Malwarebytes possible conflict?

I realise there may be an existing thread on this issue but I did not want to read through twenty pages of posts. Today for the very first time when I go to the Get Support option located under Support I get an Autofix Attention screen stating that there is a conflict with Malwarebytes V1.75.0.1300. I have never had this message before and I don't know how there could be a conflict since I only have Malwarebytes as a backup scanner i.e. there is no real time monitoring.

 

Why is this message only coming up now when I have had Malwarebytes on my PC for two years now with no indication of problems with NIS of any year before?

I realise there may be an existing thread on this issue but I did not want to read through twenty pages of posts. Today for the very first time when I go to the Get Support option located under Support I get an Autofix Attention screen stating that there is a conflict with Malwarebytes V1.75.0.1300. I have never had this message before and I don't know how there could be a conflict since I only have Malwarebytes as a backup scanner i.e. there is no real time monitoring.

 

Why is this message only coming up now when I have had Malwarebytes on my PC for two years now with no indication of problems with NIS of any year before?

Same here.

 

I have been running Malwayrebytes Free version for quite a while now and just got the error 3048, 3 this morning. (04.18.2013) (Conflicting Product - Malwarebytes Anti-Malware version 1.75.0.1300)

 

I ran the Intelligent Updater as suggested. (Power Eraser was suggested if that did not work.)  It didn't give me any indication that anything was fixed, or rather that a certian program wasn't downloaded (towards the bottom).  Here is the log:

 

Thu Apr 18 11:38:46 2013 : ******************************************************************

Thu Apr 18 11:38:46 2013 : Starting Intelligent Updater - Version 5.1.1.7

Thu Apr 18 11:38:46 2013 : ******************************************************************

Thu Apr 18 11:38:46 2013 : AUTH SYMSIGNED BEGIN: Started.

Thu Apr 18 11:38:46 2013 : AUTH SYMSIGNED CLASS3 BEGIN: Entering CriticalSection Initialization .

Thu Apr 18 11:38:46 2013 : AUTH SYMSIGNED CLASS3: Succeeded find the class 3 ID, returning TRUE.

Thu Apr 18 11:38:46 2013 : AUTH SYMSIGNED END: Finished processing. Returns TRUE

Thu Apr 18 11:38:46 2013 : IU RES SYMSIGNED SUCCESS: Successfully verified Symantec Signature for the iuResource.dll

Thu Apr 18 11:38:46 2013 : IU RES LOAD: Successfully loaded the resource file..

Thu Apr 18 11:38:46 2013 : IU MODE: IU is running is FULL mode.

Thu Apr 18 11:38:55 2013 : CONFIG LOAD SUCCESS: Successfully loaded the configuration file: iuConfig.xml.

Thu Apr 18 11:38:55 2013 : IU INFO: File-name : 20130418-005-v5i64.EXE

Thu Apr 18 11:38:55 2013 : IU INFO: Creation-date : 20130418

Thu Apr 18 11:38:55 2013 : PROCESSING ENTRY: VIRSCAN.zip - Virus Definitions

Thu Apr 18 11:38:55 2013 : Entry details:

Thu Apr 18 11:38:55 2013 : Update-File: VIRSCAN.zip

Thu Apr 18 11:38:55 2013 : Update-Desc: Virus Definitions

Thu Apr 18 11:38:55 2013 : Auth DLL Name: SAVIUAuth

Thu Apr 18 11:38:55 2013 : Auth DLL Location: local

Thu Apr 18 11:38:55 2013 : Auth Content-Type: virus definitions x64

Thu Apr 18 11:38:55 2013 : Deploy Content-Type: virus definitions x64

Thu Apr 18 11:38:55 2013 : Deploy DLL Name: SAVIUDeploy

Thu Apr 18 11:38:55 2013 : Deploy DLL Location: local

Thu Apr 18 11:38:55 2013 : AUTH DLL LOCATION: IU will read the DLL location from registry - SAVIUAuth

Thu Apr 18 11:38:55 2013 : REG SUCCESS: Success while opening key

Thu Apr 18 11:38:55 2013 : REG FAILURE: Failed while fetching the path from registry.

Thu Apr 18 11:38:55 2013 : DEPLOY DLL LOCATION: IU will read the DLL location from registry - SAVIUDeploy

Thu Apr 18 11:38:55 2013 : REG SUCCESS: Success while opening key

Thu Apr 18 11:38:55 2013 : REG FAILURE: Failed while fetching the path from registry.

