Jump to content

Conflict with NIS


Recommended Posts

@DarkSnakeCobra I found the file by going through Explorer like you did. However, it won't show up when trying to exclude it in Norton 360.

@Firefox Win7 Home Premium (64 bit of course from earlier...lol)

As I said that file will not show up in Norton under 64 bit version of Windows. You can safely skip that file. :)

@BCDeb

These files are the ones you need to add for 32 bit Windows.

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\drivers\mbam.sys

Please skip C:\WINDOWS\system32\drivers\mbamswissarmy.sys

Link to post
Share on other sites

  • Replies 71
  • Created
  • Last Reply

Top Posters In This Topic

IOW, the conflict is for real. It is not going to be fixed with file exclusions. MalwareBytes real time protection is still going to be interfering with Norton updates. Norton is working on this. I do not know if this would have any application to people with the freeware version of MalwareBytes. Does not sound like it.

Link to post
Share on other sites

As I said that file will not show up in Norton under 64 bit version of Windows. You can safely skip that file. :)

@BCDeb

These files are the ones you need to add for 32 bit Windows.

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\drivers\mbam.sys

Please skip C:\WINDOWS\system32\drivers\mbamswissarmy.sys

OK, I am giving this a try. I used the cleanup tool, disabled my Norton AV and Firewall, reinstalled MalwareBytes and entered my product key, so this is again running real time protection, updated MB, added those files to the exclusions for Norton Auto-protect, enabled my AV and Firewall again. We shall see if, the next time I run Norton Live Update, I get the message about incompatibility and telling me to uninstall MB... Thanks for all your time, folks. We'll see how it goes. But I will keep an eye on the Norton Forum, to see what Norton winds up doing about it... if anything. Some people in the relevant thread at the Norton Forum are uninstalling MB, but I don't want to, unless I absolutely have to.

Link to post
Share on other sites

Yeah, I had to reinstall again, this time unchecking the protection module and automatic protection updates when I put in my product key. It seems you have to run it without real time protection, if you are running NIS, but then you need the licensed version of MB to be able to schedule updates and scans. I've programmed mine to do daily updates with a flash scan at that time, daily quick scans in the evenings, and monthly full scans. I guess that is going to have to do me, for MB, unless/until Norton can make itself compatible with MB. I understand MB is forever playing catch-up with the AV software programs, and I guess this is an instance when MB didn't play catch-up with Norton quickly enough. I have never had an incompatibility notice from Norton re MB, before, and I have been running both programs side-by-side for a couple of years.

Link to post
Share on other sites

I am really sorry, but I have had to uninstall MB. Completely. Forever. You need to have some face-to-face with Norton. They are basically giving us a choice of you or them, at the moment. They aren't being very helpful in resolving this issue, on their own forums. I am really pissed off, because I paid for MB. I am a licensed user. And Norton keeps telling me it is incompatible and must be uninstalled or NIS won't be able to protect me properly. It is even saying this to people who only have the freeware version of MB. And it is definitely not advised to have both NIS and MB doing real-time protection. (I can understand that factor, I can see how the two might get into conflicts as to which one of them is going to deal with an issue that does threaten a computer. But then, why pay for MB? There is no reason to pay for it, other than the real-time protection.) That we are also getting this warning with the freeware MB is what really gets me choked up and makes me think they just don't like you, and are trying to drum you out of business. I think MalwareBytes Co. needs to deal with them company to company. Maybe even sue them.

Link to post
Share on other sites

I am really sorry, but I have had to uninstall MB. Completely. Forever. You need to have some face-to-face with Norton. They are basically giving us a choice of you or them, at the moment. They aren't being very helpful in resolving this issue, on their own forums. I am really pissed off, because I paid for MB. I am a licensed user. And Norton keeps telling me it is incompatible and must be uninstalled or NIS won't be able to protect me properly. It is even saying this to people who only have the freeware version of MB. And it is definitely not advised to have both NIS and MB doing real-time protection. (I can understand that factor, I can see how the two might get into conflicts as to which one of them is going to deal with an issue that does threaten a computer. But then, why pay for MB? There is no reason to pay for it, other than the real-time protection.) That we are also getting this warning with the freeware MB is what really gets me choked up and makes me think they just don't like you, and are trying to drum you out of business. I think MalwareBytes Co. needs to deal with them company to company. Maybe even sue them.

