Author Topic: Real or False Positive? still running scans to find out for sure  (Read 6690 times)

0 Members and 1 Guest are viewing this topic.

Offline Patrick2

  • Poster
  • *
  • Posts: 489
Hi All

Recently did clean install of Avast, was moving files around from possibly dying external drive, decided to run full scan, and got an alert on possible infection (checking with Malwarebyes in about 3-4 minutes)

*Note Previously tried out Windows Defender for a bit after a local friend was like try it*, but don't see how I would get infected, as I did same surfing I did in the past*


Virustotal results

https://www.virustotal.com/en/file/feea416e5e5c8aa81416b81fb25132d1c18b010b02663a253338dbdfb066e122/analysis/1499651193/

Only AVG and Avast Detected it as
Other:Malware-gen [Trj]
(False positive listed as)

« Last Edit: July 10, 2017, 03:47:50 AM by Patrick2 »
Windows 10 Pro 64bit 1909 18363.476, Intel I7 7700 Nvidia Geforce 1050 16gb DDR4, WD 250GBSSD, 1tb Storage, Avast Free 19.8.2393
HP Omen Laptop Intel I7 7700HQ, 8gb Of Ram Windows 10 Home x64 1909 18363.476 128GB SSD, 1tb Storage, Avast Free 19.8.2393

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5564
  • Spartan Warrior
Re: Real or False Positive? still running scans to find out for sure
« Reply #1 on: July 10, 2017, 04:27:21 AM »
Identical detections with another avast user here:  https://forum.avast.com/index.php?topic=205279.0
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6677
  • volunteer
Re: Real or False Positive? still running scans to find out for sure
« Reply #2 on: July 10, 2017, 04:30:37 AM »
Hello.

I confirm that this is an FP.Scan the origin and showed the same detection.

Attached


REDACTED

  • Guest
Re: Real or False Positive? still running scans to find out for sure
« Reply #3 on: July 10, 2017, 04:31:06 AM »
Oh, hello! Sorry that I didn't notice this topic, but the topic title didn't highlight this being same issue as with me :-[

Offline Patrick2

  • Poster
  • *
  • Posts: 489
Re: Real or False Positive? still running scans to find out for sure
« Reply #4 on: July 10, 2017, 04:32:55 AM »
Yes I should've probably titled it differently than I did, my bad
Windows 10 Pro 64bit 1909 18363.476, Intel I7 7700 Nvidia Geforce 1050 16gb DDR4, WD 250GBSSD, 1tb Storage, Avast Free 19.8.2393
HP Omen Laptop Intel I7 7700HQ, 8gb Of Ram Windows 10 Home x64 1909 18363.476 128GB SSD, 1tb Storage, Avast Free 19.8.2393

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6677
  • volunteer
Re: Real or False Positive? still running scans to find out for sure
« Reply #5 on: July 10, 2017, 04:39:41 AM »
I sent mine through the report

https://www.avast.com/false-positive-file-form.php

Reported to Vírus analyst ~

Offline Patrick2

  • Poster
  • *
  • Posts: 489
Re: Real or False Positive? still running scans to find out for sure
« Reply #6 on: July 10, 2017, 04:47:59 AM »
Same sent in a report also to Avast

Windows 10 Pro 64bit 1909 18363.476, Intel I7 7700 Nvidia Geforce 1050 16gb DDR4, WD 250GBSSD, 1tb Storage, Avast Free 19.8.2393
HP Omen Laptop Intel I7 7700HQ, 8gb Of Ram Windows 10 Home x64 1909 18363.476 128GB SSD, 1tb Storage, Avast Free 19.8.2393

Offline LukasJ

  • Avast team
  • Jr. Member
  • *
  • Posts: 86
Re: Real or False Positive? still running scans to find out for sure
« Reply #7 on: July 10, 2017, 09:34:41 AM »
Hi, detection was disabled.
Will be solved in next stream update. (5 minutes)

Lukáš
« Last Edit: July 10, 2017, 09:42:06 AM by LukasJ »

Offline Patrick2

  • Poster
  • *
  • Posts: 489
Re: Real or False Positive? still running scans to find out for sure
« Reply #8 on: July 10, 2017, 06:30:38 PM »
Thank you Lukas on fixing this in a timely manner
Windows 10 Pro 64bit 1909 18363.476, Intel I7 7700 Nvidia Geforce 1050 16gb DDR4, WD 250GBSSD, 1tb Storage, Avast Free 19.8.2393
HP Omen Laptop Intel I7 7700HQ, 8gb Of Ram Windows 10 Home x64 1909 18363.476 128GB SSD, 1tb Storage, Avast Free 19.8.2393

REDACTED

  • Guest
Re: Real or False Positive? still running scans to find out for sure
« Reply #9 on: July 14, 2017, 01:25:23 AM »
Sorry to resurrect an older thread, I've only just noticed I had two desktop.ini files move to the vault on the 10th too, and they're still being flagged as Other:Malware-gen [Trj] in the virus vault. I've submitted them to the lab.

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6677
  • volunteer
Re: Real or False Positive? still running scans to find out for sure
« Reply #10 on: July 15, 2017, 12:48:25 AM »
Sorry to resurrect an older thread, I've only just noticed I had two desktop.ini files move to the vault on the 10th too, and they're still being flagged as Other:Malware-gen [Trj] in the virus vault. I've submitted them to the lab.

I do not suppose it's the same local reported, you should get the answer soon.

REDACTED

  • Guest
Re: Real or False Positive? still running scans to find out for sure
« Reply #11 on: July 15, 2017, 11:13:25 AM »
Well, it was in the same location as the person in the other thread (https://forum.avast.com/index.php?topic=205279.0), "C:\Users\*my name*\AppData\Local\Microsoft\Windows\Burn\Burn\desktop.ini" so I assume if it's an fp for him, it is for me. An MBAM scan found nothing.

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6677
  • volunteer
Re: Real or False Positive? still running scans to find out for sure
« Reply #12 on: July 17, 2017, 09:50:26 PM »
Well, it was in the same location as the person in the other thread (https://forum.avast.com/index.php?topic=205279.0), "C:\Users\*my name*\AppData\Local\Microsoft\Windows\Burn\Burn\desktop.ini" so I assume if it's an fp for him, it is for me. An MBAM scan found nothing.

What is the version Avast and number of VPS ?