Jump to content

Recommended Posts

I ran an Mbam scan after downloading the latest update and just after the scan was complete I got a warning from Avast telling me that a suspicious file had been detected (using a heuristic method). The file in question was C:\Windows\system32\drivers\mbamswissarmy.sys (hidden services) which as far as I can gather is an integral component of the real time version of Mbam. I've had Mbam and Avast 4.8 functioning in harmony for quite a while now and this is the first time this detection has happened. Is this due to some new process being added to Mbam, and am I right in thinking that I should just tell Avast to ignore all such detections in future?

Link to post
Share on other sites

Sometime AV software has problems with some of the files that are used by Malwarebytes, so its a good idea to exclude the files used by malwarebytes on your antivirus software as listed below:

Please exclude the following files from your antivirus:

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude them from it as well

For Windows XP:

  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\System32\drivers\mbamswissarmy.sys

For 32 bit versions Windows Vista or Windows 7:

  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\System32\drivers\mbamswissarmy.sys

For 64 bit versions of Windows Vista or Windows 7:

  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\SysWoW64\drivers\mbamswissarmy.sys

Please post back and let us know how it went.

Link to post
Share on other sites

Yes I think Avast has made some changes....

I just do it on my AV even if I am not having issues, this insures that they will NOT conflict with each other.

However I suggest the OP reports it as a false positive so AVAST removes it from their database.

Link to post
Share on other sites

I am guessing that you were given two options - 'Delete' or 'Ignore'?

There was a thread about this somewhere on the avast! forum, I'll try and find it.

IIRC the swissarmy driver is a hidden service (or something to that effect) and is part of the scanning engine of MBAM.

Because of this, it can cause avast! (and, I presume others) to alert because of it's actions.

That said, I have not had this alert with avast! 4.8 or 5.x

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.