Avast WEBforum
Other => Viruses and worms => Topic started by: UserA789 on October 22, 2013, 09:44:13 PM
-
Actually can someone check GMAIL. This is a consistent warning when I navigate to https://mail.google.com/ and Iv either been personally infected, walking past Avast to insert the file, but Avast stops its initiation or GMail is being attacked.
It is unique to the Internet Explorer 10 browser and does not occur on Chrome.
-
No alert for me on chrome.
-
Twin has arrived. Please listen to him.
Message deletred by OP
-
Gi UserA789
Trojan-Spy.HTML.BankFraud.dq is usually installed on the victims system after clicking on fake banking e-mail links, freeware, file-sharing p2p and pornographic related sites. After infecting the system Trojan-Spy.HTML.BankFraud.dq creates random malvare files in windows system32 registry. BankFraud.dq trojan will collect credit card, passwords and other confidential information and infect your computer with additional viruses.
This is a detection for HTML format e-mail messages that contain phishing-related content. Manual removal is not recommended for this threat.
You have to do the removal under guidance of a qualified malware removal specialist, we have several here on the forum. Do as alan1998 has advised and wait for the qualified malware removal expert on duty,
polonus
-
Hi,
Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool.
- Click on the Scan button.
- After the scan has finished click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
- After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
- Post logfile will also be saved in the C:\AdwCleaner folder.
Then...
Please download GMER, AntiRootkit tool from the link below and save it to your Desktop:
Gmer download link (http://www2.gmer.net/download.php)
Note: file will be random named
Double-clicking to run GMER.
- Wait for initial scan to finish - if there is any query, click No;
- Click Scan button and wait until the full scan is complete;
- Click Save ... - save the report to the Desktop (named Gmer );
> Attach here Gmer logreports.
Then...
Please download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) by Farbar and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
- Double-click to run it. When the tool opens click Yes to disclaimer.
- Under Optional Scan ensure "List BCD" and "Driver MD5" are ticked.
- Press Scan button.
- It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
- The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
-
Hi UserA789
Trojan-Spy.HTML.BankFraud.dq is usually installed on the victims system after clicking on fake banking e-mail links, freeware, file-sharing p2p and pornographic related sites. After infecting the system Trojan-Spy.HTML.BankFraud.dq creates random malvare files in windows system32 registry. BankFraud.dq trojan will collect credit card, passwords and other confidential information and infect your computer with additional viruses.
polonus
Okay.. I will research and follow TwinEagles information. so far he is suggesting WELL KNOWN documented softwares (by users who have made no effort to conceal their real identities) to get this done so Im comfortable enough with this.
Otherwise; unless they completely faked an email header from someone Im already in contact with; I have not opened any banking sites (don't have a bank to use) nor have I clicked on any links in those emails. I already understood this is not something that just happens and usually requires the user to iniaite via clicking on an illicit link (unknowingly). As well, this began occurring right after posting on the DNS stuff and I had already been in my GMail before that today with no problems.
I got over downloading/viewing porn whenI first upgraded to fiber.. I downloaqed al of it in two nights and erased my HDD seven times just to make room for new clips, when I ahdnt even watched the ones I was deleting. This was over five years ago. ;D
We should all know my feelings on filesharing at this point... its not that Im against the sharing but logic says since so many are freely trading it; ilicit users would be using it to spread their virus. And don't most packages tell you to disable your AV to use the CodeGenerator or Key Cracker?
I will begin immediate clearing of this Trojan type exploit/malware but can it install without user interaction (IE: click links, etc.)?
-
On Farbar... I got the warning that the file is rarely downladed by other users (which makes sense) but shouldn't someone have reported this files safety to MSFT, being its legitimacy?
-
All the tools used here are perfectly legitimate, so you can be sure when using them...
-
Hi UserA789,
Nothing to do with you opening or using banking sites etc, the malcode came via the postman, it came by mail.
Did this pass your ISP's virus and spam mail detection.?
Did you have the avast mail detection active at the time you received this?
Did it go passed this as well?
Were you socially engineered into opening it?.
I still use the old webwasher free version with all the nice spam detection lists hammered in there myself .
