false positive

Viruses and worms
1

when i visited a one trusted bank site I recieved warning from avast that it contain a virus VPS version 090128 01/28/09 allaple-A[wrm],

I am sure it is a false positive as banking sites does not distribute worms in html codes

i am trying to sent this file to virus2vast but vast is not allowing me to do so

how to decide it is a malware file

regards

Adi

2

Well you could start by giving us the URL so that it can be checked out, it wouldn’t be the first time a bank site could have been hacked.
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe

Or might you have been the subject of phishing, clicking on a link (?), which looks like the bank url but in fact it is redirected to another site that looks like the bank site ?

How are you trying to send the file (zipped and password protected) ?
What do you mean by avast doesn’t let you ?

3

was trying to email file using outlook express to virus@avast.com
I also tried to send the file to avast by right clicking and choosing mail to avast,
It says file will be uploded in next update but nothing seems to happen though it has asked me to fill a long form

The url of website is https://www.eztrade.co.in/stsb/asset/presentationlayer/home.asp?LogonType=IPO

it is a secured site certified by verisign and you need to enter logon password to reach this page

I am uploding this file by changing the extension to .bmp and disabling the onacess protection.

How to verify wether files have been submitted to avst or not

Regards

Adi

4

If you do a manual update of avast then it will be uploaded during that update check or when the next auto update occurs if you don’t elect to do a manual update.

Just because a site is secure doesn’t mean it can’t get hacked and that wouldn’t change the verisign status, all that does is confirm who they are, a legit company.

5

The attachment above … IpoContent[1].htm.jpg … contains malware.

Please do not download this attachment.

6

Well as CharleyO said that file is infected and avast isn’t the only AV to think so, just check out this VirusTotal link, http://www.virustotal.com/analisis/05fd90e800d9a2041e920d9c0ee41171.

So there is something strange going on with that site. I don’t know if you changed the file name adding the .jpg on the end to be able to post it as an attachment, but any file with a double file type (extension) like .htm.jpg is suspicious.