Jump to content

Recommended Posts

I installed a Chinese security software, named 360Safe, or 360???? in my computer for a few months.

The software works like a charm and protects my computer all the time without slowing down the computer.

However, when I tried to use Malwarebytes' Anti-Malware v1.6 to scan my Windows 7 Ultimate computer with 360Safe installed, it detects trojan (MyWebSearch). I cleaned it.

But, what happens is that 360Safe flags Malwarebytes' Anti-Malware v1.6's tidexic.sys as a trojan!

See below:

360safembamdetect.png

Translation:

360 Trojan Firewall notifies you - Trojan

Detected Trojan, recommends you to remove it

Trojan tries to use other application to attack the system, but successfully blocked by 360Safe.

Trojan: Trojan.Generic

Directory: C:\Windows\System32\drivers\tidexic.sys

Process: mbam.exe

(Prompt button) Remove (Recommended) | Temporary not to Handle

=============================

Is tidexic.sys really a Trojan?

If so, is it safe to remove it?

Link to post
Share on other sites

Hello and :(

First off follow the instructions below, then run another scan and let us know if you still get this detection....

Please exclude the following files from your antivirus:

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude them from it as well

For Windows Vista or Windows 7:

  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll
  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
  • C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\System32\drivers\mbamswissarmy.sys

For 64 bit versions of Windows Vista or Windows 7:

  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\zlib.dll
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
  • C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\SysWoW64\drivers\mbamswissarmy.sys

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude MBAM.EXE from it as well

Note: Once that's done, please make sure that if either of those programs has any sort of web filter, that you add the following as a trusted site:

data-cdn.mbamupdates.com

The FAQ contains examples of setting file exclusions for some known AV products

Please post back and let us know how it went.

Link to post
Share on other sites

Thank you Firefox for your advice.

I have already excluded all the files you mentioned behing the 360Safe Firewall as well as Windows Firewall as well.

I scanned C:\Windows\System32 with 360SD (360 Anti-Virus) and it flagged tidexic.sys as Suspicious file (Trojan.Generic) . It automatically deleted the .sys file.

deletedthreats.png

Translation:

(Starting with the green check) All threats have been processed!

Total scan: 1 Threats founded: 1 Cloud scan detected threats: 1 Untreated file:0

C:\Windows\System32\drivers\tidexic.sys | Suspicious file (Trojan.Generic) | Deleted the file

I scared it may affect system performance and stability as well as the function of Malwarebytes' Anti-Malware.

Is it OK if the antivirus deleted the system file?

Link to post
Share on other sites

As we do not work on Malware removal or diagnostics in the general forums please follow these directions -

Please print out, read and follow What do I do now? , skipping any steps you are unable to complete.

The next step is post a New Topic Here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that

you're alerted when someone has replied to your post - Please allow at least 48 hours for a reply as the experts can get busy at times -

Also add a brief note to the experts as to your problems -

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or via This Link

Always use the ADD REPLY Tab at the bottom of the page when you reply -

Thank You - :(

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.