I won't shout on the Interwebs, because that is not polite.
So please think of the next sentence in italics as written in big capitals. I trust nobody!
polonus
-
Hi UserA789,
You are not the only one with this malware, so change your adaptations accordingly, see: http://forum.avast.com/index.php?topic=137700.0
polonus
-
Here are the log files. I will ask that this thread later be deleted or my log files removed from view. There is a lot one can do simply with the directory structure or computer name. However, I will participate on this one.
-
Hi UserA789,
You are not the only one with this malware, so change your adaptations accordingly, see: http://forum.avast.com/index.php?topic=137700.0
polonus
That thread is referred back to this one. I believe this thread is the superseding documentation(s).
Thanks for seeing that though. I noticed as well.
Other than Im just patiently waiting.
Oh yea, I used the tools without my internet connection active but it looks like something was uncovered. Let me know my next steps when you are ready.
-
Hi UserA789,
Nothing to do with you opening or using banking sites etc, the malcode came via the postman, it came by mail.
Did this pass your ISP's virus and spam mail detection.? -Apparently... and they are one of the best for catching stuff like this
Did you have the avast mail detection active at the time you received this? No... I do not use mail client readers because they download header and other information no matter what you steps one takes to prevent this. Its an inherent flaw in client email readers.
Did it go passed this as well? Yes. Past everything.
Were you socially engineered into opening it?. Only if it was caused through communication here. I don't do FB links from even my friends. I turst many links on this forum, however. I wasn't insulting anyone just saying this is the only place I really click links.
I still use the old webwasher free version with all the nice spam detection lists hammered in there myself .
I won't shout on the Interwebs, because that is not polite. -I am a former Admin Chief from the USMC and capitals were not shouting, asthey are now. they were simple denotation of importance.
So please think of the next sentence in italics as written in big capitals. I trust nobody!
polonus
Havent opened any unknown webmails, that Im aware of. Im pretty good at investigating the FULL header information as well. The other user on the machine had a scare with ID fraud two years ago (Iv posted about it) and she has stepped up her efforts as high as mine. There is another machine on the network (laptop) coming up with the infection just today as well. Do I need to run the same logs or can we assume that we can deal with it along with the main device here?
The other user does not do ANY social web interfacing. She thinks its all a waste of breathe and is right.
EDIT: If this is a new variant; I would like to submit 'The HyJax Variant' for its name.
-
I am also interested in the answer to this thread. I am in the process of setting up a brand new PC and I am getting this same error message when trying to navigate to Gmail through IE. If needed, I can also post my log files as I have going through twins recommended steps as well.
Best,
TheChad
-
Hello. This is also started happening to me every time I load the gmail login page since this evening, whenever I'm using Firefox (version 24.0). It doesn't happen with Safari. I have a Mac OS 10.7.5.
Today was also the first time for me of the new gmail login interface, and I didn't click on any suspect e-mails recently, so it seems that it may be a problem with this new gmail interface on some browsers. ???
-
Saavik may be on to something... in Chrome and Firefox I am directed to Gmail's new sign-in page and get no error, however, in IE, I am directed to the old sign-in page and get the error every time...
Weird
TheChad
-
What tools should I use with MAC OSX 10.6? The CCleaner I have, but all the other tools are for windows, which tools should I use? I'm using safari, and I also get the pop while in chrome. I downloaded the TOR browser last night could this have been the problem?
-
Oops, sorry I posted the same issue in the other thread, which referred back to this thread.
I'm using Internet Explorer 10, btw. I tried Firefox and there seems to be no issues. But I'm paranoid to use Firefox now. If one browser isn't right, I don't trust any of them.
I was trying to research this topic, and actually stumbled upon an old thread about a similar "Bankfraud-BBE", which was a false positive which was corrected when Avast! provided an update? Is this "Bankfraud-BYL" just a similar thing? Or if not, I'm no computer expert. I really need someone's guidance if my PC is being attacked. I already logged into an e-mail account, my FB, and my bank account yesterday. Now I'm extremely paranoid and on the edge, I can't even attend to my studies. I didn't start getting this alert until literally few hours ago. I had no issues with Gmail this MORNING. Strange that it appears 5 hours later, when NO ONE was on my laptop.
