False Positives ???

After scanning each and everyone of them with MBAM and SUPERAntiSpyware with latest definitions, both detected NOTHING bad, so I uploaded each one to VirusTotal (see attached jpg) and ONLY avast (4 & 5) and GDATA detected them as “Win32:Malware-gen” so is it safe to suppose that these files are false positives?

Thanks

Did you submit the file to Avast ?

Send the sample to avast as a False Positive:
Open the chest and right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update.

Unfortunately I don’t know if these can be moved back to the System Information Folder as it is a protected area of System Restore. However, all isn’t bad news as the only reason they are there is because it had previously been deleted or moved from the system folders and this is a back-up created by system restore.

  • Infected Restore Points - There really is little benefit in chasing a detection in the system volume information folder. It is only there because it had previously been deleted or moved from the system folders and this is a back-up created by system restore.

  • Worst case scenario it isn’t infected and you delete it, you can’t use that restore point in the future, not much of a loss and the older the restore point is the less of an issue it is.

  • So if there is any suspicion about a restore point then it is best removed from the system volume information folder or it could bite you in the rear at some point in the future when you use system restore if it included that restore point.

That said you should still send the samples to avast for analysis and help improve the win32:Malware-gen signature.

Thank you very much David, very thorough your reply !

I am sending the files to avast right now.

You’re welcome.