Jump to content

Problems with anti-virus software?


Recommended Posts

Hi.

I recently had problems running MBAM real-time with the VIPRE 4 a/v, which I recently bought.

(yes, the exclusions were configured in VIPRE, thanks)

Yesterday, I tried the VIPRE update to no avail.

I uninstalled and tried the last v3, and had not more success.

So I installed VIPRE and got back my AVIRA Premium (9).

Same problem!

Running MBAM 1.45, by the way.

The MBAM service causes CPU spikes as soon as I do anything.

Like several other users, I'm beginning to wonder if something changed with the 1.45 upgrade.

Maybe I could downgrade to 1.44, but it'll be automatically upgraded to 1.45 at the next update.

*PLEASE*, as suggested by other users, separate the program and definition updates, so to allow us to upgrade the definitions only if we wish so.

Best regards,

Fran

Link to post
Share on other sites

Unfortunately newer database versions for 1.45 and 1.46 won't work with 1.44 so it can't be updated without installing the newer version of Malwarebytes' Anti-Malware.

As for troubleshooting, please do the following and I'll take a look and see if I can find the source of the issue:

Create an Autoruns Log:

  • Please download Sysinternals Autoruns from here and save it to your desktop.
    • Note: If using Windows Vista or Windows 7 then you also need to do the following:
      1. Right-click on Autoruns.exe and select Properties
      2. Click on the Compatibility tab
      3. Under Privilege Level check the box next to Run this program as an administrator
      4. Click on Apply then click OK

    [*]Double-click Autoruns.exe to run it.

    [*]Once it starts, please press the Esc key on your keyboard.

    [*]Now that scanning is stopped, click on the Options button at the top of the program and select Verify Code Signatures

    [*]Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.

    [*]When it's finished, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop and close Autoruns.

    [*]Right click on the Autoruns.arn file on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder

    [*]Attach the Autoruns.zip folder you just created to your next reply

Thanks :)

Link to post
Share on other sites

I recently started to use a program called Process Lasso Pro, which will temporarily reduce the priority of a process that is using too much CPU. The idea is to prevent the computer from freezing or other programs being unable to run. Process Lasso is continually reducing the priority of mbamservice.exe--every minute or so, it temporarily reduces its priority for a few seconds, claiming that mbamservice "may have been affecting system responsiveness." I'm running MBAM Pro version 1.46. I only recently started to use Process Lasso, so I don't know whether earlier versions of MBAM also caused Process Lasso to respond this way; the Process Lasso logfile records only today's activity. I should note that I don't have a problem with this, but I thought I'd provide some input related to Fran

Link to post
Share on other sites

Thanks for your feedback.

I know I'm not alone with this problem.

(IMHO, 1.46 was rushed out of the door too quickly, but that's another thing. I downloaded the beta, and the next day the beta was closed and 1.46 released)

I understand there were more important issues to fix quickly for customers, so I guess there may be a 1.47 release in the not so far future... :)

Regards,

Fran

Link to post
Share on other sites

Hello again :)

Please do the following:

Delete Autostart Entries Using Autoruns:

Please open Autoruns.exe again and allow it to perform its scan. Once it finishes please proceed with the following:

  • Click on the Services tab and right click each of the following entries and select Delete:



    • a2Cmd

    [*]Click on the Drivers tab and right click each of the following entries and select Delete:


    • ASFWHide
    • BOCDRIVE
    • CPQSETUP.SYS
    • KernelHooks
    • MEMSWEEP2
    • NTGUARD
    • Profos
    • SBRE
    • SymIM
    • SymIMMP
    • Trufos

    [*]Once that is complete, restart your computer.

Let me know if it helps.

Thanks :)

Link to post
Share on other sites

Hi again.

Sorry but no, it didn't help.

After that, I deleted all the other drivers showing "file not found", rebooted, but it didn't help either.

I'm attaching what Process Explorer displays for mbamservice.

