Avast WEBforum
Other => Viruses and worms => Topic started by: Amgeek on October 22, 2018, 11:14:41 PM
-
Started forme this afternoon (10/22/18 5 PM EST) for me when I started restoring Wordpress and Joomla! backups on my server using Akeeba backup and kickstart.
10/22/2018 3:42:10 PM http://www.control.xxxxx.net/installation/index.php?view=setup [L] HTML:ChaseBank-A [Phish] (0)
10/22/2018 3:47:54 PM http://www.control.xxxxxx.net/installation/index.php?view=setup [L] HTML:ChaseBank-A [Phish] (0)
10/22/2018 3:53:42 PM http://www.control.xxxxxx.net/installation/index.php?view=setup [L] HTML:ChaseBank-A [Phish] (0)
10/22/2018 4:44:01 PM http://www.yyyyyy.xxxxxx.net/installation/index.php?view=setup [L] HTML:ChaseBank-A [Phish] (0)
10/22/2018 4:59:43 PM http://www.yyyyy.xxxxxx.net/installation/index.php?view=setup [L] HTML:ChaseBank-A [Phish] (0)
I also use Ublock (as others with this issue) so I disabled it - no change
Tried both Chrome and Firefox
So..... Am assuming they are false positives.
Can anyone at avast confirm.
Thanks
Amgeek
-
How to report >> https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438
-
How to report >> https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438
Except that in my situation, I can't report my router's URL or any associated files, because there is none. Believe me, I tried. Here's the CopyPasta from the other thread I accidentally posted in. Oh, and BTW, if your bad sig files are detecting this router as defective, there's only a few dozen MILLION other Comcast Customers around the US that might be having the same problems.
I just installed a brand new out of box Arris SVG2482AC router and Avast is telling me that it (The Router) is infected with HTML:ChaseBank-A [Phish] and blocks access to it. These are generally considered DNS hijacking situations, but the router reports legitimate Comcast DNS numbers.
I called Arris, and they said that it is not possible to infect one of these routers. It has essentially the same firmware as Xfinity's routers. The problem didn't show up until I rebooted my machines after the new router install and (I assume) it updated Avast's virus files.
Since 192.168.0.1 is not a valid URL or a file, I can't submit this via the "Report False Positives" Page.
I can't even access the router configuration and to try the suggestions Avast provides without first disabling Avast. Even the internet is iffy without disabling avast.
You need to Fix this. Now.
-
Except that in my situation, I can't report my router's URL or any associated files, because there is none.
It is still possible to report and describe the problem ..
-
Reported here as well: https://community.spiceworks.com/topic/2170654-threat-description-html-chasebank-a-phish?utm_campaign=item&utm_medium=rss&utm_source=global
Hope "avast's first order" will fix this soon.
polonus
-
This FP was fixed in new VPS, please update manually.
-
Today I received two reports of people getting blocked from particular pages on our password protected site—same reason: HTML:ChaseBank-A [Phish]
I reported on the Avast false positives report page.
How can I check our site for problems?
Do I need to tell each end user that gets blocked to manually update their Avast software?
-
Today I received two reports of people getting blocked from particular pages on our password protected site—same reason: HTML:ChaseBank-A [Phish]
I reported on the Avast false positives report page.
How can I check our site for problems?
Do I need to tell each end user that gets blocked to manually update their Avast software?
First, you are posting after an avast team member has acknowledged this is an FP (False Positive) so you shouldn't need to check your site for problems.
Second, the Virus Definitions Updates happen automatically during the course of the day (several of them). In instances like this where people are actually experiencing this and reporting it in the forums, the advice would be to manually update the virus definitions. For those not experiencing it first hand (haven't visited your site recently) will get the update automatically.