Jump to content

Recommended Posts

Just installed MBARW "arw-setup-consumer-0.9.18.807-1.1.278-1.0.14637" on a w10 (1809) where I have MBAE 1.13.1.146 and NAV 22.20.1.69 running.  Any suggestions on what programs to exclude to optimize run-ability and performance?

Share this post


Link to post
Share on other sites

Greetings,

If you can, you might exclude Norton from Malwarebytes Anti-Ransomware and it may also help performance and compatibility to exclude both Malwarebytes applications from Norton though it likely is not a requirement to do so and I don't recall any recent issues being reported with any Norton products offhand.

I hope this helps and if anyone else has firsthand experience with Norton and its compatibility with Malwarebytes please feel free to chime in, however given how frequently we see users running a popular product like Norton on these forums, I would expect to have heard about any current incompatibilities by now, but that's just my take based on my experiences here on the forums.

Please let us know if there is anything else we might assist you with.

Thanks

Share this post


Link to post
Share on other sites

Thanks for that!  I have excluded the folder C:\Program Files\Norton Security for now.  If that's too broad, let me know.  (I use Norton Security "basic", aka NAV, by choice.)

Norton Security "dumps" folders/files all over the place, so in case there are other locations or files, let me know too.

As for the revers issue, excluding MBARW and/or MBAE from Norton, I'll check on that next time I visit Norton's support forum.

Share this post


Link to post
Share on other sites

Nope, that should be just fine :)

The only other folder you might consider excluding would be Norton's primary data folder which is likely located under C:\ProgramData, however it isn't nearly as likely to address potential issues with performance as just excluding the AV's main program folder as you already did.

Share this post


Link to post
Share on other sites

Thanks!  So far it seems they are playing nicely together.  We'll see what the guys at the Symantec forum say.

Different issue, Security Certificates: whereas MBAE has valid certificates, I just noted that MBARW has outdated certificates (both Sha1 and Sha256).  How come? 

Share this post


Link to post
Share on other sites

Hi @CeeBee,

The files are all counter-signed, which proves the validity of the signing signature despite it being expired. This can be seen in any of the file properties (e.g. open mbarw.exe properties -> Digital Signatures -> Open details -> Countersignatures -> Details). What's important is the signing timestamp of the counter signature, which is before the certificate expired.

You can read more about this here:
https://docs.microsoft.com/en-us/windows/win32/seccrypto/time-stamping-authenticode-signatures

Quote

The countersignature method of time stamping implemented below allows for signatures to be verified even after the signing certificate has expired

Share this post


Link to post
Share on other sites
7 minutes ago, LiquidTension said:

The files are all counter-signed, which proves the validity of the signing signature despite it being expired. What's important is the signing timestamp of the counter signature, which is before the certificate expired.

Okay, got it.  For a layman it seems a bit silly to validate a lapsed certificate by a counter signature (instead of updating the certificate).  But, I'm sure there is a reason for it.  Thanks!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.