Thank you for letting us know. We will be contacting them directly. We have tested and know for a fact that the two do not conflict at all with realtime protection fully enabled. We have deliberately engineered Malwarebytes Anti-Malware to work very differently from a traditional antivirus in order to avoid any such conflicts. If your antivirus detects something, Malwarebytes Anti-Malware doesn't get the chance to see it and your AV quarantines it before Malwarebytes Anti-Malware was even aware of the threat's existence. If your AV misses the threat and the threat attempts to execute, that's when Malwarebytes Anti-Malware steps in and quarantines the threat, thus avoiding any conflicts. We have tested time and time again and have eliminated any conflicts that have arisen and do thorough compatibility testing with every major AV prior to each release of Malwarebytes Anti-Malware and Norton's products (Norton Antivirus, Norton Internet Security and Norton 360) are on our list of tested products which our Quality Assurance team has verified compatibility with.
Link to post
Share on other sites

Thank you for letting us know. We will be contacting them directly. We have tested and know for a fact that the two do not conflict at all with realtime protection fully enabled. We have deliberately engineered Malwarebytes Anti-Malware to work very differently from a traditional antivirus in order to avoid any such conflicts. If your antivirus detects something, Malwarebytes Anti-Malware doesn't get the chance to see it and your AV quarantines it before Malwarebytes Anti-Malware was even aware of the threat's existence. If your AV misses the threat and the threat attempts to execute, that's when Malwarebytes Anti-Malware steps in and quarantines the threat, thus avoiding any conflicts. We have tested time and time again and have eliminated any conflicts that have arisen and do thorough compatibility testing with every major AV prior to each release of Malwarebytes Anti-Malware and Norton's products (Norton Antivirus, Norton Internet Security and Norton 360) are on our list of tested products which our Quality Assurance team has verified compatibility with.

Thanks exile360 for your candid response.

I am not sure if you have had time to read the entire post... I am just here sounding off that the free MBAM is being flagged by Norton 360 Premier 2013 Edition as well.

Second, would you please accept and pass along my humble Thank You for you and everyone at Malwarebytes for your product. I actually heard of you through "word of mouth" about 3 years ago. I was impressed someone had told me that Malwarebytes (not sure if it is true or not) was started by former hackers who had a change of heart. THANK YOU for designing a product that is another layer of protection. Because we all need ALL the help we can get from the bad guys. fencing_zps08ca9ed3.gif boxing_zpsb4fcecdd.gif

Link to post
Share on other sites

Thanks exile360 for your candid response.

I am not sure if you have had time to read the entire post... I am just here sounding off that the free MBAM is being flagged by Norton 360 Premier 2013 Edition as well.

Second, would you please accept and pass along my humble Thank You for you and everyone at Malwarebytes for your product. I actually heard of you through "word of mouth" about 3 years ago. I was impressed someone had told me that Malwarebytes (not sure if it is true or not) was started by former hackers who had a change of heart. THANK YOU for designing a product that is another layer of protection. Because we all need ALL the help we can get from the bad guys. fencing_zps08ca9ed3.gif boxing_zpsb4fcecdd.gif

You're quite welcome, and thank you for the compliments (and yes, I've read this entire thread :)). While the history of our company is quite interesting, it's not quite as interesting as being started by former hackers. Marcin, our CEO, started things up while working at a PC repair shop (just like myself actually) and became frustrated by the fact that the tools available to him for fixing PCs weren't doing the job at eliminating the nastiest threats of the day such as rogue/fake antivirus software and spyware and that time and time again it was his workplace's policy to format systems that couldn't be easily fixed (i.e. those which required manual repair via tools such as HijackThis etc.) and it really hit home when he himself got infected. He went online to search for help and came across one of the many wonderful security forums where trained experts offer free volunteer assistance in cleaning up machines and worked with them for several days until his PC was back in proper working order and free of infection. He observed them having to use manual removal tools like HijackThis in order to get his PC cleaned and decided to try his hand at building his own, so he learned basic programming and began developing tools to target these nasty threats such as AboutBuster (to kill the then prominent About:Blank infection) and other tools of the like, working with the same experts who had helped him to get his own PC clean to find out what threats they were seeing and how to make tools to automatically remove them, making their jobs much easier.

