Author Topic: macOS Sierra - Detected VBS:Malware-gen [Need Help]  (Read 7174 times)

0 Members and 1 Guest are viewing this topic.

Offline MartinX

  • Newbie
  • *
  • Posts: 1
macOS Sierra - Detected VBS:Malware-gen [Need Help]
« on: February 22, 2017, 04:08:39 AM »
I installed Sierra about a month ago. I have done a few Full System Scan a few times, everything was good.

Today, I logged into one of my macOS accounts. Few Avast popups showed up. Avast detected Malware on files such as:

/Users/<user1>/Library/Containers/com.apple.siri.media-indexer/Data/albumtitlesdataTable.tdb
/Users/<user1>/Library/Containers/com.apple.siri.media-indexer/Data/composernamesdataTable.tdb
and other *.tdb files

I logged out, logged in to another macOS account. Did a manual scan of the account's com.apple.siri.media-indexer/Data directory and Avast detected more malware.

All of them are now in the Virus Chest.

Questions:
1. What is VBS:Malware-gen?
2. Why were the malware detected just now?
3. Are these real malware, or just false positives? Is my system at risk?
4. What should I do next? :(

I am running a full scan again to see if Avast finds anything.

Thank you so much!

Regards,
Martin

Offline clownfishman

  • Newbie
  • *
  • Posts: 5
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #1 on: February 22, 2017, 05:20:32 AM »
I have the same issue today also 2017-02-21.   Avast keep on popping up "VBS:Malware-gen" detection. 

I used Malwarebytes and detect nothing. 

Right now doing a full system scan ant currently at 75% complete and detected 98 infections.  Does not seem like there can be that many infection with so many different files.

Looking it up VBS is suppose to be VB scripts (how is Mac going to use VBScript)? 

Might be false positive with the latest update.

Offline b510c

  • Newbie
  • *
  • Posts: 1
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #2 on: February 22, 2017, 05:58:11 AM »
I'm having this VBS:Malware-gen problem with Sierra as well today.

Offline poweravas4

  • Newbie
  • *
  • Posts: 3
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #3 on: February 22, 2017, 06:10:19 AM »
Hey guys I am having the same problem, my computer was just working fine, I was doing some doing some codes and when i tried to run it the inflection blocked pop up started. I ran the avast and it is giving me VPS malware gen or something for things like spotlight imovies and other applications and files. Do anyone know why is this happening?  It's freaking me out

Offline hotappl

  • Newbie
  • *
  • Posts: 2
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #4 on: February 22, 2017, 06:39:11 AM »
Having same problem as well.  Anyone have any info to share

Offline cal190678

  • Newbie
  • *
  • Posts: 1
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #5 on: February 22, 2017, 06:44:10 AM »
I am also having the same problem on El Capitan. I did a full scan and it "detected" viruses in everything from .gif files in excel to iphone apps, 423 total. Hoping the next update fixes this.

Offline Tim250

  • Newbie
  • *
  • Posts: 1
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #6 on: February 22, 2017, 07:18:32 AM »
My web shield is continuously popping up.. extremely annoying!!!

INFECTION BLOCKED!

VBS: Malware-gen

URL: https://clients1.google.com/tbproxy/af/query?client=Google%20Chrome

File: {gzip}

Offline t.krantz.alaska

  • Newbie
  • *
  • Posts: 1
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #7 on: February 22, 2017, 07:20:23 AM »
I too am seeing numerous VBS:Malware-gen reports on two Macs running Sierra (OS 10.12.3). I aborted the scans and shut down for the night. I am looking forward to a revision/update to Avast in the morning to correct these apparent false positives. . . unless this is "for real" then I will consider other reactions.  :-[

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 64673
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Win 8.1 [x64] - Avast PremSec 20.4.2408.B#3 [UI.520] - CC 5.65 - EEK - FF ESR 68.8 [NS/AOS/uBO/PB] - TB 68.8.1 - ASB/ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline allenergy11

  • Jr. Member
  • **
  • Posts: 34
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #9 on: February 22, 2017, 07:53:58 AM »
How do I get all these files RESTORED to their original location from the Virus Chest?   The scan put tons of files in the Chest after finding the VBS:  Malware Gen which is a false postiive Avast glitch! 

Please give clear instructions.  Thank you so much! 

Offline bratsche

  • Newbie
  • *
  • Posts: 2
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #10 on: February 22, 2017, 09:34:20 AM »
Me too. Sierra 10.12.3. I did several more scans after the first terrifying one that identified about 90 infected files; I haven't deleted anything, only put them in the chest, but it started out with about 90 and decreased to 9 files each of the last 2 times. A Malwarebytes scan in the middle of all that turned up nothing. I just now got an Avast update, am running another scan, and so far it's not flagging anything.

But what now? What do I need to do with all the files that got moved into the Virus Chest?

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31350
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #11 on: February 22, 2017, 09:38:12 AM »
https://forum.avast.com/index.php?topic=197620.msg1371153#msg1371153

To restore the files :
- Make sure you have the latest VPS update (with the fix)
- Place the files back from the chest

Offline Nate123

  • Newbie
  • *
  • Posts: 16
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #12 on: February 22, 2017, 09:45:29 AM »
How do i get the latest VPS? I tried updating virus definitions through avast and it didn't work?

So just open the chest and restore everything that was put in there today? Doesn't it automatically delete things it can't move?

Thanks for the help.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31350
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #13 on: February 22, 2017, 09:51:41 AM »
Quote
How do i get the latest VPS?
Wait till avast has released the new VPS version then simply update it.
Quote
So just open the chest and restore everything that was put in there today?
Only those things that are detected as VBS:Mal-gen need to be restored.
If things are deleted because they (for whatever reason) couldn't be placed in the chest, install the application again (or if it has that option, perform a repair of the application)

If data (documents and such) are deleted, either restore them from the chest or retrieve them through recent backup.

Offline Nate123

  • Newbie
  • *
  • Posts: 16
Re: macOS Sierra - Detected VBS:Malware-gen [Need Help]
« Reply #14 on: February 22, 2017, 09:55:46 AM »
When restoring items from chest I received this error.

The file already exists.

Should I overwrite, skip, overwrite all, skip all, cancel?