You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
As the suspect file is recognized as such by only one AV, and as Avast
does not say anything about it, I suppose most probably it was a FP.
Do I need to send the file however ?
It isn’t unusual to not have avast detect on VirusTotal when it does so on your system. VT isn’t able to update the VPS in real time as the user is and this is often the cause. Remember the point of submitting it to VT is to see what the other scanners find.
However, it would appear to be an FP or highly likely as the avast Win32:Trojan-gen is generic signature (the -gen at the end of the malware name), so that is trying to catch multiple variants of the same type of malware and is a fine balance between detecting a new variant and detecting something valid as infected.
So you do need to send the sample to avast and exclude the file from scans until corrected. See the link how to report and exclude in my first reply.
Thanks for the reply. I tried to e-mail the file to ALWIL directly from the chest, but it failed because
the file is too large. And I cannot zip the file because i would have to pay for the WinZip product.
However, by googling for Ma-config.com (where the suspect file looks to come from), as far as I can
understand, it appears to me that the suspect file is coming as a Firefox extension which have
been declared buggy by the author (causing a FP by Avast), and a new version of it is no more
detected by Avast as an infection. Anyway, I am not really interested by this extension, and most
probably will not install the corrected version of it.
If however if ALWIL would still wish to examine this file, please tell me how I can send it. Sorry,
I recognize it looks stupid from myself, but I do not really know how to do it.
Go to the avast Program Settings (right click on the avast icon), Chest section and increase the Max file size to send value to take account of the size of the file.
7zip as Tech mentions is a freeware archive (zip) program, it is what I use and it is relatively easy to use, including adding passwords to archives.
OK, thanks for the info, I did not notice that the e-mail file size limit could be increased.
So I set it to 10 times the standard limit value. It seems to have worked well, hope you
will receive it safely. I have put some info inside the mail so you can make the link.
Thanks to Tech for the link for the freeware archive program.