« previous next »
Pages: [1]   Go Down

Author Topic: A0010588.exe - Is this a false positive?  (Read 2928 times)

0 Members and 1 Guest are viewing this topic.

J8son

  • Guest
A0010588.exe - Is this a false positive?
« on: December 31, 2008, 09:32:45 PM »
I ran a scan of all three of my hard drives using Avast Pro on it's highest sensitively settings.

The log at the end usually is filled with "False Positives" that I know for a fact are NOT harmful files.

However, I did notice two entries for my M:\ and N:\ drives I use for storage. It says the following files are infected:

M:\System Volume Information\...\A0010588.exe
N:\System Volume Information\...\A0009054.exe

I have un-hidden those folders but access is denied. Should I be alarmed by these or are they two false positives?

Thanks!  ;)
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: A0010588.exe - Is this a false positive?
« Reply #1 on: December 31, 2008, 10:14:43 PM »
System Volume Information is the system restore folders, blocked by Windows, you can only handle these files (send to Chest) if you run avast at boot time.
If you disable system restore and enable again, you'll delete all old restore points, including the possible infected ones.
Logged
The best things in life are free.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89201
  • No support PMs thanks
Re: A0010588.exe - Is this a false positive?
« Reply #2 on: December 31, 2008, 10:31:16 PM »
Quote from: J8son on December 31, 2008, 09:32:45 PM
I ran a scan of all three of my hard drives using Avast Pro on it's highest sensitively settings.

The log at the end usually is filled with "False Positives" that I know for a fact are NOT harmful files.
<snip>

You don't say what the file names, locations, malware names are of these files, nor why you are so sure they are false positives.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »