Avast 4.8 says GGSafe.sys are Suspicious File

GGSafe is antivirus protection. The Web is http://www.ggsafe.com. Avast 4.8 says GGSafe.sys are Suspicious File.
The Tip is “A suspicious file has been detected (using a heuristic method). This may be a sign of malware infection.
Please allow the file to be submitted to our virus lab for analysis. Type:hidden services”. The Picture Follow.

http://bbs.ggsafe.com/download/Virus.bmp

I have submitted file. And i hope fix it as soon as possible. Any question email me please.
My Email:haoyuanli@ztgame.com

If GGSafe is another anti-virus, then its act of hiding is the problem.

Having two resident scanners installed is not recommended as rather than provide twice the protection it can cause conflicts that could leave you more vulnerable. So you could be seeing one of the issues of having two resident AVs.

GGSafe isn’t anti-virus, and there isn’t cause conflicts GGSafe and Avast. So, Avast shouldn’t report GGSafe.sys is Suspicious File. I suggest that avast ignore this report.

Malwarebytes’ Anti-Malware (MBAM) reports malware on 222.73.110.194 hxxp://bbs.ggsafe.com
http://hosts-file.net/?s=222.73.110.194&view=matches <== response time slow

WOT doesn’t have any rating for it. If WOT has not yet rated it yet, then I wouldn’t believe the site or the product hosted there.

nmb

I got that impression from a couple of google hits, but it wasn’t easy to find information not in Chinese - Notice I started the comment with ‘If’ as the search wasn’t conclusive.

So if it isn’t an anti-virus, then I would have to ask a) what exactly is it and b) why it is necessary to hide the service; which is what avast is finding ‘suspicious.’ ?

This however isn’t a conclusive detection but a suspicion based on heuristic detection method in the anti-rootkit scan.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page.