Thu Apr 18 11:38:55 2013 : IGNORE ENTRY: Ignoring entry for VIRSCAN.zip because of registry read failure. Error occurred while reading the path for the Authorization DLL from the registry.

Thu Apr 18 11:38:55 2013 : The product corresponding to this entry in iuconfig.xml is not installed on the system.

Thu Apr 18 11:38:55 2013 : PROCESSING ENTRY: VIRSCAN.zip - Virus Definitions

Thu Apr 18 11:38:55 2013 : Entry details:

Thu Apr 18 11:38:55 2013 : Update-File: VIRSCAN.zip

Thu Apr 18 11:38:55 2013 : Update-Desc: Virus Definitions

Thu Apr 18 11:38:55 2013 : Auth DLL Name: ISAuthDLL

Thu Apr 18 11:38:55 2013 : Auth DLL Location: local

Thu Apr 18 11:38:55 2013 : Auth Content-Type: virus definitions x64

Thu Apr 18 11:38:55 2013 : Deploy Content-Type: virus definitions x64

Thu Apr 18 11:38:55 2013 : Deploy DLL Name: ISDeployDLL

Thu Apr 18 11:38:55 2013 : Deploy DLL Location: local

Thu Apr 18 11:38:55 2013 : AUTH DLL LOCATION: IU will read the DLL location from registry - ISAuthDLL

Thu Apr 18 11:38:55 2013 : REG SUCCESS: Success while opening key

Thu Apr 18 11:38:55 2013 : REG FAILURE: Failed while fetching the path from registry.

Thu Apr 18 11:38:55 2013 : DEPLOY DLL LOCATION: IU will read the DLL location from registry - ISDeployDLL

Thu Apr 18 11:38:55 2013 : REG SUCCESS: Success while opening key

Thu Apr 18 11:38:55 2013 : REG FAILURE: Failed while fetching the path from registry.

Thu Apr 18 11:38:55 2013 : IGNORE ENTRY: Ignoring entry for VIRSCAN.zip because of registry read failure. Error occurred while reading the path for the Authorization DLL from the registry.

Thu Apr 18 11:38:55 2013 : The product corresponding to this entry in iuconfig.xml is not installed on the system.

Thu Apr 18 11:38:55 2013 : PROCESSING ENTRY: VIRSCAN.zip - Virus Definitions

Thu Apr 18 11:38:55 2013 : Entry details:

Thu Apr 18 11:38:55 2013 : Update-File: VIRSCAN.zip

Thu Apr 18 11:38:55 2013 : Update-Desc: Virus Definitions

Thu Apr 18 11:38:55 2013 : Auth DLL Name: Norton X64 AuthDLL

Thu Apr 18 11:38:55 2013 : Auth DLL Location: local

Thu Apr 18 11:38:55 2013 : Auth Content-Type: VirusDefs

Thu Apr 18 11:38:55 2013 : Deploy Content-Type: VirusDefs

Thu Apr 18 11:38:55 2013 : Deploy DLL Name: Norton X64 DeployDLL

Thu Apr 18 11:38:55 2013 : Deploy DLL Location: local

Thu Apr 18 11:38:55 2013 : AUTH DLL LOCATION: IU will read the DLL location from registry - Norton X64 AuthDLL

Thu Apr 18 11:38:55 2013 : REG SUCCESS: Success while opening key

Thu Apr 18 11:38:55 2013 : REG SUCCESS: Succeeded while fetching the path from registry.

Thu Apr 18 11:38:55 2013 : DEPLOY DLL LOCATION: IU will read the DLL location from registry - Norton X64 DeployDLL

Thu Apr 18 11:38:55 2013 : REG SUCCESS: Success while opening key

Thu Apr 18 11:38:55 2013 : REG SUCCESS: Succeeded while fetching the path from registry.

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED BEGIN: Started.

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED CLASS3 BEGIN: Entering CriticalSection Initialization .

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED CLASS3: Succeeded find the class 3 ID, returning TRUE.

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED END: Finished processing. Returns TRUE

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED SUCCESS: Successfully verified Symantec Signature for the authorization dll C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\NUMEng.dll

Thu Apr 18 11:38:55 2013 : AUTH LOAD SUCCESS: Successfully loaded the authorization dll - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\NUMEng.dll

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED BEGIN: Started.

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED CLASS3 BEGIN: Entering CriticalSection Initialization .

