Norton vs Malwarebytes - who to trust?

M

mjf

New member
Guru
Gold Member
VIP
Local time
7:35 AM
Messages
5,968
Location
Australia
A recent scan with up todate Malwarebytes gave me Tojan warnings for the unistallers and corresponding registry entries for:
EasyBCD
Handbrake
MakeMKV
malwarebytes threats.png
I've had EasyBCD for a long time. MakeMKV is the most recent downloaded from the makemkv.com.

Norton NIS 2011 says they are clean.

What do you think?????

Would Revo Uninstaller cleanly get rid of them then do a fresh download?
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build
OS
Windows 7x64 Home Premium SP1
CPU
Intel i7 2600k
Motherboard
ASUS P8Z68 Deluxe
Memory
G.Skill Ripjaws (DDR3-1600) 2x4GB
Graphics Card(s)
Nvidia GeForce GTS 450; Intel HD Graphics 3000(GT2+)
Monitor(s) Displays
Dell Ultrasharp IPS panel U2311H, Samsung SyncMaster P2350
Screen Resolution
1920x1080
Hard Drives
Samsung 850 Pro SSD 256GB, Samsung SSD 840 120GB, Seagates 1TB Barracuda ST31000528AS x2
PSU
Seasonic M12II 520W
Case
Lian Li Lancool PC-K60
Cooling
Case: 1x120mm, 3x140mm CPU: Hyper 212+
Keyboard
Logitech MK520 (wireless)
Mouse
Logitech MK520
Internet Speed
6-7 Mbps
Antivirus
Norton Security Premium, Malwarebytes on 2 (MSE on 3rd PC)
Browser
FireFox
Other Info
Audio: Logitech Z523 2.1
Get the same thing. Probably just false positives with MBAM's most recent definitions.

Capture.JPG
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Airbot 2.0
OS
Windows 7 Ultimate x64 SP1
CPU
Core i7 920 (D0) @ 4Ghz, *26c idle *65c full load on air
Motherboard
Asus P6X58D Premium - Sata 6Gb/s - USB 3.0
Memory
12GB DDR3 Corsair Dominator -CMD12GX3M6A1600C8 at 1600MHz
Graphics Card(s)
Zotac Geforce GTX 770
Sound Card
ASUS Xonar D2X
Monitor(s) Displays
1 LG 24" Flatron W2453V-PF 1 Samsung 24" P2450H both 2ms RT
Screen Resolution
1920x1080@60hz
Hard Drives
1 Samsung 250GB 840 Evo SSD
1 OCZ Vertex2 180GB SSD
1 TB Samsung Spinpoint F1 7200RPM 32MB cache
2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

Pioneer DVD Burner DVR-S18M
PSU
Corsair HX1000W
Case
Cooler Master HAF 932
Cooling
Case Fans *3 230mm, *1 140mm/CPU - *Tuniq Tower 120 Extreme
Keyboard
Logitech Wireless MK700
Mouse
Logitech Wireless MK700
Internet Speed
DL 15 Mbps UL 0.98 Mbps
Antivirus
None
Browser
Firefox Nightly
Other Info
Processor-7.7 *RAM- 7.9 *Graphics-7.9 *Gaming Graphics- 7.9 *SSD- 7.8 W.E.I final score= 7.7
*Phone- LG Nexus 5
Gotta concede with Airbot, at a guess, I would say Easy is being picked up by Heuristics, because of the stuff it does. Definitely not a malware though.
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Medion Erazer (note to self: insert model number) - with custom additions
OS
Windows 10 Pro x64
CPU
Intel Core i5 7400 @ 3.00GHz
Motherboard
OEM supllied with PC
Memory
8GB 2133Mhz DDR4 (OEM supplied)
Graphics Card(s)
Gygabyte Windforce GTX 1050Ti (Factory Overclocked)
Sound Card
Realtek
Monitor(s) Displays
Acer Al1980 + HKC
Screen Resolution
1360*768(HKC) / 1280*1024(Acer)
Hard Drives
1TB Toshiba
1TB WD Caviar Green
120GB Samsung Evo 840
PSU
OEM supplied (no power rating on case)
Case
OEM Supplied
Cooling
Stock
Keyboard
Logitech Wireless
Mouse
Logitect Wireless
Internet Speed
40Mb/s Down 10Mb/s Up
Antivirus
Defender
Browser
Firefox

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Airbot 2.0
OS
Windows 7 Ultimate x64 SP1
CPU
Core i7 920 (D0) @ 4Ghz, *26c idle *65c full load on air
Motherboard
Asus P6X58D Premium - Sata 6Gb/s - USB 3.0
Memory
12GB DDR3 Corsair Dominator -CMD12GX3M6A1600C8 at 1600MHz
Graphics Card(s)
Zotac Geforce GTX 770
Sound Card
ASUS Xonar D2X
Monitor(s) Displays
1 LG 24" Flatron W2453V-PF 1 Samsung 24" P2450H both 2ms RT
Screen Resolution
1920x1080@60hz
Hard Drives
1 Samsung 250GB 840 Evo SSD
1 OCZ Vertex2 180GB SSD
1 TB Samsung Spinpoint F1 7200RPM 32MB cache
2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

Pioneer DVD Burner DVR-S18M
PSU
Corsair HX1000W
Case
Cooler Master HAF 932
Cooling
Case Fans *3 230mm, *1 140mm/CPU - *Tuniq Tower 120 Extreme
Keyboard
Logitech Wireless MK700
Mouse
Logitech Wireless MK700
Internet Speed
DL 15 Mbps UL 0.98 Mbps
Antivirus
None
Browser
Firefox Nightly
Other Info
Processor-7.7 *RAM- 7.9 *Graphics-7.9 *Gaming Graphics- 7.9 *SSD- 7.8 W.E.I final score= 7.7
*Phone- LG Nexus 5
Thanks
I think they are all false positives. Well known programs from the developers sites.
First time MalwareBytes has ever come up with anything for me.