-
Could a moderator mege the two threads? Im changing my topic heading to include the name of this Trojan... even if it is just a good trace mark for the developer. Its a little late now for bug fixes :'( t this new little variant.
-
Here are some similar incidents in the past:
1) http://www.androidheadlines.com/2013/03/avast-mobile-security-giving-false-positives-for-malware.html
2) http://downloadsquad.switched.com/2009/12/03/avast-has-a-freak-out-goes-on-a-false-positive-spree/
And here is someone who is experiencing the same thing, so I guess this is occurring for a lot more people than expected. So either we're all screwed, or hopefully there is just a glitch in the virus definitions, etc.
http://www.pcadvisor.co.uk/forums/1/tech-helproom/4259508/avast-is-doing-something-odd-when-opening-gmail/
-
Your PC is clear, no malware present
Let's clear the tools:
Please download DelFix (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix) by "Xplode" to your Desktop.
Run the tool and check the following boxes below;
- Remove disinfection tools
- Create registry backup
- Purge System Restore
Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt
> I don't need DelFix log report.
-
Hello everybody. Here the same problem.
The first thing I've done is restoring the sistem to yesterday date. then I've found this threat at this forum.
I'm attaching here the files with the log reports
thx in advance.
-
Your PC is clear, no malware present
Let's clear the tools:
Please download DelFix (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix) by "Xplode" to your Desktop.
Run the tool and check the following boxes below;
- Remove disinfection tools
- Create registry backup
- Purge System Restore
Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt
> I don't need DelFix log report.
Awesome news, thanks for your help twin! When this warning comes up, should we then report it as a false positive?
Best,
TheChad
-
Can someone please tell me what is going on? Everytime I try to sign in to my google account, my computer says it has put the HTML:Bankfraud-BYL [Trj] into the virus chest. I am now seeing tons of people across the web complaining about the same thing happening to them. They use avast too. HELP Please
-
Your PC is clear, no malware present
Let's clear the tools:
Please download DelFix (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix) by "Xplode" to your Desktop.
Run the tool and check the following boxes below;
- Remove disinfection tools
- Create registry backup
- Purge System Restore
Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt
> I don't need DelFix log report.
I will do this but I have a question (or two):
So is this a false positive? My Avast just updated and Im getting the same message; is Avast aware of whats causing the false positive?
Can I feel safe to check my GMail? Why shouldn't we be worried about that this is a real warning and not a false positive?
Being that some hackers are aware of the tools we are asked to use here; could it be something that is 'trained' to get past them?
Im not trying to insert conflict against recommendation, but others seem to encountering this and if Avast still ID's it as malware when I goto GMail I should trust Avast.
Could this be some DNS, or other style, web page traffic 'monitoring' attack?
(Iv had some other DNS style happenings taking place and have been posting them in another thread that behaves differently from the usual DNS manipulation approach: http://forum.avast.com/index.php?topic=136551.0)
-
So is this a false positive? My Avast just updated and Im getting the same message; is Avast aware of whats causing the false positive?
Looks like a false positive as others are experiencing the same problem:
http://forum.avast.com/index.php?topic=137700.0
Hope Avast is looking into it though so we can be 100% sure abut this.
-
So is this a false positive? My Avast just updated and Im getting the same message; is Avast aware of whats causing the false positive?
Looks like a false positive as others are experiencing the same problem:
http://forum.avast.com/index.php?topic=137700.0
Hope Avast is looking into it though so we can be 100% sure abut this.
That thread is a secondary thread of this thread. There is nothing yet to say this is a false positive either.
Maybe Im mistaken here but if it was a false positive; wouldn't it go off regardless of using Chrome, IE, or FF? This seems to be mostly confined to IE users plus one FF user on a Mac (Don't know how Windows Avast would give the same FP as Mac Avast).Your PC is clear, no malware present
Let's clear the tools:
Please download DelFix (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix) by "Xplode" to your Desktop.
Run the tool and check the following boxes below;
- Remove disinfection tools
- Create registry backup
- Purge System Restore
Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt
> I don't need DelFix log report.
