Author Topic: [FIXED] [VBS: Malware Gen] False positives Vir. def: 170221-1 22.2.2017 0:08:41  (Read 94980 times)

0 Members and 1 Guest are viewing this topic.

Offline GrahamJ

  • Newbie
  • *
  • Posts: 1
What an absolute mess!  Change control processes were described by IBM in the 1970's. Perhaps you guys at avast need to go back in time and learn some basic disciplines. And better you treat your customers with a considerable amount of greater respect rather than making inane comments about back-ups. 

Offline Caso

  • Newbie
  • *
  • Posts: 9
Re: [VBS: Malware Gen] False positives Vir. def: 170221-1 22.2.2017 0:08:41
« Reply #121 on: February 22, 2017, 11:08:09 AM »
Well, there is a very good reason why someone came up with the idea to backup things a long time ago. ;)

And it is not just for cases like this.
Hard-drive can fail, house (and system) can burn down, you can make a mistake and delete files etc.

One could try Photorec and see if the files can be recovered if there is no backup.

I tried to do a system restore. It failed due to a registry error. Not sure if due to the thousands of files avast deleted or not.

AVAST sucks when it comes to system restores. Last time i had to uninstall Avast and then restore. You may want to try that.

Offline zombparadox

  • Newbie
  • *
  • Posts: 2
I have updated Avast, rebooted, and no longer have the problem!  Avast with Chrome on Win 10...

the problem only just appeared today (after a laptop shutdown and reboot) but is fixed now.

What WAS the problem exactly?

Offline _George_

  • Avast Sales Specialist
  • Avast Reseller
  • Massive Poster
  • *
  • Posts: 3201
  • Дистрибьютор Avast и AVG
    • www.belrus.net
I have updated Avast, rebooted, and no longer have the problem!  Avast with Chrome on Win 10...

the problem only just appeared today (after a laptop shutdown and reboot) but is fixed now.

What WAS the problem exactly?
False positive
www.belrus.net - Avast Distributor & AVG Distributor in Russia and CIS. Бесплатный телефон для пользователей платных версий: +7-800-707-708-7

Offline Jericho Victor

  • Newbie
  • *
  • Posts: 6
Good idea, this will become good feelings!

No more false positives don't you?

Offline jlwmiddleton

  • Newbie
  • *
  • Posts: 2
Is there any word for those of us who have false positives marked for deletion upon reboot but haven't rebooted yet? Is there a way to change the status of those files so they won't be deleted upon reboot?

Offline N3va B4

  • Newbie
  • *
  • Posts: 19
LOL just deleted all those files comps dead.

Offline Matt Hsv

  • Newbie
  • *
  • Posts: 2
Will Avast care to comment about the likely thousands of paying customers computers that now have corrupted Operating Systems and deleted user files caused by this colossal debacle that occurred today? I expect a press release from the CEO of Avast about this matter and how it even managed to occur.

Offline Samsonite64

  • Newbie
  • *
  • Posts: 6
Is there any way to check what files may have been deleted after running a boot-time scan?

Also, even after I restored all the files in the chest, the files seem to still remain there. Although if I click restore twice, it seems to say that it restored it. Does anyone know if those files still appearing in the chest will still work even after restoring it?

Offline Bacon

  • Newbie
  • *
  • Posts: 5
Whew, thank god it's not just me. I am also getting VBS: Malware Gen. I've not done a scan yet, however I keep getting alerts for SkyDrive.exe which is developed by Microsoft. Hopefully there is a fix soon :)

Offline Nihojep

  • Newbie
  • *
  • Posts: 12
This was a message I wrote for support, but was referred here, since I am only free avast user.

Hello support.
Even after update I still get 7 instant threat warnings from Chrome upon opening.

I am using a Mac.
This morning my Avast web shield was going nuts over google chrome.
I started a full system scan and it found 500 files with the infection detail VBS:malware-gen. I didn't think twice about it, but I deleted said files, which I now know was a wrong move. Should have left them in quarantine. Because after reading up on this I feel it might be Avasts fault? Something about a bad update flagging normal files as bad?
By deleting those 500 files from my Mac, did I fuck up my Mac now? Is there anyway to get the 500 files back?
Can you recommend a data recovery program/solution?