(I was doing light web surfing then)

Thanks again,

Fran

post-16154-1272724541_thumb.jpg

Link to post
Share on other sites

Additional info:

I found out that temporarily disabling AVAST or XP's firewall didn't change anything to the CPU usage.

Also please note that *IP blocking was disabled* during the test.

Question:since the database was modified (compressed?), maybe MBAM needs more resources to uncompress it when it scans files and processes?

Just a shot in the dark.

Link to post
Share on other sites

Thanks, 1PW.

Undiagnosed malware?

I ran three anti-virus programs lately, doing scans every night and am also scanning with MBAM.

(the AV programs were tested one at a time, removing the other each time)

Without MBAM real-time, I don't get all that funky CPU activity.

If it's malware, MBAM and the AVs are not detecting it.

Best regards,

Fran

Link to post
Share on other sites

Disable Autostart Entries Using Autoruns:

Please open Autoruns.exe again and allow it to perform its scan. Once it finishes please proceed with the following:

  • Click on the Scheduled Tasks tab and click the checkbox on the left side of each of the following so that they are unchecked:



    • Auslogics Boost Speed Disk Defrag Console Defragmentation.job

    [*]Once that is complete, restart your computer.

Let me know if it helps or not.

Thanks :unsure:

Link to post
Share on other sites

Thanks Samuel.

This is not a resident software.

It's a hard disk defragger, which I run in the middle of the night, everyday.

Do you still want that I try that?

Appears useless to me.

Bst regards,

Fran

Link to post
Share on other sites

Ah, I see. I thought it was running at boot, you can skip it then. I'm honestly at a loss. I can't replicate this behavior on any of my own machines and I can't see anything on your machine that I know of that might cause this behavior. The only items I see unique to your system would be the Microsoft entries for alternate language input that run at startup. They shouldn't cause this but it's worth a try:

Disable Autostart Entries Using Autoruns:

Please open Autoruns.exe again and allow it to perform its scan. Once it finishes please proceed with the following:

  • Click on the Logon tab and click the checkbox on the left side of each of the following so that they are unchecked:



    • IMEKRMIG6.1
    • IMJPMIG8.1
    • MSPY2002
    • PHIME2002A
    • PHIME2002ASync

    [*]Once that is complete, restart your computer.

If that does not help, then open Autoruns again and re-check those entries to re-enable them, then click on the Logon tab and uncheck the following:

    • boinctray
    • Gestionnaire de t
Link to post
Share on other sites

I'll try that tonight, thanks.

Maybe SansaDispatch is the culprit.

(Sansa is my MP3 player, which I bought recently)

I also installed iTunes for my GF's iPod recently.

iTunes also installs three services: applemobiledeviceservice, Bonjour and ipodservice.

Maybe I could uncheck them too, if the other tests fail.

Link to post
Share on other sites

Update:

Nothing helped, unfortunately.

I went further, disabled as much as I could, leaving a very minimal Windows, and MBAM real-time still uses much too CPU resources.

That old PC is going to run Linux anyway in the next days.

I'll try the next releases of MBAM when they come out, but for the moment this case is closed unresolved.

When I get a newer machine, I'll see how it goes.

Thanks for the help,

Fran

Link to post
Share on other sites

I posted earlier about Process Lasso's continually having to restrain MBAM because it uses too much CPU. For the heck of it, I closed Process Lasso and ran AnVir Task Manager Pro. I asked it to inform me when it had to restrain a process because the CPU use was excessive. Sure enough, a pop-up kept informing me that MBAM's CPU usage was excessive. Those programs only rarely found this problem with other processes, just with MBAM, more specifically with mbamservice.exe.

I'm posting this message merely to say that Fran

Link to post
Share on other sites

I have also noticed these consistent spikes in CPU useage with MBAM. My defrag program is set to work when the computer is idle, but since MBAM 1.46, it never works because the CPU usage is never down for any period of time.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.