[FIXED] [VBS: Malware Gen] False positives Vir. def: 170221-1 22.2.2017 0:08:41

[REDACTED]

I panicked, scheduled a boot scan and now Windows is broken even though I stopped it part way through because it was deleting files all over the place!   Great!

[REDACTED]

FIXED: VPS 170222-0 is already out and fixes this false positive. Moroni


I just updated and it caught this "Virus".  what do we do about it? thought you posted in RED it is fixed with latest update?




UPDATE: This False Positive detection should be fixed very soon with a new vps update. Moroni



Today i had 2 virus alerts from safe sites. One was xchat.cz and second on google.cz What happens? Cant belive this is real virus. Thanks

UPDATE: Not only those sites! Also if i run FULL SCAN, thousands of files are detected as virus! Can u imagine what happen if some user delete those files and no more boot up PC? This is unacceptable! Thank you avast. This is not first time i see that huge mistake in your products.

UPDATE 2: Thanks for fix, everything is ok now.

[Herve@Aequalis]

the message pops up every 10 minutes, clock work...

[REDACTED]

Got this too when I did a full system scan. 160+ files detected, which surprised me a lot but I got really suspicious, mostly because the most files I had that got infected by actual viruses were way less than that. Luckily I came across this thread before doing anything drastic but I'm not really sure what to do next at this point.

I haven't done a reboot after scanning nor have I moved any of the detected files to the chest, I haven't commanded any action for fear I might mess something up. Still, are those files still at risk of getting deleted if I just left them there and do another scan after updating the vps? If the new scan turns out clean will it replace the old log and unflag the false positives?

[TrueIndian]

Just ignore all the detections for now and reboot and update avast! it should fix your issues with the false positives.If you need help,the forum is here.Make a topic in the viruses and worms section and our people will help all of you out.

Don't worry. 

[Caso]

This one mostly triggered on webpages so it was rather harmless imo.

Yeah, for me it was, because i didn't panic and didn't go full guns with boot scan and whatnot...

[REDACTED]

Just wanted to share my experience with this.

Like many of you I started to get avast pop-ups every 5 minutes or so with Google Chrome showing VBS:malware-gen.  I am using Windows 10 Home.   I ran a boot time scan and it found approx 100 infected files, most of which were moved to chest, but it auto deleted approx 10-20 files in Windows root folder.

When the scan finished it took me to the login screen and I typed in my password like usual, and then all of a sudden it was like I was starting the computer up for the first time and it was asking me to make a new microsoft account and setting up new profile etc.  I panicked a little here but all of a sudden the screen went blank and flickered and then went back to my original sign in screen with my account intact.  I suspect it was auto-restoring some stuff in the background and it occured during this time.  I was able to log in like normal and nothing seemed out of place.  However, I tried to do a system restore and it failed, so maybe there is still a problem somewhere.

Anyway, I did the avast update and everything seems fine now.  I checked the virus chest which had approx 100 files in it.  I selected all of them and went to restore, but it seems like they have already been restored because avast prompts me to overwrite/skip the files that I'm restoring.

I checked system restore after all this, and my restore points have all disappeared so now I can't even test it to see if it works, I'm not sure what else happened.  Anyone have any suggestions? I ran sfc /scannow in command line to check windows system files and it found nothing wrong.  any other scans I can do ?

[REDACTED]

VPS 170222-0 is installed and we are getting new VBS: Malware-gen hits with our Quick Scans.

[REDACTED]

VPS 170222-0 is installed and we are getting new VBS: Malware-gen hits with our Quick Scans.

yea i been getting it too .. i am doing my 3rd scan cuz of this...

[REDACTED]

Just wanted to share my experience with this.

Like many of you I started to get avast pop-ups every 5 minutes or so with Google Chrome showing VBS:malware-gen.  I am using Windows 10 Home.   I ran a boot time scan and it found approx 100 infected files, most of which were moved to chest, but it auto deleted approx 10-20 files in Windows root folder.

When the scan finished it took me to the login screen and I typed in my password like usual, and then all of a sudden it was like I was starting the computer up for the first time and it was asking me to make a new microsoft account and setting up new profile etc.  I panicked a little here but all of a sudden the screen went blank and flickered and then went back to my original sign in screen with my account intact.  I suspect it was auto-restoring some stuff in the background and it occured during this time.  I was able to log in like normal and nothing seemed out of place.  However, I tried to do a system restore and it failed, so maybe there is still a problem somewhere.

Anyway, I did the avast update and everything seems fine now.  I checked the virus chest which had approx 100 files in it.  I selected all of them and went to restore, but it seems like they have already been restored because avast prompts me to overwrite/skip the files that I'm restoring.

I checked system restore after all this, and my restore points have all disappeared so now I can't even test it to see if it works, I'm not sure what else happened.  Anyone have any suggestions? I ran sfc /scannow in command line to check windows system files and it found nothing wrong.  any other scans I can do ?

This is why they need to be careful, stuff like this can ruin someones installation completely.

[Nihojep]

What a major fuck-up this is... and all they probably are gonna say is: We regret this has been an inconvenience for you and thank you for your patience.

Aww gee, dont mention it -.-

[REDACTED]

What a major fuck-up this is... and all they probably are gonna say is: We regret this has been an inconvenience for you and thank you for your patience.

Aww gee, dont mention it -.-

It be nice if they own up and give there Customers 1 month free or something along them lines for this.. this is a Majoy mess up it has ruin peoples OS as well as delete files that "some none skilled" people dont know how to replace (without paying someone to assist them).

[REDACTED]

Posted this in the other forum (Viruses and bugs) but since people are actually reading this thread, thought it may be more noticeable here:

Today when I booted up my computer, Avast alerted me that an NVIDIA program ([Chest] C:\ProgramData\NVIDIA Corporation\ShadowPlay\CaptureCore_v7.stat) is suddenly infected with Malware and moved it to the Virus Chest, despite already having the latest version for engine/definitions (170222-0). I'm supposing this is yet another false positive and that I should restore it (or hit restore and exclusion)? I have no clue what the actual file is, but it seems to be part of NVIDIA's screen capture program for sharing games. In all probability, it came with the computer (gaming laptop) when I bought it back in 2015.

It's not integral that I immediately restore now, as I don't need to really use it, but if anyone could confirm other occurrences, I'd be grateful. I've already submitted a false positive report but am holding back on restoring.

[REDACTED]

I managed to restore a lot of files that were moved to the chest from the scan and I was lucky enough to stop the boot-time scan before it deleted anything important. However, my scan history has labeled some important files as "delete" and "action postponed until next reboot". Is there any way to stop this action from being carried out? I tried putting the action to "do nothing" but it won't let me apply it.

Edit: I seem to be unable to find the said files that were marked for deletion in their folders. I think Avast already deleted them.

[REDACTED]

I managed to restore a lot of files that were moved to the chest from the scan and I was lucky enough to stop the boot-time scan before it deleted anything important. However, my scan history has labeled some important files as "delete" and "action postponed until next reboot". Is there any way to stop this action from being carried out? I tried putting the action to "do nothing" but it won't let me apply it.

Same exact problem as you how do we stop it from deleting files after reboot?