Suspicious File Found!

[Misuzu]

I was just messing around on my computer and Avast popped up and said a "Suspicious File was Found". It said "A suspicious file has been detracted (Using a heuristic method). This may be a sign of malware infection. Please allow the file to be summited to our virus lab for analysis."

File name: C:/Windows/System32/drivers/mbamswissarmy.sys
Type: Hidden services

The only things I can do is "Delete now" or "Ignore". It said the recommended action is to ignore.

What should I do? How can I be sure if this is malware?

My computer has been disconnected from the internet for a while now, so I don't know how I would have got malware. I had a backdoor malware before though, so could a hacker keep giving me viruses/malware despite me supposedly getting rid of it with OneCare's Safety Scanner?

Please help

[Cahya Legawa]

Please try to submit to virustotal.com the suspicious file.

It is that a mbam .sys file?

[pinnacle]

HELLO Misuzu , mbamswissarmy.sys is a driver for MBAM just add it to the exceptions so it doesn't get scanned. In addition to adding exclusions for that file to your anti-virus software, you may want to turn off your anti-virus software, reinstall Malwarebytes' Anti-Malware, and then turn your anti-virus back on.

[Misuzu]

Please try to submit to virustotal.com the suspicious file.

It is that a mbam .sys file?

How can I tell if it's a MBAM file?

Well.. Nevermind, I'll go search through my files and look for it.
Thanks for the fast reply!

Oh, pinnacle I see your post. So basically Avast just got confused with MBAM's files? How do I add it to the exceptions?

[Cahya Legawa]

Please try to submit to virustotal.com the suspicious file.

It is that a mbam .sys file?

I use MBAM, it should be not in any conflict with avast (I use free MBAM with Pro Avast). Try Pinnacle suggestion, and let us look how the result.

How can I tell if it's a MBAM file?

Well.. Nevermind, I'll go search through my files and look for it.
Thanks for the fast reply!

Oh, pinnacle I see your post. So basically Avast just got confused with MBAM's files? How do I add it to the exceptions?

[Misuzu]

I found the file and it did say it was a MBAM file. I scanned it with both MBAM and Avast and for some reason, Avast never comes up with a result for the scan when I decide to scan a certain file, but obviously MBAM said it was clean.

Ok, so what Pinnacle said was to basically uninstall MBAM and then re-install it?
Sorry, I'm not the best computer user in the world.

I still have the "Suspicious File Found!" pop-up on my screen. It's kind of annoying, so should I just click "Ignore"?

[pinnacle]

mbamswissarmy.sys is a driver for MBAM just add it to the exceptions so it doesn't get scanned. OKAY OPEN UP AVAST now go to scan clic on settings on left you will see exclusions place that file C:/Windows/System32/drivers/mbamswissarmy.sys then clic add, now In addition to adding exclusions for that file to your anti-virus software, you may want to turn off your anti-virus software, reinstall Malwarebytes' Anti-Malware, and then turn your anti-virus back on. yes do exactly that  unistall mbam then turn off avast now reinstall mbam then turn avast back on. good nite i'm beat

[Misuzu]

This may be a dumb question, but how do you turn Avast off?

By re-installing MBAM, does that mean I need to download it from MBAM's website again after I uninstall it?

Whatever I have to do, I'll do. After I do that, what kind of results am I supposed to post here? What happened or am I supposed to scan something?

Also, I should just ignore Avast's pop-up about a "Suspicious File" right?
Thanks.

EDIT: Ah, I see you went to sleep. Good night.  
EDIT 2: My computer has been going slower than usual lately, would this file be the cause of it? Of course, you did say it was just a MBAM file and I'm pretty sure it is as well. But Cahya did say that Avast and MBAM has never conflicted for him.

EDIT 3: Ok, I'm tired too so I'm going to just ignore the said "Suspicious File", is that ok? I'm going to do a Avast and MBAM scan and then go to bed.

