Author Topic: [FIXED] [VBS: Malware Gen] False positives Vir. def: 170221-1 22.2.2017 0:08:41  (Read 134385 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Is there any word for those of us who have false positives marked for deletion upon reboot but haven't rebooted yet? Is there a way to change the status of those files so they won't be deleted upon reboot?

REDACTED

  • Guest
LOL just deleted all those files comps dead.

REDACTED

  • Guest
Will Avast care to comment about the likely thousands of paying customers computers that now have corrupted Operating Systems and deleted user files caused by this colossal debacle that occurred today? I expect a press release from the CEO of Avast about this matter and how it even managed to occur.

REDACTED

  • Guest
Is there any way to check what files may have been deleted after running a boot-time scan?

Also, even after I restored all the files in the chest, the files seem to still remain there. Although if I click restore twice, it seems to say that it restored it. Does anyone know if those files still appearing in the chest will still work even after restoring it?

REDACTED

  • Guest
Whew, thank god it's not just me. I am also getting VBS: Malware Gen. I've not done a scan yet, however I keep getting alerts for SkyDrive.exe which is developed by Microsoft. Hopefully there is a fix soon :)

Offline Nihojep

  • Newbie
  • *
  • Posts: 12
This was a message I wrote for support, but was referred here, since I am only free avast user.

Hello support.
Even after update I still get 7 instant threat warnings from Chrome upon opening.

I am using a Mac.
This morning my Avast web shield was going nuts over google chrome.
I started a full system scan and it found 500 files with the infection detail VBS:malware-gen. I didn't think twice about it, but I deleted said files, which I now know was a wrong move. Should have left them in quarantine. Because after reading up on this I feel it might be Avasts fault? Something about a bad update flagging normal files as bad?
By deleting those 500 files from my Mac, did I fuck up my Mac now? Is there anyway to get the 500 files back?
Can you recommend a data recovery program/solution?

I am doing a SECOND full system scan now: It is at 80% with 42 infections found. I won't be doing anything with these files until I hear from you.

Anyone know what to do?


EDIT:

I did another update and closed everything down, rebooted my Mac and now Google Chrome seems to have calmed down. No more threats warnings all over the place.

This doesn't change that I have deleted 500 files, that was supposedly just fine now then? I don't know what those files were connected to. (Yes, stupid, I know)
Does anyone know of a way to recover these files? Avast has any tools or does anyone know a good third-party Data Recovery Tool?
« Last Edit: February 22, 2017, 12:31:09 PM by nhjepsen90 »

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 76115
  • Urlaub/Vacation
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Whew, thank god it's not just me. I am also getting VBS: Malware Gen. I've not done a scan yet, however I keep getting alerts for SkyDrive.exe which is developed by Microsoft. Hopefully there is a fix soon :)
See Reply #87.
W8.1 [x64] - Avast PremSec 22.7.7366.BC [UI.713] - Firefox ESR 91.11 [NS/uBO/PB] - Thunderbird 91.11
Avast-Tools: Secure Browser 103.0 - Cleanup 22.2 - SecureLine 5.18 - DriverUpdater 22.2 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

REDACTED

  • Guest
Re: False positives? Or what is it?
« Reply #127 on: February 22, 2017, 12:18:18 PM »
OMG, if i run full scan, thousands of infected items. This is real?

I did full scan but only the file that was detected had an actual virus, on deletion of the file the same file came up on re scan so go figure. So i scanned with other stand alone antivirus software found it told me that the .avps .avpx .ext files about 12 of them of avast was infected. Funny thing about it the files i deleted was still there.   

REDACTED

  • Guest
Anyone know what to do?

I'm hoping there will be a way to back up any files that may have been deleted. Have you tried doing a system restore? I recently did one myself and it seems to be fine for right now, although it does take a few moments for the logos of my .exe files to show up on my screen after restarting. I'm not quite sure myself if a system restore will restore the files deleted or not. I really hope that a factory reset won't be the only option if I happen to come across a file that doesn't work.

REDACTED

  • Guest
Howdy all,

  First, for the record, not trying to defend Avast by any means; in fact, after this whole conundrum, seriously thinking of switching to a different virus-scan.  :o

  Thankfully the update seems to have fixed my issue, which is what brought me to this thread in the first place.  (Thank God, last thing I needed was to have a virus/malware infection!!!)