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED CLASS3: Succeeded find the class 3 ID, returning TRUE.

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED END: Finished processing. Returns TRUE

Thu Apr 18 11:38:55 2013 : DEPLOY SYMSIGNED SUCCESS: Successfully verified Symantec Signature for the deployment dll C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\NUMEng.dll

Thu Apr 18 11:38:55 2013 : DEPLOY LOAD SUCCESS: Successfully loaded the deployment dll - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\NUMEng.dll

Thu Apr 18 11:38:55 2013 : AUTHORIZATION SUCCESSFUL: VIRSCAN.zip is successfully authorized for deployment.

Thu Apr 18 11:38:55 2013 : DEPLOY PATH SUCCESS: VIRSCAN.zip will be deployed at location C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\tmp678d.tmp

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED BEGIN: Started.

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED CLASS3 BEGIN: Entering CriticalSection Initialization .

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED CLASS3: Succeeded find the class 3 ID, returning TRUE.

Thu Apr 18 11:38:55 2013 : AUTH SYMSIGNED END: Finished processing. Returns TRUE

Thu Apr 18 11:38:55 2013 : UNRAR LOAD SUCCESS: Successfully loaded the UNRAR DLL.

Thu Apr 18 11:38:55 2013 : UNRAR OPEN SUCCESS: Success opening RAR file VIRSCAN.zip

Thu Apr 18 11:39:01 2013 : UNRAR EXTRACT SUCCESS: Succesfully extracted VIRSCAN.zip to C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\tmp678d.tmp

Thu Apr 18 11:39:01 2013 : POST PROCESS SUCCESS: Successfully performed post processing for VIRSCAN.zip

Thu Apr 18 11:39:01 2013 : Calling ReleaseInstance() on the object of IIntelligentUpdaterAuthorizationManager2.

Thu Apr 18 11:39:01 2013 : PROCESSING ENTRY: VIRSCAN.zip - Virus Definitions

Thu Apr 18 11:39:01 2013 : Entry details:

Thu Apr 18 11:39:01 2013 : Update-File: VIRSCAN.zip

Thu Apr 18 11:39:01 2013 : Update-Desc: Virus Definitions

Thu Apr 18 11:39:01 2013 : Auth DLL Name: SSEIUAuth

Thu Apr 18 11:39:01 2013 : Auth DLL Location: local

Thu Apr 18 11:39:01 2013 : Auth Content-Type: virus definitions x64

Thu Apr 18 11:39:01 2013 : Deploy Content-Type: virus definitions x64

Thu Apr 18 11:39:01 2013 : Deploy DLL Name: SSEIUDeploy

Thu Apr 18 11:39:01 2013 : Deploy DLL Location: local

Thu Apr 18 11:39:01 2013 : AUTH DLL LOCATION: IU will read the DLL location from registry - SSEIUAuth

Thu Apr 18 11:39:01 2013 : REG SUCCESS: Success while opening key

Thu Apr 18 11:39:01 2013 : REG FAILURE: Failed while fetching the path from registry.

Thu Apr 18 11:39:01 2013 : DEPLOY DLL LOCATION: IU will read the DLL location from registry - SSEIUDeploy

Thu Apr 18 11:39:01 2013 : REG SUCCESS: Success while opening key

Thu Apr 18 11:39:01 2013 : REG FAILURE: Failed while fetching the path from registry.

Thu Apr 18 11:39:01 2013 : IGNORE ENTRY: Ignoring entry for VIRSCAN.zip because of registry read failure. Error occurred while reading the path for the Authorization DLL from the registry.

Thu Apr 18 11:39:01 2013 : The product corresponding to this entry in iuconfig.xml is not installed on the system.

---------------------------------------------------------------------

 

I ended up contacting Norton Support.  The rep. ran a Live Update and he said that Norton was working fine.  I pointed him out to the log file.  He basically said that there was no problem. (I am still on the fence about that)

 

I asked if he thought perhaps there would be a virus as the instructions stated if the Intelligent Updater did not fix the problem.  He was emphatic about the answer, "Absolutely not!"

 

Nothing was really resolved (felt that I was given "pat answers") except I was encouraged to uninstall Malwarebytes because of the conflict.

 

I don't feel like my issue was resolved 100% and am waiting to uninstall Malwarebytes unless I absolutely have to.

 

Can anyone smarter-er than the rep. I spoke to have a solution?

As I stated in the other long thread - I never had the MBAM Warning until after I updated to version 20.3.1.22 and still only get it when I run Get Support.