[Misuzu]

Sorry for the double post.

Avast said I had a virus
After I clicked to "ignore" the file, Avast came up and said that I had a virus and asked me to do a boot scan before the virus could take effect. So I clicked "Ok". It's doing the boot scan on my computer right now (I'm on another one). How could I have got a virus if I've only went on the internet to update MBAM... Of course I did go on the internet to play a MMORPG with a friend.

Would disconnecting completely from my network prevent me from getting malware? Because I've did that and it looks like I'm still getting viruses.
After Avast does it's boot scan, what should I do? If I get rid of the virus, how can I be sure it won't come back or I won't get another one? I thought disconnecting from my network/internet would keep my computer safe... Why would this happen? I haven't had one virus ever before, but now just recently in the past 2 months I've had a lot of viruses. I haven't did anything different... WHY am I getting viruses now? My friend says it's unnatural to get so many viruses "when I'm so safe on my computer" and that she thinks Avast is just detecting MBAM's file. Though she doesn't believe that I ever really got a virus/malware... Ever... But Avast did say I had a virus...

EDIT: I added the supposed "Suspicious file" to Avast's exclusions. So will Avast's boot scan not detect the file? Because Avast did say I had a virus after I chose to ignore MBAM's file. Could the the "Suspicious File" be actually a virus? If I don't include it in Avast's scans.. Then it could activate later on? Should I take it out of Avast's exclusions then scan again?
Please help! I am very confused. Could a hacker possibily (Sorry if I spelled this wrong, I'm tired) be hacking my computer? I did have a Backdoor and Alureon (Sp?) malware before, but I supposedly got rid of it.

Alright, I'm just going to stop worrying. Or I'm going to try to. :/

[CharleyO]

***

So, is a different file being listed as a "Suspicious file" by avast now?

And if this is true, what is the name and location of the file?


***

[Misuzu]

***

So, is a different file being listed as a "Suspicious file" by avast now?

And if this is true, what is the name and location of the file?


***

Weirdly, after the boot scan it said that there was no infected files.. Could that MBAM file be what Avast thinks/is infected? Because it asked me to do a boot scan because of the "virus", but it came up with no infected files. Is this maybe because I added the MBAM file to Avast's exclusions? If it really is a MBAM file, I really doubt that it's infected at all...

[pinnacle]

yes it really is a mbam file it is a driver file i researched it for you to reply initially to your post.  relax you are making more of this then need be, the detection is what is known as a false positive this can happen from time to time. good you added the file to exclusions, rest assure you are not alone with this particular instance concerning this, and MBAM most likely has fixed or will put a fix in for this issue.

[spg SCOTT]

yes it really is a mbam file it is a driver file i researched it for you to reply initially to your post.  relax you are making more of this then need be, the detection is what is known as a false positive this can happen from time to time. good you added the file to exclusions, rest assure you are not alone with this particular instance concerning this, and MBAM most likely has fixed or will put a fix in for this issue.

Hi pinnacle,

Absolutely nothing wrong with your post, but I like to add a source link or two just to prove what I am saying...helps the user to understand what it is.

http://www.systemlookup.com/Drivers/75-mbamswissarmy_sys.html
http://www.malwarebytes.org/forums/index.php?showtopic=32785
http://www.malwarebytes.org/forums/index.php?showtopic=8152

@Misuzu

From what I have read, I think that mbamswissarmy.sys is part of the scanning engine of MBAM and I think it is hidden (well it would be given avast! has detected it for you...)

The MBAM files actually have a hard time with some AVs and have to be added to exclusions...this is odd that you are seeing it, as there are many people here using MBAM (and the pro version which would have this file running when avast! does the antirootkit scan)

-Scott-

[pinnacle]

thanks scott, its sometimes hard to explain a false positive.

[Misuzu]

Ah, I see. That makes sense. I'm glad it wasn't malware.
Thanks for all you guys' help.