HTML/Phish (Virus detected Chrome on Windows)

mtrxyz

New Member
After much testing - clearing the chrome cache -- uninstalling and reinstalling chrome -- I finally figured this out: when logging into Outlook.com on chrome with Adguard enabled, the Windows Defender Security Center is triggered, telling me I have a SEVERE problem (I have attached a screenshot).

http://i.imgur.com/eK5b8sF.png

This happens every time I login using the chrome browser, but not other browsers. What exactly is going on and how do I fix it?

PS: Is this happening to anybody else?
 

mtrxyz

New Member
Hi yes, I have run several malware checkers including malwarebytes, and the PC is clean. When I disable adguard, everything works fine. This issues only comes up when I am logging into outlook.com on Chrome with Adguard turned on. If adguard is turned off, there is no virus prompt.
 

mtrxyz

New Member
Well, here's what I did, in order:
1) I deleted Chrome using REVO Uninstaller, cleaning up all the registry keys and user profile documents.
2) I rebooted, cleaned my computer with Windows Cleanup and also with CCleaner
3) Rebooted then ran a full Windows Defender Scan (came up, clean) and a full malwarebytes scan (also clean)
4) Reinstalled Chrome and then logged into Outlook with no extensions and with Adguard OFF (there was no problem, no prompt, no warning from defender)
5) Rebooted, then cleared the chrome cache
6) Turned Adguard ON and logged into Outlook, got the same warning as above

I am baffled. Because it seems that the problem is Adguard on the Windows Surface Book. But maybe it's something deeper.

This is driving me crazy.
 

mtrxyz

New Member
Note - I just tried this on a second computer and I am getting the exact same prompt. Only with Adguard turned on. I WAS not getting this on the second computer until I installed Cumulative Update for Windows KB4034674) - Does anybody have that update installed and is getting the prompt? I honestly don't know what to do - I was going to completely wipe my computer, but the fact that it is happening on both without Chrome extentions makes me think this is not malware.
 

Meignen Hugo

New Member
Hello ! I have the exact same problem ! With Outlook, Adguard and Chrome.
That night my Paypal Account was hacked because of this Phishing Trojan/Virus.
And this Trojan/Virus shows up when i go on outlook like you...

(I'm french so forgive me if there is any faults).
 

mtrxyz

New Member
Completely removed Chrome and Adguard
-- Reinstalled Chrome WITHOUT Adguard

Problem solved. It seems like Adguard is inserting some sort of HTML script into the browser that Defender recognizes as a phishing script. I'm not saying that Adguard is doing anything evil, but Defender certainly thinks so. Now that Adguard is GONE, Defender, Malwarebytes, Sophos, and Avast all tell me that my computer is clean. This has been a nightmare.
 

zIBiT

Administrator
Staff member
Administrator
Hello again!

We found an issue and will fix it with the next English filter update.

You will be able to use Adguard without any annoying notifications since tomorrow.
 

aegis

Administrator
Administrator
@mtrxyz try to add this rule to the User filter, it's going to fix the problem:

Code:
@@||outlook.live.com/owa/projection.aspx$document
 

zIBiT

Administrator
Staff member
Administrator
Windows Defender complained at Google Chrome cache file. When this file is modified by Adguard to add cosmetic rules for filtering ads, Windows Defender detects it as an HTML/Phish.
 
Top