Ballistic wrote:

Hello,

 

I got the same message, and have followed the same thread that you mentioned.

 

This morning I switched my setitngs to turn off Smart Defintions and now I understand what the fuss is about. I didn't have the problem before. I received a 186 MB download.

 

 


The large download would be normal when you first turn off Smart Definitions. The full definitions need to be downloaded for the first time. The regular Liveupdates will be a more normal size after that.

 

 

 

cant  understand how the error was fixed if it was skipped and why this problem occurs today the only thing that is changed its an update in log for nis Engine,Nis,instaldir my nis version is 20.3.1.22  OS windowsxp home latest updates

MBAN its the ondemand scaner free so why should be a conflict antleast until now i never had this errror

eroare nis.JPG

Update: 04.19.2013 10:44 a.m. -7 G.M.T.

 

Just got off the phone with a Norton rep. (from India…never one from the U.S.) that made a follow-up phone call to the online support chat that I had yesterday.

 

This time I was blunt about my feelings on the support I received.  I explained everything as I did previously to the rep. via the cat support.  The rep. valiantly defended Norton/Symantec, like a shiny knight on a shiny white horse, ridding the planet of all viruses.

 

I explained to him that if ANY company says/claims that they remove all viruses from all computers, they are LYING. (I was in the midst of talking too fast for him to reply, however, I bet he had nothing to say about that.)

 

I gave an example of this by telling him of my experience of downloading the PC game Angry Birds. I advised him that when I ran Norton everything was okay.  When I ran Malwarebytes there was a virus in Angry Birds. (Here is a copy of the log for proof.)

 

Malwarebytes’ Anti-Malware 1.51.2.1300

 

Database version: 911122704

 

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

 

12/27/2011 4:12:04 PM

mbam-log-2011-12-27 (16-12-04).txt

 

Scan type: Full scan (C:\|D:\|E:\|H:\|)

Objects scanned: 318712

Time elapsed: 46 minute(s), 25 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

(No malicious items detected)

 

Registry Keys Infected:

(No malicious items detected)

 

Registry Values Infected:

(No malicious items detected)

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

c:\Users\Owner\AppData\Local\Temp\icreinstall\cnet2_angrybirdsinstaller_1_5_1_exe.exe (PUP.Adware.Downloader) -> Quarantined and deleted successfully.

 

He seemed to have backpedaled on his stance and with me about using Malwarebytes.  He even offered the idea that Malwarebytes is being used as a second layer of protection.

 

This time I went to the heart of the matter and asked, “Specifically, why is Norton 360 incompatible with Malwarebytes?” (When the free version does not even run in the background.)  He said, “There was no specific reason.”  I believe:

 

1. That he does not know that answer.

2. That Symantec is not going to tell him or us why/what that answer is.  (I don’t fault him for that.  It is just company policy I imagine.)

 

After thinking on your post, I deduced something that I wonder if it will cause problems later (i.e. If I leave everything alone will Norton 360 not work properly?)  If you notice on the left hand side, there is a Blue Dot.  I believe from what limited information I have about Norton is that the Blue Dot merely just represents "Information." (Information only?? Information of a problem what will not allow Norton to work??)

 

As a test with an actual live Norton rep. on my phone, I did a Live Update and everything worked fine regarding the update and I was able to get 4 updates.  Then I clicked on Support > Get Support and I received the same Autofix error again.

 

After butting heads together croc.gif for 20 minutes on the phone, bangpc.gif the rep. said that he would keep the case open for follow-up and I said that would be fine.

 

I do not know what will happen after this.  Perhaps I will write a letter to the United States Symantec office and get some much needed answers.  I don’t know.

 


fryerlawrence wrote:

Update: 04.19.2013 10:44 a.m. -7 G.M.T.

 

 

Files Infected:

c:\Users\Owner\AppData\Local\Temp\icreinstall\cnet2_angrybirdsinstaller_1_5_1_exe.exe (PUP.Adware.Downloader) -> Quarantined and deleted successfully.

 

 


PUP stands for "potentially unwanted progran" and as the message indicates, it was most likely adware. Alerts of these types from MBAM can be false positives. I suspect this was probably due to a download wrapper. The alert object should be checked with secondary sources before deleting.

 

Bottom line is this type of software is a nuisance but not usually malicious. 