There's a lot more to this story, but I don't want to get too far off topic here. Needless to say, while Malwarebytes does have humble beginnings, it wasn't started by hackers/ex-hackers, just frustrated PC users like yourself who got sick and tired of these threats getting past all security software and requiring the hand of an expert to remove. That's our goal as a company, to protect against what others fail to, catching the threats they miss and covering the attack vectors that they do not and so far it has proven to be quite successful for us and part of our desire to keep on track with our mantra of believing that everyone has the right to a malware free existence is to continue offering our free version which will update, scan and remove any infections it finds without charging a penny. That's also the reason that we ourselves run our own free, volunteer run malware removal forum located here so that we can keep giving back as much as we can and stop malware in its tracks no matter what it takes.

An article explaining much of the history of how Marcin started things can be found in this article if you'd like to learn more about the history of Malwarebytes :).

Link to post
Share on other sites

Forgive me, but I find the incompatibility story with NIS & MB a bit funny. I get the Norton warning only when I run Norton Autofix, and I can easily skip the warning. I am running MB Free version.

The funny part is that I can resolve the issue by renaming a registry key from “Malwarebytes' Anti-Malware” to “Malwarebytes Anti-Malware” (I only remove the apostrophe).

The actual key is

on Windows7 x64:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

on Windows XP (32b):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

In former days I performed a lot of software creation. I can recall I had some problems with single and double quotation marks in some cases (I do not remember what programming language I used in that case).

On both computers: If I remove the apostrophe (or single quotation mark) the Norton issue is resolved! (I have not tested what happens if I try to uninstall MB, but it is very easy to reinsert the apostrophe.)

Link to post
Share on other sites

By renaming the registry you're potentially causing other issues as there are some routines that look for that key.

We are looking at removing that from the Registry and Folder structure in a future build but that is still a ways out.

The mentioned key is the uninstall key, probably I shall have some trouble if I try to uninstall MB through the Control Panel. That is why I said it is easy to reinsert the apostrophe.

MB works as always with this modified uninstall key. And it is FUNNY that NIS is “satisfied” with this modification.

By all means, I do NOT recommend the key renaming to be a solution. I hope that the direct contact between MB and Symantech (Product Manager Samuel E Lindsey in Post #33) will give us a real solution.

Link to post
Share on other sites

We have deliberately engineered Malwarebytes Anti-Malware to work very differently from a traditional antivirus in order to avoid any such conflicts. If your antivirus detects something, Malwarebytes Anti-Malware doesn't get the chance to see it and your AV quarantines it before Malwarebytes Anti-Malware was even aware of the threat's existence. If your AV misses the threat and the threat attempts to execute, that's when Malwarebytes Anti-Malware steps in and quarantines the threat, thus avoiding any conflicts.

Could you please elaborate this statement?

I am sure you are aware that several “experts” disagree with you. Can you convince me that I without danger can run MB PRO together with NIS?

Link to post
Share on other sites

Could you please elaborate this statement?

I am sure you are aware that several “experts” disagree with you. Can you convince me that I without danger can run MB PRO together with NIS?

Certainly. Antivirus software scans items on access, meaning whenever a file is created or modified on disk. Malwarebytes Anti-Malware's realtime protection does not do that. Malwarebytes Anti-Malware Pro only scans processes on execution (i.e. when they attempt to enter memory) which is well after an antivirus has already analyzed the file. This is how we avoid conflicts because the only way that Malwarebytes Anti-Malware will even see a threat is if it already got past your antivirus undetected. This makes it impossible for your antivirus and Malwarebytes Anti-Malware's realtime protection to detect an object at the same time, thus eliminating the possibility for a conflict to occur.
Link to post
Share on other sites

Your reply is highly appreciated. I am a “non-expert” with 30 years in front of the keyboard. I am retired now, but I cannot think of a day without my computer. Internet is a new world, but brings us some draw-backs... We really want to avoid the malwares.