Ran this and log was created.
I have one other question; would it matter what profile I ran the suggested tools from (I ran them from my main administrator account, not my normal user account)?
My apologies for my spelling errors. As an Admin Chief, I did have to spell correctly. This had me in a rush so my elderly mother can pay her bills... safely. I promise, I am not King Abdul Ma Jarhahara form Nigeria (LOL) :o
-
That thread is a secondary thread of this thread. There is nothing yet to say this is a false positive either.
That thread deals with the same issue. Only Avast will be able to confirm conclusively if it's a false positive though, but the odds are high that it is. Hopefully they will look into it soon.
Maybe Im mistaken here but if it was a false positive; wouldn't it go off regardless of using Chrome, IE, or FF?
Not necessarily, Google does it all the time. They detect the user agent of your browser and serve slightly different responses.
-
Apparently this is a false positive. Just saw a post on FB from avast.
-
Not necessarily, Google does it all the time. They detect the user agent of your browser and serve slightly different responses.
...and the MAC user?
Im getting confident it is a FP but Im used to things like that being fixed in the next update Avast releases. I know this may something that is harder to find out than normal but Im going off what Im used to on things like FP and Avast.
However; there is a new surge in DNS style attacks and my original query to this all was more concerned this is something attacking GMail.
Hope Avast is looking into it though so we can be 100% sure abut this.
No need to hope... they are usually on it. I hope that's all this paranoid thread turns into as well.
Additionally, if this is simply a FP; I will add that to the title of this thread to insure others aren't more concerned than need be.
It is possible to become infected by simple navigation to a website WITHOUT further end user interactions. Does anyone remember "nCase" infecting PC's by simply going to realplayer website? 180 Solutions opened our eyes in the manner of what we thought was possible vs what is truly possible.
-
Now my Chrome is not functioning. Is this part of the same issue...?
See picture below
-
...and the MAC user?
Yes. The useragent sent by the browser to the server includes (among other things) the browser type/version and the operating system you're using. Using this information the web site can customize the output so it displays correctly on mobile devices for example, or to target users using OS's that support their software, etc.
-
...and the MAC user?
Yes. The useragent sent by the browser to the server includes (among other things) the browser type/version and the operating system you're using. Using this information the web site can customize the output so it displays correctly on mobile devices for example, or to target users using OS's that support their software, etc.
So you would suggest that Avast has the same FP error in Mac and Windows due to different browser ID's and Operating Specific Data (OS Identifiers). That kinda confuses me. How about PMing me more to explain this so the thread can maintain its integrity to the OP. Thanks.
Cool. Did you see my post on Chrome not working above your reply?
===================================================================
So I thought, maybe I need to update Java. I went to my Admin profile and opened the Java Control Center. Had the latest version but it would not close.
-
Cool. Did you see my post on Chrome not working above your reply?
Mmm ... I don't use Chrome so can't offer any suggestions but I have a feeling that is an unrelated issue. Maybe a Chrome user can chime in.
-
Cool. Did you see my post on Chrome not working above your reply?
Mmm ... I don't use Chrome so can't offer any suggestions but I have a feeling that is an unrelated issue. Maybe a Chrome user can chime in.
Things not right in my FB login either. I have my FB set up to REQUIRE a code, if not already approved. I went in deleted ALL DEVICES.. I opened ACTIVE SESSIONS and ended all activity. Closed the browser then restarted the entire PC...
I was not prompted for a security code, as usually occurs when doing these steps. I was logged into FB as though I had never logged out or as though I had saved a browser/device. As you can see this was not so.
More things and more things are coming up inconsistent; and all occurring after this Gmail Bankfruad notification.
EDIT: I have just been made aware that somehow texts are being sent from my Facebook to my friends in my phones contact list (in other words; they aren't even on FB). So from my phone to my PC; Im having some definite issues... funny how #Google is in the middle of it all.
-
Posted this on another thread here too:
I have a multiple license for Internet Security package & the very first use right after updating to the latest version 2014.9.0.2006 trying to go to GMAIL, on each machine, where the update was taken a day apart, the message for Bankfraud-BYL started.
