Mbam/Avast conflict?

Recommended Posts

I ran an Mbam scan after downloading the latest update and just after the scan was complete I got a warning from Avast telling me that a suspicious file had been detected (using a heuristic method). The file in question was C:\Windows\system32\drivers\mbamswissarmy.sys (hidden services) which as far as I can gather is an integral component of the real time version of Mbam. I've had Mbam and Avast 4.8 functioning in harmony for quite a while now and this is the first time this detection has happened. Is this due to some new process being added to Mbam, and am I right in thinking that I should just tell Avast to ignore all such detections in future?

Share on other sites

Sometime AV software has problems with some of the files that are used by Malwarebytes, so its a good idea to exclude the files used by malwarebytes on your antivirus software as listed below:

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude them from it as well

For Windows XP:

• C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
• C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
• C:\Windows\System32\drivers\mbam.sys
• C:\Windows\System32\drivers\mbamswissarmy.sys

For 32 bit versions Windows Vista or Windows 7:

• C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
• C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
• C:\Windows\System32\drivers\mbam.sys
• C:\Windows\System32\drivers\mbamswissarmy.sys

For 64 bit versions of Windows Vista or Windows 7:

• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
• C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
• C:\Windows\System32\drivers\mbam.sys
• C:\Windows\SysWoW64\drivers\mbamswissarmy.sys

Please post back and let us know how it went.

Share on other sites

Thanks, that seems to have done the trick. As I say, Avast has never had a problem with Mbam before on my computer, but I guess that both programs are constantly changing in terms of what's picked up as a threat and what isn't.

Share on other sites

Yes I think Avast has made some changes....

I just do it on my AV even if I am not having issues, this insures that they will NOT conflict with each other.

Share on other sites

Yes I think Avast has made some changes....

I just do it on my AV even if I am not having issues, this insures that they will NOT conflict with each other.

However I suggest the OP reports it as a false positive so AVAST removes it from their database.

Share on other sites

[quote name='Fran

Share on other sites

I am guessing that you were given two options - 'Delete' or 'Ignore'?

IIRC the swissarmy driver is a hidden service (or something to that effect) and is part of the scanning engine of MBAM.

Because of this, it can cause avast! (and, I presume others) to alert because of it's actions.

That said, I have not had this alert with avast! 4.8 or 5.x

Create an account

Register a new account

×

• Back
• Learn