  However, I will say, for those that are saying they had thousands of files marked as infected due to the false-positive, again, not attempting to defend Avast, I might suggest you may want to peruse further into your system, and there's a few reasons I say that.  :-\

  1. Known viruses are only found once known and the scan knows what to look for, otherwise certain algorithms and patterns are looked for and that tends to get marked.

  2. I have 1.5TB of storage on this system, and only about 150gb or so available, with most of it crammed full with various games from different sources, some videos, several images from random parts of the internet, etc... I ran full scan, AT LEAST five OR MORE different times, and was actually getting annoyed because I kept getting the same false-positive warning, but all five times NOTHING was found.

  3. Only thing marked on my scans was performance issue or whatever, but that's due to having various custom-scripts and other configs running on my rig that typically cause most performance checkers to think I'm running below-spec, when if anything, I'm typically smooth sailing.  (I have years/decades of system/security/network experience so perhaps that gives me a tiny bit of an edge?  *shrugs*)

  4. If hundreds/thousands of files are being marked... better safe than sorry, right?  :-[

System Specs:
MSI VR-Ready Apache-Pro GE72VR 6RF
Intel i7-6700HQ @ 2.6Ghz (3.5-ish with turbo-config)
Win10 (MEH) & Ubuntu Linux 64-bit
16gb RAM (upgrading soon)
nVidia GeForce GTX 1060 /w 6gb vRam
1.5TB storage

 8)



PS - Please excuse my slowness... I'm at a job-site right now that has spotty WiFi at best, and am on my mobile-hotspot which is already at data-cap, thus down-throttled speed, lol.
« Last Edit: February 22, 2017, 12:46:38 PM by ZombieTech »

Offline Nihojep

  • Newbie
  • *
  • Posts: 12
I deleted about 500 files or so... Like I actually pressed delete, not virus chest. I was just scared about what the hell might have happened, so I wanted it all gone... But it seems like it was 500 perfectly good files now? And maybe crucial files for programs?

Any solution advice to getting these files back?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37161
  • Not a avast user
Is there any way to check what files may have been deleted after running a boot-time scan?

Also, even after I restored all the files in the chest, the files seem to still remain there. Although if I click restore twice, it seems to say that it restored it. Does anyone know if those files still appearing in the chest will still work even after restoring it?
after restoring files, copy will remain in chest just in case ... you may delete when all is OK

How to use chest
https://www.avast.com/faq.php?article=AVKB21#artTitle
https://www.avast.com/faq.php?article=AVKB149#artTitle



Offline catrike

  • Jr. Member
  • **
  • Posts: 35
Thanks Avast, I just spent 5 hours restoring files to my archive drive and system files to my operating system and Avast DELETED a bunch I files I can never get again. I still have a lookup.dat file that needs to go back in C:\Windows\winsxs\x86_microsoft-windows-winocr-ocrengines_31bf3856ad364e35_6.1.7600.16385_none_a31b6cff9464aa03 and Windows won't let Avast Virus Chest restore it. I've tried copying it back in manually and Windows won't let me do that either.  >:(

Offline Nihojep

  • Newbie
  • *
  • Posts: 12
and Avast DELETED a bunch I files I can never get again.

Why? Are we screwed, if we deleted? No Data Recovery solution will work or maybe a Avasts own tools or something?

REDACTED

  • Guest
Is there any way to check what files may have been deleted after running a boot-time scan?

Also, even after I restored all the files in the chest, the files seem to still remain there. Although if I click restore twice, it seems to say that it restored it. Does anyone know if those files still appearing in the chest will still work even after restoring it?
after restoring files, copy will remain in chest just in case ... you may delete when all is OK

How to use chest
https://www.avast.com/faq.php?article=AVKB21#artTitle
https://www.avast.com/faq.php?article=AVKB149#artTitle

Thanks for replying.
I'm relieved to know that the System32 in my chest will still work now. Thank goodness I didn't delete those files by mistake.

Do you know if a system restore fully corrects the files that may have been deleted in a boot-time scan? I managed to stop the scan early, but not before it labeled around 1000 files as "infected".