Your explanation of “on access” and “on execution” is understandable, but does not both Norton and Kaspersky have “on execution features”?

Quote from Kaspersky:

Potential threats are monitored and analysed – in real-time – and dangerous actions are completely blocked before they can cause any harm.

In addition to scanning for vulnerabilities, Kaspersky Internet Security 2013 analyses and controls the actions of programs that have vulnerabilities – so they can’t cause any harm.

Quote from Norton:

Viruses and other security threats can be detected during a manual or scheduled scan. Auto-Protect detects these threats when you perform an action with an infected file. Threats can also appear during an instant messenger session, when you send an email message, or during a manual or scheduled scan.

Security risks, such as spyware and adware, can also be detected when these activities are performed.

Link to post
Share on other sites

Neither of the above quotes refers to objects entering memory (being executed), at least not that I can see, and we've tested all of Kaspersky's products as well as all of Symantec's (Norton) products and verified this to be true.

For example, if you take any file which would be detected by both products and try to download it, the antivirus is going to block it before it runs. If you open a folder containing a file which both products would detect, the antivirus again will detect it before it tries to run. If another process on the computer accesses the file, again, the antivirus would detect it. So in any scenario where a file which is a threat, the AV is going to see it first and if the AV sees it as a threat and removes it, Malwarebytes Anti-Malware's protection will not be triggered. I have to date seen no reports ever of Malwarebytes Anti-Malware's protection module detecting a threat at the same time as a user's antivirus.

Link to post
Share on other sites

@ exile360

Have you guys been able to get tin touch with or heard from Symantec yet? If so...what have they said?

We have reached out to them, but as far as I know they've not yet responded. Since this incident of their products displaying this incompatibility message began, we've done further testing with their products and have yet to find any conflicts, issues or incompatibilities so we're still not sure why they're suddenly showing this message stating they're incompatible and we still have many Malwarebytes Anti-Malware Pro users running with realtime protection fully enabled alongside Norton products and simply ignoring/skipping the incompatibility message and have had 0 reports or incidents of any actual conflicts or issues.

Hopefully they'll respond to us soon so that we can find out why they believe an incompatibility exists and work with them to resolve it should any evidence or justification for their claims be found.

Link to post
Share on other sites

OK on w7 64 bits, no more NIS complaints after exclusion.

Thanks.

Strange, AstroMax. I have added the four files mentioned in Firefox's post #24 to both “exclude from risk scanning” and “exclude from Auto-Protect scans, SONAR scans, and Download Insight”, and I have rebooted my Win7x64 computer.

Still Norton Autofix reports incompatibility!

Link to post
Share on other sites

  • Root Admin

@John_Dissident

It appears that Symantec/Norton is reading the registry for the uninstall string for Malwarebytes and based on that alone causes their software to bring up this alert.

As another user posted, you could temporarily rename this key in the registry and the Symantec software will stop flagging it but unless you're an experienced users I would not recommend that. It would be best to ignore the warning for now until hopefully we can get this resolved with Symantec. Unfortunately they are an independent company from us so we have to say so in how or what they do with their software and can only hope that without clear evidence of a conflict that they will remove their new scare tactic from their software.

Thanks

Link to post
Share on other sites

I have NIS 2013 v20.3.1.22. I too have just been warned by it of the major conflict with mbam. I uninstalled it but will reinstall it having found this thread on the Norton Community forum:

http://community.norton.com/t5/Norton-Internet-Security-Norton/NIS-2013-telling-me-to-uninstall-Malwarebytes-why/m-p/952799#M237618

I am Taffy078 - you will see that I am voting with my feet and am not renewing my NIS. I'll find a simpler one - AVG has been recommended and I hope that that too will not conflict with mbam

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.