(fixed - false positive) A potential virus on Filetrip

Shinigami Kiba

Well-Known Member
OP
Member
Joined
Oct 28, 2007
Messages
618
Trophies
1
Age
39
XP
603
Country
Macedonia, The Former Yugoslav Republic of
UPDATE: Alright folks, whatever it was it was fortunatley a false positive

I have uploaded the file to VirusTotal and it seems it's 100% safe

View attachment 60987

none of the 68 antiviruses detect any problem.

since your thread title might scare users I have taken the liberty of renaming it to indicate a false positive.

also Filetrip has an antivirus running on the servers that periodically scans for malware and removes it.
of course there is still the possibility that someone uploads malware that isn't detected by the antivirus, but it isn't the case here.

----------------
I don't know if Filetrip is part of GBAtemp or not but I was updating emulators on my Wii when I tried to download snes9x GX 4.3.2 and was told by Windows Defender that the file contains a virus, so it promptly deleted it.
https://filetrip.net/wiiu-downloads/homebrew/download-snes9x-gx-4-3-2-f31107.html

I thought it might be a false positive and that Windows Defender was picking up something form inside the archive so foolishly i temporarly disabled realtime protection, downloaded the 7zip archive and tried to run it just to be told that it's corrupted by winrar.

I don't know if there was something in there and if something executed or not, I enabled windows defender's realtime protection again, ran a scan, ran a scan with malwarebytes too and nothing turned up but you never know what damage might have been caused.

I keep my computer clean and well maintained, I may not be a computer person or a tech savvy guy but I know enough to keep spyware and malware off my system so this caught me off guard.
 
Last edited by Shinigami Kiba,

Seriel

Doing her best
Member
Joined
Aug 18, 2015
Messages
3,284
Trophies
3
Age
23
Location
UK
XP
5,263
Country
United Kingdom
?
upload_2016-8-30_14-58-45.png
 

raulpica

With your drill, thrust to the sky!
Former Staff
Joined
Oct 23, 2007
Messages
11,056
Trophies
0
Location
PowerLevel: 9001
XP
5,713
Country
Italy
@Shinigami Kiba
Are you sure you didn't click on one of those fake popups that lead you to OTHER downloads? (which are malware)

Sadly we don't have control on ads, so sometimes stuff like that slips in without us noticing.

The real download button is on the right and has the "Download File" text on it.
 
  • Like
Reactions: Seriel

Shinigami Kiba

Well-Known Member
OP
Member
Joined
Oct 28, 2007
Messages
618
Trophies
1
Age
39
XP
603
Country
Macedonia, The Former Yugoslav Republic of
Guys, I don't see any pop ups.
After clicking the download button it takes me to the regular download page, that's where it downloads the bad 7zip.
It's the only file that does this as far as im aware, I ever recorded a video of it.


but get this, after recording the video of it I was able to download a clean non virus infested version so either someone fixed it or I don't know what happened.

I tried like 10 times and it did the same as in the video

My system is clean and well maintained

edit: also my connection is 15Mbps and no files don't take this long to download normally, especially not small ones like that, so that's on the site's end, I can post video proof of this too if needed.
 
Last edited by Shinigami Kiba,

leerz

Well-Known Member
Member
Joined
Jan 11, 2015
Messages
648
Trophies
0
Age
35
Location
Makati
Website
leerz25.sitesled.com
XP
1,578
Country
Probably ea false positive, scanners use patterns, zip/rar compression on rare occasions, the composition result of the files could be similar to that of a malware footprint . How the characters are jumbled up
 

Shinigami Kiba

Well-Known Member
OP
Member
Joined
Oct 28, 2007
Messages
618
Trophies
1
Age
39
XP
603
Country
Macedonia, The Former Yugoslav Republic of
That does make sense, it kept downloading a corrupt file and maybe windows defender thought something was off, but why did it keep downloading that one file as corrupt
 

Costello

Headmaster
Administrator
Joined
Oct 24, 2002
Messages
14,143
Trophies
4
XP
18,827
I have uploaded the file to VirusTotal and it seems it's 100% safe

upload_2016-9-2_8-56-9.png


none of the 68 antiviruses detect any problem.

since your thread title might scare users I have taken the liberty of renaming it to indicate a false positive.

also Filetrip has an antivirus running on the servers that periodically scans for malware and removes it.
of course there is still the possibility that someone uploads malware that isn't detected by the antivirus, but it isn't the case here.
 

Shinigami Kiba

Well-Known Member
OP
Member
Joined
Oct 28, 2007
Messages
618
Trophies
1
Age
39
XP
603
Country
Macedonia, The Former Yugoslav Republic of
Thanks, I think whatever was causing this was definitely due to some weird corruption in the file that tricked windows defender to think something wasn't right.
I checked and re-checked my system with several anti malware tools I trust and so far it's all clean

Edited your post into the OP so people see it first thing they click on the topic
 
Last edited by Shinigami Kiba,

You may also like...

General chit-chat
Help Users
  • No one is chatting at the moment.
  • captainbob321 @ captainbob321:
    Hello!
  • captainbob321 @ captainbob321:
    What's so Funny, @M4x1mumReZ
    ?
    +1
  • M4x1mumReZ @ M4x1mumReZ:
    Welcome new user
  • trepp0 @ trepp0:
    Just got the notice that school is being released 2 hours early cause of the winter storm
  • trepp0 @ trepp0:
    lets go
  • Psionic Roshambo @ Psionic Roshambo:
    Better than 3 hours late from a lockdown lol
    +1
  • FAST6191 @ FAST6191:
    While I know you mean in case of someone confusing schooling establishment from shooting establishment (many of the same letters) I am still going to read that as lockdown (also known as lock in) for a pub
  • FAST6191 @ FAST6191:
    where if you were in the club you could be invited to be there as a guest of the landlords after things are supposed to stop being served
  • FAST6191 @ FAST6191:
    Have technically done that in a school but it was the sports centre associated with the school more than the school itself
  • FAST6191 @ FAST6191:
    being drunk in school was either because drunk on playing field or could not be arsed with one particular Thursday afternoon so went and had some beers and played some games instead before returning for an ill advised last lesson/period
  • K3N1 @ K3N1:
    Being drunk and high in school was cool
  • K3N1 @ K3N1:
    It was high school
  • The Real Jdbye @ The Real Jdbye:
    my power cut out twice
  • The Real Jdbye @ The Real Jdbye:
    my pi running octoprint wiped all my plugins and i cba to fix it
  • Psionic Roshambo @ Psionic Roshambo:
    No pi for you lol
  • Sonic Angel Knight @ Sonic Angel Knight:
    Psi, you didn't spell your name right
  • Sonic Angel Knight @ Sonic Angel Knight:
    It's "Psionic" not "PI"
  • Psionic Roshambo @ Psionic Roshambo:
    So R Kelly is probably pissing himself right now
    +1
  • K3N1 @ K3N1:
    R Kelly knows how to piss on himself?
    +1
    Psionic Roshambo @ Psionic Roshambo: Lol