But if the threat was real. I wonder what the best approach would be. I would manually delete the uninstall.exe and hope Revo Uninstaller would remove the rest.
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build
OS
Windows 7x64 Home Premium SP1
CPU
Intel i7 2600k
Motherboard
ASUS P8Z68 Deluxe
Memory
G.Skill Ripjaws (DDR3-1600) 2x4GB
Graphics Card(s)
Nvidia GeForce GTS 450; Intel HD Graphics 3000(GT2+)
Monitor(s) Displays
Dell Ultrasharp IPS panel U2311H, Samsung SyncMaster P2350
Screen Resolution
1920x1080
Hard Drives
Samsung 850 Pro SSD 256GB, Samsung SSD 840 120GB, Seagates 1TB Barracuda ST31000528AS x2
PSU
Seasonic M12II 520W
Case
Lian Li Lancool PC-K60
Cooling
Case: 1x120mm, 3x140mm CPU: Hyper 212+
Keyboard
Logitech MK520 (wireless)
Mouse
Logitech MK520
Internet Speed
6-7 Mbps
Antivirus
Norton Security Premium, Malwarebytes on 2 (MSE on 3rd PC)
Browser
FireFox
Other Info
Audio: Logitech Z523 2.1
Hi,

Agree - sounds like an FP to me. My own approach would be to cross-check it with ESET online, or depending on the file size, upload the files to Jotti.

Regards,
Golden
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
More and more anti-malware vendors' products are labelling so-called "hackware" as "malicious exploits", because they could do "evil" things in the hands of a malefactor.

Thus "Keyview" is deemed a hacktool, but Belarc Advisor or SIW is not, even though they all decode and show the product keys for various installed licensed products from Microsoft and other vendors.

It is Microsoft's policy to label products which are potentially counteractive to Microsoft's licensing practices as "malicious", and because it is generally a Microsoft piracy problem, the anti-malware vendors follow Microsoft's lead, feeding on the crumbs left on and under the giant's table, as it were.
 

My Computer My Computer

Computer Manufacturer/Model Number
Acer 7520, Packard Bell dot se, Acer travelmate 2423
OS
Win 7 Ult + Starter, XP Pro +Home, 2kAS, Linux Mint 8, SuperOS
CPU
AMD 64 Athlon X2 , Intel Atom N450, Intel Celeron M 1.50 Ghz
Motherboard
Acer Fuquene
Memory
2.5GB ; 1GB; 2GB
Graphics Card(s)
Nvidia GeForce7000m; Intel; Intel
Sound Card
Realtek AC57
Monitor(s) Displays
17" ;10.1"; 19"
Screen Resolution
1440x900;1024x600;1440x900;
Hard Drives
WD 80, WD 320;
PSU
19v
Case
Laptop
Cooling
Air
Internet Speed
9.7Mb/s down 0.99Mb/s up
Other Info
ISP VIRGINMEDIA 10M cable broadband - D-Link DIR615 wireless router, 3Com OfficeConnect ASDL router used as wireless extender switch
mjf said:
A recent scan with up todate Malwarebytes gave me Tojan warnings for the unistallers and corresponding registry entries for:
EasyBCD
Handbrake
MakeMKV

I've had EasyBCD for a long time. MakeMKV is the most recent downloaded from the makemkv.com.

Norton NIS 2011 says they are clean.

What do you think?????

Would Revo Uninstaller cleanly get rid of them then do a fresh download?
Click to expand...


These are fixed in the latest definitions.

False positives.
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Airbot 2.0
OS
Windows 7 Ultimate x64 SP1
CPU
Core i7 920 (D0) @ 4Ghz, *26c idle *65c full load on air
Motherboard
Asus P6X58D Premium - Sata 6Gb/s - USB 3.0
Memory
12GB DDR3 Corsair Dominator -CMD12GX3M6A1600C8 at 1600MHz
Graphics Card(s)
Zotac Geforce GTX 770
Sound Card
ASUS Xonar D2X
Monitor(s) Displays
1 LG 24" Flatron W2453V-PF 1 Samsung 24" P2450H both 2ms RT
Screen Resolution
1920x1080@60hz
Hard Drives
1 Samsung 250GB 840 Evo SSD
1 OCZ Vertex2 180GB SSD
1 TB Samsung Spinpoint F1 7200RPM 32MB cache
2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

Pioneer DVD Burner DVR-S18M
PSU
Corsair HX1000W
Case
Cooler Master HAF 932
Cooling
Case Fans *3 230mm, *1 140mm/CPU - *Tuniq Tower 120 Extreme
Keyboard
Logitech Wireless MK700
Mouse
Logitech Wireless MK700
Internet Speed
DL 15 Mbps UL 0.98 Mbps
Antivirus
None
Browser
Firefox Nightly
Other Info
Processor-7.7 *RAM- 7.9 *Graphics-7.9 *Gaming Graphics- 7.9 *SSD- 7.8 W.E.I final score= 7.7
*Phone- LG Nexus 5
false positives. sometimes, MBAM flags some hack tools as "don't steal our software" malware.
 

My Computer My Computer

Computer Manufacturer/Model Number
Acer
OS
Windows 7 Ultimate x32
Memory
2Gb
Graphics Card(s)
X300
You must log in or register to reply here.

Similar threads

Need help getting SD cards to work under Win7 & Win Server 2008 R2
Replies
5
Views
8K
bobfwilliams
B
Back
Top