I am doing a SECOND full system scan now: It is at 80% with 42 infections found. I won't be doing anything with these files until I hear from you.

Anyone know what to do?


EDIT:

I did another update and closed everything down, rebooted my Mac and now Google Chrome seems to have calmed down. No more threats warnings all over the place.

This doesn't change that I have deleted 500 files, that was supposedly just fine now then? I don't know what those files were connected to. (Yes, stupid, I know)
Does anyone know of a way to recover these files? Avast has any tools or does anyone know a good third-party Data Recovery Tool?
« Last Edit: February 22, 2017, 12:31:09 PM by nhjepsen90 »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 65372
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Whew, thank god it's not just me. I am also getting VBS: Malware Gen. I've not done a scan yet, however I keep getting alerts for SkyDrive.exe which is developed by Microsoft. Hopefully there is a fix soon :)
See Reply #87.
Win 8.1 [x64] - Avast PremSec 20.5.2415.BUC [UI.532] - CC 5.68 - EEK - FF ESR 68.10 [NS/AOS/uBO/PB] - TB 68.10 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline N3va B4

  • Newbie
  • *
  • Posts: 19
Re: False positives? Or what is it?
« Reply #132 on: February 22, 2017, 12:18:18 PM »
OMG, if i run full scan, thousands of infected items. This is real?

I did full scan but only the file that was detected had an actual virus, on deletion of the file the same file came up on re scan so go figure. So i scanned with other stand alone antivirus software found it told me that the .avps .avpx .ext files about 12 of them of avast was infected. Funny thing about it the files i deleted was still there.   

Offline Samsonite64

  • Newbie
  • *
  • Posts: 6
Anyone know what to do?

I'm hoping there will be a way to back up any files that may have been deleted. Have you tried doing a system restore? I recently did one myself and it seems to be fine for right now, although it does take a few moments for the logos of my .exe files to show up on my screen after restarting. I'm not quite sure myself if a system restore will restore the files deleted or not. I really hope that a factory reset won't be the only option if I happen to come across a file that doesn't work.

Offline ZombieTech

  • Newbie
  • *
  • Posts: 3
  • BitDefender FTW! 8^)
Howdy all,

  First, for the record, not trying to defend Avast by any means; in fact, after this whole conundrum, seriously thinking of switching to a different virus-scan.  :o

  Thankfully the update seems to have fixed my issue, which is what brought me to this thread in the first place.  (Thank God, last thing I needed was to have a virus/malware infection!!!)

  However, I will say, for those that are saying they had thousands of files marked as infected due to the false-positive, again, not attempting to defend Avast, I might suggest you may want to peruse further into your system, and there's a few reasons I say that.  :-\

  1. Known viruses are only found once known and the scan knows what to look for, otherwise certain algorithms and patterns are looked for and that tends to get marked.

  2. I have 1.5TB of storage on this system, and only about 150gb or so available, with most of it crammed full with various games from different sources, some videos, several images from random parts of the internet, etc... I ran full scan, AT LEAST five OR MORE different times, and was actually getting annoyed because I kept getting the same false-positive warning, but all five times NOTHING was found.

  3. Only thing marked on my scans was performance issue or whatever, but that's due to having various custom-scripts and other configs running on my rig that typically cause most performance checkers to think I'm running below-spec, when if anything, I'm typically smooth sailing.  (I have years/decades of system/security/network experience so perhaps that gives me a tiny bit of an edge?  *shrugs*)

  4. If hundreds/thousands of files are being marked... better safe than sorry, right?  :-[

System Specs:
MSI VR-Ready Apache-Pro GE72VR 6RF
Intel i7-6700HQ @ 2.6Ghz (3.5-ish with turbo-config)
Win10 (MEH) & Ubuntu Linux 64-bit
16gb RAM (upgrading soon)
nVidia GeForce GTX 1060 /w 6gb vRam
1.5TB storage

 8)



PS - Please excuse my slowness... I'm at a job-site right now that has spotty WiFi at best, and am on my mobile-hotspot which is already at data-cap, thus down-throttled speed, lol.
« Last Edit: February 22, 2017, 12:46:38 PM by ZombieTech »