Avast detected about 500 false positives today. Listing them all as VBS-Malware-Gen These files included minecraft save games, jpeg images (That I took), documents from Word, Text, and Open Office, as well as hundreds of other valuable and much-needed files, docs, images, and save files. I called “Premium Support” and they want to bill me to resolve the issue. BILL ME!
Avast Pro - Licensed
Program Version - 17.1.1.2286 (Build 17.1.3394.42) CURRENT as of February 22nd, cannot be updated.
Virus Definitions Version - 170222-3 CURRENT as of February 22nd, cannot be updated.
I would submit the entire list, of which 99% are false positives, but do not know how to submit the entire report, in mass, to the correct department. Additionally, I can no longer trust AVAST with my security needs because of this incredible breach of trust. Calling tech support is a horrific waste of time. The connection is poor, the tech support people don’t understand the issue and just want billing information. That makes the entire tech support of AVAST useless beyond a brick at resolving this issue.
I must go through the list and individually report each false positive, and restore the file. Who has the time for this? 500 plus false positives! I am extremely concerned that this issue has happened, and am unsure of how to keep it from happening again. Ergo, I cannot trust Avast and will have no choice but to remove it and discontinue my subscription if not resolved.
How can I report the entire list at one time to correct department?
How can I prevent this from happening again? (Added individually to the exclusion list is insane, these files number in the hundreds!)
Thank you. It should be noted that my virus definitions and program are CURRENT and cannot be updated. I just tried, again, and it says I am current. I am, however, working on restoring the wrongfully removed files now.
Thank you again, but I updated to this version, then ran my scan, and it was that scan that detected all those VBS files. Of which, none are actual VBS malware.
You can also check your definitions folder at %programfiles%\AVAST Software\Avast\defs. If folder 17022101 is present (that’s the faulty VPS), try restarting Avast Service by running
net stop "avast! Antivirus" && net start "avast! Antivirus"
in cmd.exe (as Administrator, also self-defense has to be turned off). Or you can just reboot your computer. This will ensure Avast loads only the latest VPS.
Edit: In case of a reboot, please make sure you have the latest VPS to prevent any damage caused by the faulty VPS during boot-time scan (if scheduled).
I had EXACTLY the same experience as Raymond84. For starters, I see that the New Avast (I am using 17.1.2286 build 17.1.3394.46) automatically updates the virus definitions. It occurs to me that I wouldn’t have had this happen to me if my computer had not downloaded the new corrupt virus definition database, so I would like to know how to disable it so that I can wait 2 weeks before downloading any new definitions so that Avast has time to work out the kinks
Additionally, I am trying to figure out how to restore all these files without going 1 at a time. Among the several choices when I right click on a line in the chest, I get “delete” “restore” “extract” “refresh all files”… now going 1 at a time, I figured out that “restore” puts the file back, but is “refresh all files” the same as “restore”? Or does that refresh the list? I wish that Avast would post more help on how to fix this problem that THEY created, since SOOOOOO many people were instantly affected due to their auto-update of corrupt virus definitions.
@ phredri
The default action for the VPS updates has for some considerable time always been set to Automatic. There are also the Streaming signature updates coming out every few minutes, these rely on VPS updates being set to automatic. It may also disable some of the protection modules, CyberCapture and Hardened Mode (aggressive) I believe.
You can set the Virus Definitions to manual, in the avastUI > Settings > Update. That however also disables the streaming updates also. Lastly the volume of new malware samples in a two week period is absolutely massive and would reduce your protection greatly. One area of greater risk would web browsing as the Web Shield would be benefiting from the new signature information.
I didn’t address it because I’m not clear what the hell Refresh is/means/does.
I can’t recall having seen it in earlier avast versions. To me refresh in other contexts could mean reload, but clicking on Refresh doesn’t seem to do anything. It doesn’t rescan them as if I specifically select the scan option I get a confirmation of the scan and its result.
Thanks Raymond 84 for posting this. My networked pcs went nuts with vbs malware gen warnings (all except for the one running AVG). Webshield reporting attacks were coming from my WD media box which struck me as odd. Two W10 pcs and one W7 had hundreds of results following scans.
By chance I reconnected one to the Lan the following afternoon and re ran the scan which was now clean. I was at the point of trying a clean and following up with malwarebytes. Thank goodness I didn’t do that and found this thread. Very annoyed avast did nothing to contact users or go public with their mistake. Two thumbs down for them. Very poor PR.
Really? Your waiting for Avast to notify you? Avast doesn’t do that. You just have to wait and hope that the problem is corrected in timely manner by Avast.
