Hey,
An hour or so ago I downloaded the osTicket-v1.11.0-rc1 package from the website, for a fresh install.
After the install Avast kept killing the connection, and I ended up running a scan on the zip file.
According to Avast, 10 files are infected by HTML:ChaseBank-A [Phish]
Tried to download the developer-next version, and avast kills the connection, warning the file if infected...
https://github.com/osTicket/osTicket/tree/develop-next
There is no way the github package is infected unless github/your system was infected.
What's avast complaining about specifically with the package from the site? Maybe false positive from avast?
Cheers.
I use avast & malwarebytes, so I'm confident my system is clean. Plus, avast kills the connection when I try to download the file from github.
It doesn't kills the connection when I kdownload the rc1 from the website.
It flags 10 files in the zip file as being infected.
I'm thinking that maybe my avast installation might be broken in some way,...
Edit: I updated Avast & restart the system. No luck, still flags the file as being infected.
Would you mind scanning on your side and let me know what if its flagged?
Can you download any package from github.com? If not then it's definitely avast giving false positive?
What lines specifically in the files are triggering the avast errors? All the files in your screenshot haven't been touched in 3 years...
Cheers.
I had to whitelist my osTicket install to make it work, otherwise avast kills it.
The files are;
include\upgrader\ungrade.inc.php
include\upgrader\prereq.inc.php
include\upgrader\rename.inc.pt
include\staff\syslogs.inc.php
include\staff\emails.inc.php
include\staff\pwreset.sent.php
include\staff\login.tpl.php
include\client\accesslink.inc.php
include\client\register.inc.php
include\client\login.inc.php
Can you scan the files using a different virus scanner? I used https://virustotal.com/ and it said all is good with the zip and the files...
I'm almost 100% positive that Avast is giving you false positives on the files. If you can confirm as well then you can report False Positives to Avast here:
Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php
Report a malicious sample (select file or website)
https://www.avast.com/report-malicious-file.php
Cheers.
