Author Topic: [FIXED] [VBS: Malware Gen] False positives Vir. def: 170221-1 22.2.2017 0:08:41  (Read 155682 times)

0 Members and 1 Guest are viewing this topic.

Offline clira

  • Newbie
  • *
  • Posts: 17
The problem I posted earlier, with screen clips- the Avast pop-up that warns of a VB malware detection on various Amazon pages.  I think it happens on a number of pages due to prefetching.
Try clearing out your browser data. You can't blame Avast because your browser still reverts to old, outdated,
and saved data. :)

I did it that even though logically, it should not matter....unless the old website did actuallt did have malware, but the new data didn't.  The provlem is with Avast.
You are correct, the original problem was Avast. Once they fixed the problem, it was no longer their foult if you are looking at old websites.
That's why you need to clean out old outdated stuff. One of the reasons why CCleaner is as popular as it is. :)

Sorry, but that does not make any sense.  If Avast looked at a piece of website data(HTML, Javascript, etc.) and said "Malware!", then realized that was false, and amended their code to look at the same website data and say "OK", then it should not require me to do anything with my browser cache. The only circumstances where that would make a difference would be if :

1. Amazon truly did have malware on their site
2. Amazon changed their data to be the same functionally, but written so as not to get a false flag from Avast.

In any case, as mentioned, I dumped my browser cache and the problem persists.

Offline Sirmer

  • Avast team
  • Sr. Member
  • *
  • Posts: 324
Is problem persist with other browser?

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
A simple way to test with another browser is using this one > http://www.opera.com/computer/portable

Offline Jiří Šembera

  • Avast team
  • Jr. Member
  • *
  • Posts: 46
  • Developer/Malware Analyst, former VPS maintainer
You can also check if the faulty VPS is still present on your computer and if it is, restart Avast service or reboot your computer. I've posted more info in this thread: https://forum.avast.com/index.php?topic=197694.msg1372050#msg1372050

Jiri

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
It should look like this:
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

REDACTED

  • Guest
ok so I've been using windows defender for a few days and it has given me no problems, very different experience to avast.

however since I paid MONEY for avast I intend to start using it again....  :'( :'( :'(

I know the title says [FIXED] but I don't trust Avast so can someone please let me know if I re-install right now will it be ok?

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
<snip>
however since I paid MONEY for avast I intend to start using it again....  :'( :'( :'(

I know the title says [FIXED] but I don't trust Avast so can someone please let me know if I re-install right now will it be ok?

I never experienced a problem to start with:
1.  I'm in a different time zone and may not have got the VPS update as I hadn't started my system.
2.  I rarely if ever do an on-demand scan - exception when I run one to help on the forums - so I'm probably less likely to encounter that False Positive.

You say that you don't trust avast, why would you trust a stranger on the forums. Many would say that it is fixed, but there are some who might not say its fixed.

If you have uninstalled avast, doing a clean install should certainly ensure any possible remnant of the bad VPS update should be gone. So you would be starting with a clean slate.

What I would say to you is to consider a robust backup and recovery strategy:
I run a hard drive drive image weekly and keep copies of the last 6 drive images. The worst case scenario being I lose the last 6 days of changes. But some of the software allows for incremental updates so only new entries or modified elements which could be run daily. In this case you could be down to only losing changes within the last day.

This isn't just to recover from what you experienced, but any computer hiccup. I have used this on many occasions over the years and never once in relation to some like this, but I am prepared.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline wrlucas

  • Newbie
  • *
  • Posts: 9
I still have the problem referred as "FIXED" and sworn by other on this forum that it is fixed and no longer Avast's fault.

I have def 170224-1, 17.1.2286 (build 17.1.3394.46), I have restarted the Avast service, cleared cache, and rebooted 3 times. 

I have experienced this on Chrome, FireFox, and Edge.  The Firefox was a completely new install and had no history.




Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
I still have the problem referred as "FIXED" and sworn by other on this forum that it is fixed and no longer Avast's fault.

I have def 170224-1, 17.1.2286 (build 17.1.3394.46), I have restarted the Avast service, cleared cache, and rebooted 3 times. 

I have experienced this on Chrome, FireFox, and Edge.  The Firefox was a completely new install and had no history.

Have you followed the information and action in this post https://forum.avast.com/index.php?topic=197572.msg1372576#msg1372576 Reply #325 and the link given in it ?

Also see the post below it Reply #326.

It may be an idea to do a clean reinstall of avast if you have done what is suggested in those posts and links..
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline clira

  • Newbie
  • *
  • Posts: 17
I still have the problem referred as "FIXED" and sworn by other on this forum that it is fixed and no longer Avast's fault.

I have def 170224-1, 17.1.2286 (build 17.1.3394.46), I have restarted the Avast service, cleared cache, and rebooted 3 times. 

I have experienced this on Chrome, FireFox, and Edge.  The Firefox was a completely new install and had no history.

Ditto. Avast supports wants me to boot into Safe Mode, uninstall Avast, then reinstall.  Ugh. 

Offline wrlucas

  • Newbie
  • *
  • Posts: 9
I have done all those things in replies 325 and 326.  Three definition releases since 170221-1 on 2-22-17.  It appears more is needed.

Offline clira

  • Newbie
  • *
  • Posts: 17
Looks like this has finally been fixed in 170225-1.  No issues so far this morning.

REDACTED

  • Guest
Thanks Avast, I just spent 5 hours restoring files to my archive drive and system files to my operating system and Avast DELETED a bunch I files I can never get again. I still have a lookup.dat file that needs to go back in C:\Windows\winsxs\x86_microsoft-windows-winocr-ocrengines_31bf3856ad364e35_6.1.7600.16385_none_a31b6cff9464aa03 and Windows won't let Avast Virus Chest restore it. I've tried copying it back in manually and Windows won't let me do that either.  >:(

Hello,
I have the same exact problem as catrike. Restored everything else from the chest apart from lookup.dat .
Can anybody help with this?

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Is anything not working ?
Wat application is using that file ?
What is/was the original location ?

REDACTED

  • Guest
Hello Eddy,
everything is working fine, the only problem is that this file can't go back in it's original place and remains in the chest.
The original location of the file was C:\Windows\winsxs\amd64_microsoft-windows-winocr-ocrengines_31bf3856ad364e35_6.1.7600.16385_none_ff3a08834cc21b39
On the properties it says this file opens with Windows Shell Commor