avast! false positive

[iRonzel]

avast! has been detected a file of Malwarebytes as suspicious rootkit activity. This is related with the virus database or with anti-rootkit modula?

The capture(first image) is the avast! warning message and the second one is the error message from Malwarebytes(when trying to execute it).

[iRonzel]

This happened when I ran a scan with MBAM, however, this was a waste of time and incompatibility. First, the results were clean system. MBAM isn't necesary, now removing it.

[Nesivos]

It could be a code integrity issue.  Even though the post in the first quote is over a year old there could be a code integrity problem with your copy.   On the other hand the file may just be corrupted in a way that leads Avast to ID it.

AIS 6.0 has not identified it on my computer as a problem.

On this Desktop that I am typed this on there is one copy of mbamswissarmy.sys and it is located in c:\windows\SysWOW64\drivers.

Size is 38,224 bytes
Size on disk is 40,960

Created: 12/4/10
Modified: 12/20/10
Accessed: 12/22/10

Signature: Malwarebytes Corporation
File version: 1.50.1.0
original filename: mbamswissarmy.sys

I am getting this multiple times in my events:

Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\mbamswissarmy.sys

Scandisk shows no errors on the drive and neither does the factory Diagnostic disk.

http://forums.malwarebytes.org/index.php?showtopic=6931

Code integrity is a measurement used in software testing. It measures the how high is the source code's quality when it is passed on to the QA, and is affected by how extensively the code was unit tested and integration tested. Code integrity is a combination of code coverage and software quality, and is usually achieved by unit testing your code to reach high code coverage.

With code integrity, the developer can be sure that his code is written correctly when passed on to QA. This is, in fact, the expected quality level of the code. Code integrity helps companies release better products, with fewer bugs, in a shorter time.

https://secure.wikimedia.org/wikipedia/en/wiki/Code_integrity

[CraigB]

You can add that detected file to the exclusions list in settings and file system shield exclusions as well as it's a trusted malwarebytes driver, it doesn't seem to bother win 7 but i think SafeSurf mentioned it was poping up on vista lately.

[yongsua]

This happened when I ran a scan with MBAM, however, this was a waste of time and incompatibility. First, the results were clean system. MBAM isn't necesary, now removing it.

You meant MBAM isn't necessary?How can you said that?MBAM is damn good to detects zero day threats and MBAM scored extremely good results in  MRG organization.

[iRonzel]

This happened when I ran a scan with MBAM, however, this was a waste of time and incompatibility. First, the results were clean system. MBAM isn't necesary, now removing it.

You meant MBAM isn't necessary?How can you said that?MBAM is damn good to detects zero day threats and MBAM scored extremely good results in  MRG organization.

Yes, isn't necessary if you have a security software installed in your computer. In this case I have avast! Free 6.0, so MBAM is not necessary in this case. Or choose MBAM, without avast!, or whatever other security product(in realtime protection).

As you can see, I don't believe in multi-layered protection software. Only one AV, one antispyware, one Firewall, one.....Or better, an All-in-one security. In this case; AVAST or Comodo Internet Security. That's all. Simply, that's what I've learned.