My concern is that the trojan went undetected in the earlier version, not that it is being trapped in the latest version.
What complicates it for me is that I was getting an unfamilar logon screen for GMAIL for a day or two on the 2nd machine BEFORE the update was done on it today and Avast did not trap it under the earlier version - will try to search if Google did in fact put out a new login page in a moment...
attached the GMAIL login screen in question:
-
found news on Mashable that at least the new GMAIL login screen is valid! You can read about here: http://mashable.com/2013/10/20/gmail-login-redesign/
-
Posted this on another thread here too:
I have a multiple license for Internet Security package & the very first use right after updating to the latest version 2014.9.0.2006 trying to go to GMAIL, on each machine, where the update was taken a day apart, the message for Bankfraud-BYL started.
My concern is that the trojan went undetected in the earlier version, not that it is being trapped in the latest version.
What complicates it for me is that I was getting an unfamilar logon screen for GMAIL for a day or two on the 2nd machine BEFORE the update was done on it today and Avast did not trap it under the earlier version - will try to search if Google did in fact put out a new login page in a moment...
attached the GMAIL login screen in question:
Just out of sheer coincidence, I don't think you need to worry about this. I unpacked a brand new laptop last night and immediately installed avast. The first thing I did online was go to gmail and it popped up with this error which made me think that it was a false alarm. That being said, I did not have any earlier versions loaded on that machine before the most recent one.
Best,
TheChad
-
EDIT: It appears the relevant post has been deleted
-
Okay... when I go to google.com and lcick on the GMail link there Im directed to the screen in shot 1. From their I click on the top right "Sign In" and Im at the NEW Google log in screen.
The new login screen is verified.
However, when I type in mail.google.com I get the HTML: BankFruad warning screen and the old look. It appears that someone has 'rooted' (I think that's the term) the old mail page for Google, or maybe that's why Google changed it to begin with. Thanks to Avast, Im sure Im fine now.
Either way, I only get the so called FP on the old log in screen.
Now to clear up my phone issue. My friend was sent a message to look like it was from me, but they misspelled my name. That is now a moot issue and explained. Sorry to interject details that were not accurate. However; I did experience the lack of security on my FB page login (like that's any surprise at any point); I don't know if its related to whats occurring on the old GMail login screen or just the genius' at FB development.
As well, my Chrome is still doing the same thing indicated earlier. I will uninstall; run a virus scan, then re-install Chrome from scratch.
Be back in a few minutes with the results...
-
Okay... who wants to explain this now?
I uninstalled Chrome. Cleaned my reg and junk files. Restarted. Did not do a scan... sorry, Ill get to that next.
After all that, I open Chrome. It goes to the Chrome GMail start Screen as usual. So I open a new tab and try the exact thing mentioned above... I typed in the address window "google.com' and hit enter. I click on the top right GMail link as mentioned above; I get sent to the OLD log in screen with the Trojan message again. THIS WAS IN CHROME FROM THE ADMIN PROFILE.
Plus Avast reports the site as UNKNOWN ???
So I log out of the profile. I log into the normal user profile and once again Chrome reports 'Your preferences cannot be read..." dialog box.
However, IE goes to the OLD page once... I close and repeat the procedure and Im back to the NEW log in.
So, maybe this thread is back to its original title...
Re: Attack On GMAIL or My PC? HTML:Bankfraud-BYL Trojan
Hypothesis: Illicit 'something' is occurring on Google right now. TwinHeadedEagle reports no malware on my machine... I'll buy that for more than a dollar. Everything else is back to normal; including FB. I will be removing Chrome again; since it's apparently its choking on something right now.
I will be happy to try and reinstall Chrome for testing.. but you all now have all the clear details I have.
..any other thoughts would be appreciated.
-
I am having the same problem, it occurred after looking up banking information on Mint.com. I have gone through the whole removal protocal that TWIN mentioned and am now ready to attach info so that someone can check if the problem has been resolved. Thank you for your time.
Justin
-
Found the intiating link for the stranger problems. A friend with the following link to one of my posts on another social site:
http://sitecheck.sucuri.net/results/teenink.com/mobile/213135/ -this may be due to it requiring a subscription though. Im unsure if the site does require subscription for viewing.