 

Also I recommend you change MBAM setting not to auto quarantine and delete. I guess your not aware of the MBAM snafu this week that trashed thousands of computers? It could have been prevented had the auto quarantine setting been set to off.

 

donziehm... thanks for the note.  I was in error blink2.gif...lol... imagine that.   After research I believe that MBAM Free version does not have an auto delete function and you have to take a look at it first before deleting.. which is a good thing for me Big Grin.gif

 

So... now we wait for da patch.  And the next time your cpu or laptop does funny things to you and you don't know what to do.... do what I do....  It just might make you feel better.

 

bangpc.gif

 

I do like the game Angry Birds...however I am still concerned that it is still a P.U.P.  After running said virus scanner... would it still be okay and not have things like privacy invasive stuff?  I tried Google and came up short.  I do know that the program comes from Finland because I had a foriegn transaction fee after doing some digging.

 

Anyone?

 

-fryer

fryerlawrence wrote:

After research I believe that MBAM Free version does not have an auto delete function and you have to take a look at it first before deleting..

 

I am not a MBAM Free expert, but check Settings>Scanner settings. At the bottom you have three different actions, each of them with three options. Personally I have selected:

 

Show in results list and do not check for removal: The detected item is shown in the scan results list but will not be selected for removal. Each item must be checked manually for removal.

 

(Quote from the help file.)

 

Fryerlawrence

If you want to have another opinion on your downloaded Angry Birds, have the file scanned for free by the online scanner at VirusTotal. https://www.virustotal.com/en/

If it does have some malware, you should get your money back.



Thanks for your help.  This was some time ago and I was so spitting mad (because millions of people have this game and are most likely unaware) that I just uninstalled it.

 

Then as I was trying to locate my log for the log showing the PUP I noticed that I still had the unlock code for the game stored in my e-mail and got curious again.

Thanks John.

 

I re-checked and set them to what you had suggested.  A couple of them were set differently.

 

-fryer

I got the Malwarebytes warning too...Sounds like a Norton bug to me...I hope they get it fixed soon.

According to me you have to discuss your problem with your antivirus virus removal team to get rid of your problem.

Reminder to everyone:

 

http://community.norton.com/t5/Norton-Internet-Security-Norton/Warning-NIS-20-3-0-36-NOT-compatible-with-Malwarebytes/m-p/945541#M236556 

I actually did so two days ago.  The admin. from MBAM pointed out after responding to the post pointed out to me (because it was pointed out to him...lol) that it was a two year old scan log.  Needless to say I was embarrased afterwards because definitions change so much that two years ago is a long time.

 

I decided to try again and used the link directly from Rovio, the makers of Angry Birds, and scanned the bejezus out of it throughout the installation process using both Norton 360 and MBAM.

 

Good news to report that at this time everything is okay and life is good.  No nasty thingies in Angry Birds. Big Grin.gif

 

Thanks for the assistance,

-fryer

I had a problem with MalwareBytes deleting some files via quarantine that killed my TiVo Dsektop program. I had to set those files to 'ignore' to keep the installation intact.

 

I. too, get the conflict warning on occasion with NIS 2013 and running MB Pro 1.75.0.1300. Note this is the paid version, not the free one.  I run MB once a week but it is otherwise disabled. There are no warnings when it runs from either Norton or MB. I get the message randomly maybe once every couple days.

 

I'm not going to uninstall it (MB) either until something definitive is clearly stated that there is a serious issue that leaves my PC unprotected.

Honestly, and I say this with the most respect possible to the folks at Norton, Malwarebytes has been a necessary side-car to Norton for me for some time now.  Malwarebytes honestly found things that Norton could not, and it irritates me to no end that I had to even consider anything in addition to what I thought was a complete product in Norton 360.  It most certainly was not a year ago when my entire house (4 computers running 360) got the same nasty Malware that Norton just blinked at and moved on.  It never once detected it, and I was constantly having browsing and redirect issues.  Malwarebytes cleaned it up and removed it completely so effectively, that I had no choice to buy the product also.  Hurts me to say that, but it is true.  I now would have no confidence browsing the web without it.  It has caught so many more things than Norton ever did while browsing.

No single security solution can catch 100% of malware 100% of the time.

Malwarebytes scans for items that Norton does not concentrate on because they are not necessarily dangerous to a user’s system. Usually the only thing it finds on my system is some cookies and a PUP, Possibly Unwanted Program. These are not dangerous, but just annoying. Some people actually do want the functionality offered, such as highlighting text in a browser and offering additional information or buying advise.