# Malwarebytes, AVG ID Protection Question

## Recommended Posts

Hi,

I installed MWB Anti-Malware a year or so ago, and also have the latest, up-to-date version of AVG Internet Security on my computer. The other day, I downloaded a zipped mod for a game, and scanned it with both MWB and AVG. A few minutes later, AVG Identity Protection gives me a message telling me that it has noticed a potentially harmful file- mbamswissarmy.sys, which is located in c:\windows\system32\drivers.

So I did a search for mbamswissarmy.sys on the net, and it seems like it's just AVG detecting part of MWB as a false positive, from what I've read. However, I'm curious about why the Identity Protection would flag the file as a problem shortly after I downloaded and scanned the zipped mod. In the past, I've run scans with MWB loads of times, and AVG's Identity Protection has barely ever given me warnings before. It only did so once previously. This happened when I downloaded a game editor called Quark, and a mini-python installer package with it. A few minutes after I scanned these items with AVG/ MWB, AVG Identity Protection also warned me about mbamswissarmy.sys.

So does this seem like normal behaviour? Or is it possible there might be some kind of malware in the zipped mod/ Quark & mini-python installer? i.e. something that could be interfering with mbamswissarmy.sys? Otherwise, why would AVG Identity Protection only warn me about it just after I've scanned these files? Why wouldn't it alert me about it after scans of other files, too?

The version of Quark I installed was 6.3, and I also downloaded the mini python installer from the bottom of that page. Unfortunately you need to log in to fileplanet to get either of them. I would give out the url to the mod, but it's currently in testing and the maker doesn't want it distributed yet.

Thanks for the help.

##### Share on other sites

I thought I should also mention that Malwarebytes Anti-Malware is up to date, because I forgot to in the original post. Cheers.

##### Share on other sites

Hello springer_1988,

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude them from it as well

For Windows XP:

• C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
• C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll
• C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
• C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
• C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
• C:\Windows\System32\drivers\mbam.sys
• C:\Windows\System32\drivers\mbamswissarmy.sys

For Windows Vista or Windows 7:

• C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
• C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll
• C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
• C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
• C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
• C:\Windows\System32\drivers\mbam.sys
• C:\Windows\System32\drivers\mbamswissarmy.sys

For 64 bit versions of Windows Vista or Windows 7:

• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\zlib.dll
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
• C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
• C:\Windows\System32\drivers\mbam.sys
• C:\Windows\SysWoW64\drivers\mbamswissarmy.sys

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude MBAM.EXE from it as well

Note: Once that's done, please make sure that if either of those programs has any sort of web filter, that you add the following as a trusted site:

`data-cdn.mbamupdates.com`

The FAQ contains examples of setting file exclusions for some known AV products. It is worthwhile for you to read Section H of the FAQ as it is about AVG.

Please post back if you have any further problems. If the problem still exists after adding the exclusion list to AVG (and maybe firewall), please tell which operating system are you using.

Thank You

##### Share on other sites

Hello

Might I also add that it is good practice to temporarily disable your AVG whilst installing Malwarebytes

My AV also pops up with a "suspicious driver" alert when I install Mbam if I forget to temporarily disable it. It's just due to the nature of the drivers. Malwarebytes is obviously not malicious

## Create an account

Register a new account

×

• Back
• Learn