EDIT: (mainly to remove creepiness) ...just to clarify; my friends daughter sent him the link attached to a video of Jimmy Kimmel interviewing people on the street, asking which act they supported more: The Obama Care Act or The Affordable Health Care Act. Now Im not getting political here because those are the EXACT same thing... it was just funny to watch how many people knew so much about two different things that were not two different things.
This is the check on the site; which reports warnings but not blacklisted. Since cleaning things a bit better; I'll check GMail issues (if still being sent to the older login screen that gives the warning) and the Chrome issues now.
-
Hello,
I believe someone else has already said it, but I checked on Avast Facebook page and they have replied to some questions regarding this issue as being a false positive. After the last update, I'm able to login to gmail without any warnings. :)
From https://www.facebook.com/avast?filter=2 :
Thank you for reporting this. Trojan Horse" HTML:Bankfraud-BYL [Trj] was a false positive, and the detection is already disabled (should be OK in the next VPS). It was falsely detecting Gmail login page in specific circumstances.
As for the new/old gmail layout, it seems to come and go, sometimes I get the new one and sometimes the old and this was already happening for a couple days, but this didn't seem to make any difference when avast reported the Trojan.
Hope this helps.
-
Im down it was a false positive. Most likely from some Gmail servers having the new log in so when you'd end up on a server not yet updated; it would give the UNKNOWN info to Avast (as far as webrep) and set off an alarm because Avast knew the screen didn't match current Google server records (that were updated BEFORE the servers).
Regardless, Im having issues that I cant explain. I can only get Chrome to run on one profile, the others give the error in the screenshot below. As well, my Avast Miniport NDIS driver reports it cannot run (I have a thread on that one). Il take the Chrome issue to Chrome support.
Im not fanning this subject; If Avast is comfortable enough to say it was ONLY a FP and could not have been anything else, then this thread can be locked from further commenting but I still have a pile of inconsistencies that started AFTER the Avast False Positive warning of a Trojan.
-
Okay...
Im not trying to beat this dead horse, I am putting this for disclaimer:
The solutions to what is happening in my Chrome, via Chrome support, do not match what is going on inside my Chrome (IE. files, directories, shares, etc.) This al began when this alert started going off. Iv tried both stanaldone installers for Chrome and I can get them to work on every profile on my PC but one. Of course Im not getting the error now as Avast as made it so it wont.
That's all.
-
Can anyone (with a longer history on this site then just a few posts. No offense.) confirm that this is actually a false positive. I've followed the Facebook links and can't find the Topic nor a reply from an avast rep saying It's a False Positive.
-
Hello !
I'm sorry to post my own issue as my very first message on Avast forum, but this is bugging me since three days.
I've read TwinHeadedEagle's post on page 2 stating I have to :
1) download AdwCleaner and install
2) launch a scan, reboot then open the log file
3) post here that log file
4) download GMER and install
5) launch a scan, and post log file (same as above)
6) ..... same with Farbar Recovery Scan Tool
^^ then some of you said this threat could be a false positive.
Now, I don't know what to think, since this is my parent's computer, Win8 home (so I'm unsure the above applications will work fine, and how to remove them after all this - not my computer as I said)
Thanks in advance for giving some lights about this issue.
-
No alerts for me on Firefox. I have the gmail notifier so I'm always logged in.
-
I'm not sure what to think either since I've followed the links to Facebook that others in this very topic have posted. None of them on avast's Facebook page have anyone from avast saying that it was a false positive.
I finally found one by searching this topic on Google. It was only visible by viewing the cached version. Why would Avast delete or remove this topic and their response from their Facebook page? Because of this and the fact that those who posted on this forum that this was a false positive have low (1-4) post counts I'm skeptical.
I've found other posts with the same scenario to what has been posted here on other websites forums / discussion boards. One was a Google discussion board topic about this very subject. Then in the topic Someone with only one post to their history pops up and says avast posted on their Facebook page that it's a false positive. Yet I spent over an hour going over avast's Facebook page and nothing.