Hi,
I tried to download a file and Avast said it contains a malware:
VBS:Malware-gen
This file is something I got after I purchased it. It’s a zip file that opens up a software. I bought it from http://www.tradebit.com I am 100% sure the owner selling this has the rights to sell this products on that site.
So is this a false alarm or real? And if it is false how do you actually know it?
Thanks,
Karl
Upload the file to VirusTotal www.virustotal.com and when you have the result copy the URL in the addressbar and post it HERE
also send to virus(at)avast(dot)com in password protected zip.file with password in the mail
Hi,
I did that, here’s the URL:
http://www.virustotal.com/analisis/707a2692c20d3130040e95fd2c50a892df8e810c2e6e57a21f3b16c22b31e91d-1268040527
Any idea, seems it’s clean but I don’t really understand how to read that…
Karl
Jepp VT shows clean, if any detection you would see the malware name in red on the right side of the scanner detecting it
update your avast and try download again
Hi Karl
There may have been malware on the page.
The webmaster seems to have got on to it - because the domain seems taken down.
I’m getting these messages when I safe browse the domain –
‘blank page / could not connect’
‘Empty source - Could not connect to site?’
[s]So I guess they were getting the reports from their visitors about warnings.
Just a waiting game now and see when they are back on the web.
Other than that buddy there is not a lot to go on. If you purchased something and left your email address, then they should notify you about taking the domain down. But careful with emails too. If they send you one, you don’t need open it just yet.
Best check that domain[/s] - hxxp://www.tradebit.com - every now and then for when it comes back up.
I think you be okay. However, do you see how I have neutralised the link by replacing http with hxxp? I do this just in case the link is dangerous - a routine practice on this forum, and you might be advised to do the same with the link in your post. It’s good practice. But I think the webmaster at tradebit has taken the domain down while they check the pages for infections, and if the warnings turn out to be false positives (false alerts), then I imagine they will get on to avast and sort it out.
Best just wait it out.
oh okay they are not down.
home page is up
I cannot go further, probably because website requires a log in.
Can you explain what you sent to VT because the warning says that the malware was stopped from entering yr computer - you sent a file from the software you purchased I guess - meanwhile, the warning possibly comes from a file or frame on the web page you were downloading from.
Just take care for now. It looks like a genuine drive-by hit that avast has rebuffed. Notify the owner if you are able to email them.
Hi,
I notified them, the site: hxxp://www.tradebit.com is up and running now…
I clicked on Download link to download the product, and then before it was even 100% completely downloaded Avast gave me the virus alert warning.
So the file I have on my PC is basically empty, even if I ignore avast warning because it was not downloaded properly it says or something like that.
I sent the thing I was able to download to avast via email.
Now I wait to see the site reply.
Thanks for your help!
Karl
Well done. I’m not sure if the site had been taken down or not. But now they know. 