space-tool-to-clean-up-your-hard-drive/

Free up drive space in Windows
https://support.microsoft.com/en-us/windows/free-up-drive-space-in-windows-85529ccb-c365-490d-b548-831022bc9b32

 

Let me know how the HOSTS file change goes please.

Thanks @paninodimerda

 

[paninodimerda]

9 hours ago, AdvancedSetup said:

Let me know how the HOSTS file change goes please.

 

Reverting the HOSTS file to default config seems toi solve the issue. 

How does this affect startup of MB? I can't customize the HOSTS file?

 

Thanks @AdvancedSetup

[AdvancedSetup]

You can customize the hosts file. My assumption is you probably had one or more settings in there that were blocking one of our sites.

Try customizing again but make sure you don't block any of our sites and see if that works out better

 

[paninodimerda]

On 10/3/2021 at 12:23 PM, AdvancedSetup said:

You can customize the hosts file. My assumption is you probably had one or more settings in there that were blocking one of our sites.

 

Yes, you're right. I 've just checked and I found this:

0.0.0.0 telemetry.malwarebytes.com

 

[AdvancedSetup]

Did removing that, restoring the HOSTS file, and restart correct the issue for you @paninodimerda

 

[paninodimerda]

@AdvancedSetup I restored my custom HOSTS removing the line above, I restart windows and I've done from cmd line: 

ipconfig /flushdns

But unfortunately that not solve the issue, so I think there are some other entries in the HOSTS which impact MB..(?) Can you give me all your site that must not be blocked?

Anyway, from GUI of MB I disabled the Telemetry, I don't understand how this can cause boot hindrances of software.
Thanks

[AdvancedSetup]

Please make sure none of the following entries are in your host file or blocked by your Firewall @paninodimerda

cdn.mwbsys.com
cleo.mb-internal.com
hubble.mb-cosmos.com
iris.mwbsys.com
keystone.mwbsys.com
links.malwarebytes.com
malwarebytes.com
my-device.malwarebytes.com
sirius.mwbsys.com
telemetry.malwarebytes.com

 

 

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you