The file is bigger than 550 MB which is the maximum file size. I try to have it scan the URL but get the below screenshot attached; which doesn’t seem what would be reported from trying other URL’s as a test example… most likely because of it being a DL link URL. I greyed out part of the URL as it holds the personal details for my purchase to initiate the download of my product.
I dont think the DL is infected and Avast scanned the ISO it downloaded and reported no issues, however, the virus is in the connection, as Avast reports, not the file itself.
That’s why I was hoping I could privately share the URL with someone else who can help me decide if its a false positive or not; which would lead to the help on the link you provided. The only time Avast alerts me is when I use the DL link itself and its for the connection being infected once the DL begins. (see 2nd screenshot). The alert goes off about 8% into the DL.
I am just not sure were I would send the DL link that is the culprit once the DL begins from the options on the page you gave. I am not sure they would know for sure to initiate the DL to see what’s causing the alert.
I sent the download link with instructions to the possible false positive reporting site. I sent it as a URL yet if they are just checking the URL wihtout initiating the DL then its not gonna give them the info Im checking on.
Its a slightly odd scenario and I just want to make sure the web link gets checked properly by initiating the download so we can find out if someone is hijacking their downloads or even if they are responsible for it themselves.
PartedMagic is used in a lot of recovery CD/USBs and at least many years ago was highly regarded and trusted. Avast’s detection of the ISO is generic (Evo-gen[Susp]), and is more then likely a false positive.
If you’re handy with FTP software (read: WinSCP), you can directly upload files to Avast!'s FTP server. However, it is NOT monitored, and you must inform them a while is awaiting their notice. This shouldn’t be needed, as Avast! should be able to request a copy from the original source, however it doesn’t hurt.
I did a lot of research on Parted Magic and seen they seem to be very trusted. I dont think anything was malicious with them.
I dont know about a false positive though. All of a sudden my Edge would not stay open for more than about 2 minutes on any of my machines, like something was blocking them at the network/router level. When I could get it open, I couldn’t even get sites like virustotal to load. It would tell me I didn’t have any internet yet would load any other non-security related pages without issue.
I have spent the past few hours re-wiping and re-installing on my machines. I literally had no choice.
I personally think someone was hijacking the link, as crazy at it sounds, and injecting the variant into the download. As I stated above, because I could see Parted Magic was trustworthy, I turned off the web shield to download it. Since then all havoc began happening on my laptop and it spread to my other devices. It was more like the network or router were being hijacked, not the individual devices.
the file itself I think was totally safe as well. I think it was some super stealthy and sophisticated injection variant that took over my router until I reset it.
Ive sent the URL to Avast. I hope they check it by trying to download the file and see if they get the same alert. Then they can decide if its false or if a good company has come under attack.
A Moderator can lock this thread. I cant do any more.