Author Topic: Real or False Positive? still running scans to find out for sure  (Read 5357 times)

0 Members and 1 Guest are viewing this topic.

Offline Patrick2

  • Poster
  • *
  • Posts: 490
Hi All

Recently did clean install of Avast, was moving files around from possibly dying external drive, decided to run full scan, and got an alert on possible infection (checking with Malwarebyes in about 3-4 minutes)

*Note Previously tried out Windows Defender for a bit after a local friend was like try it*, but don't see how I would get infected, as I did same surfing I did in the past*


Virustotal results

https://www.virustotal.com/en/file/feea416e5e5c8aa81416b81fb25132d1c18b010b02663a253338dbdfb066e122/analysis/1499651193/

Only AVG and Avast Detected it as
Other:Malware-gen [Trj]
(False positive listed as)

« Last Edit: July 10, 2017, 03:47:50 AM by Patrick2 »
Windows 10 Pro 64bit 1909 18363.476, Intel I7 7700 Nvidia Geforce 1050 16gb DDR4, WD 250GBSSD, 1tb Storage, Avast Free 19.8.2393
HP Omen Laptop Intel I7 7700HQ, 8gb Of Ram Windows 10 Home x64 1909 18363.476 128GB SSD, 1tb Storage, Avast Free 19.8.2393

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5420
  • Spartan Warrior
Re: Real or False Positive? still running scans to find out for sure
« Reply #1 on: July 10, 2017, 04:27:21 AM »
Identical detections with another avast user here:  https://forum.avast.com/index.php?topic=205279.0
Windows 10 Home 64-bit 20H2 Avast Premier Security version 21.3.2459 (build 21.3.6164.652) UI version 1.0.612.

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6800
  • volunteer
Re: Real or False Positive? still running scans to find out for sure
« Reply #2 on: July 10, 2017, 04:30:37 AM »
Hello.

I confirm that this is an FP.Scan the origin and showed the same detection.

Attached


Offline Pernaman

  • Sr. Member
  • ****
  • Posts: 295
Re: Real or False Positive? still running scans to find out for sure
« Reply #3 on: July 10, 2017, 04:31:06 AM »
Oh, hello! Sorry that I didn't notice this topic, but the topic title didn't highlight this being same issue as with me :-[
Finnish casual PC and Avast user with mediocre computer knowledge and rather sloppy english computer vocabulary
( ._.)

I use Avast free with Malwarebytes Anti-Malware and Firefox with Adblock Plus & Noscript

Offline Patrick2

  • Poster
  • *
  • Posts: 490
Re: Real or False Positive? still running scans to find out for sure
« Reply #4 on: July 10, 2017, 04:32:55 AM »
Yes I should've probably titled it differently than I did, my bad
Windows 10 Pro 64bit 1909 18363.476, Intel I7 7700 Nvidia Geforce 1050 16gb DDR4, WD 250GBSSD, 1tb Storage, Avast Free 19.8.2393
HP Omen Laptop Intel I7 7700HQ, 8gb Of Ram Windows 10 Home x64 1909 18363.476 128GB SSD, 1tb Storage, Avast Free 19.8.2393

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6800
  • volunteer
Re: Real or False Positive? still running scans to find out for sure
« Reply #5 on: July 10, 2017, 04:39:41 AM »
I sent mine through the report

https://www.avast.com/false-positive-file-form.php

Reported to Vírus analyst ~

Offline Patrick2

  • Poster
  • *
  • Posts: 490
Re: Real or False Positive? still running scans to find out for sure
« Reply #6 on: July 10, 2017, 04:47:59 AM »
Same sent in a report also to Avast

Windows 10 Pro 64bit 1909 18363.476, Intel I7 7700 Nvidia Geforce 1050 16gb DDR4, WD 250GBSSD, 1tb Storage, Avast Free 19.8.2393
HP Omen Laptop Intel I7 7700HQ, 8gb Of Ram Windows 10 Home x64 1909 18363.476 128GB SSD, 1tb Storage, Avast Free 19.8.2393

Offline LukasJ

  • Avast team
  • Jr. Member
  • *
  • Posts: 88
Re: Real or False Positive? still running scans to find out for sure
« Reply #7 on: July 10, 2017, 09:34:41 AM »
Hi, detection was disabled.
Will be solved in next stream update. (5 minutes)

Lukáš
« Last Edit: July 10, 2017, 09:42:06 AM by LukasJ »

Offline Patrick2

  • Poster
  • *
  • Posts: 490
Re: Real or False Positive? still running scans to find out for sure
« Reply #8 on: July 10, 2017, 06:30:38 PM »
Thank you Lukas on fixing this in a timely manner
Windows 10 Pro 64bit 1909 18363.476, Intel I7 7700 Nvidia Geforce 1050 16gb DDR4, WD 250GBSSD, 1tb Storage, Avast Free 19.8.2393
HP Omen Laptop Intel I7 7700HQ, 8gb Of Ram Windows 10 Home x64 1909 18363.476 128GB SSD, 1tb Storage, Avast Free 19.8.2393

Offline Avq2315

  • Newbie
  • *
  • Posts: 12
Re: Real or False Positive? still running scans to find out for sure
« Reply #9 on: July 14, 2017, 01:25:23 AM »
Sorry to resurrect an older thread, I've only just noticed I had two desktop.ini files move to the vault on the 10th too, and they're still being flagged as Other:Malware-gen [Trj] in the virus vault. I've submitted them to the lab.

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6800
  • volunteer
Re: Real or False Positive? still running scans to find out for sure
« Reply #10 on: July 15, 2017, 12:48:25 AM »
Sorry to resurrect an older thread, I've only just noticed I had two desktop.ini files move to the vault on the 10th too, and they're still being flagged as Other:Malware-gen [Trj] in the virus vault. I've submitted them to the lab.

I do not suppose it's the same local reported, you should get the answer soon.

Offline Avq2315

  • Newbie
  • *
  • Posts: 12
Re: Real or False Positive? still running scans to find out for sure
« Reply #11 on: July 15, 2017, 11:13:25 AM »
Well, it was in the same location as the person in the other thread (https://forum.avast.com/index.php?topic=205279.0), "C:\Users\*my name*\AppData\Local\Microsoft\Windows\Burn\Burn\desktop.ini" so I assume if it's an fp for him, it is for me. An MBAM scan found nothing.

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6800
  • volunteer
Re: Real or False Positive? still running scans to find out for sure
« Reply #12 on: July 17, 2017, 09:50:26 PM »
Well, it was in the same location as the person in the other thread (https://forum.avast.com/index.php?topic=205279.0), "C:\Users\*my name*\AppData\Local\Microsoft\Windows\Burn\Burn\desktop.ini" so I assume if it's an fp for him, it is for me. An MBAM scan found nothing.

What is the version Avast and number of VPS ?