Malware in theme? Indoor Plants | Houseplants store & Gardening WordPress Theme

wordpress

#1

I recently downloaded an updated version of my theme, to upload to the server and when I opened the zip file Windows 10 Antivirus blocked it, and when I read the history it marked as a trojan downloader

Screenshot%20-%202018-12-06%2013%2014%2049

May be their servers were hacked and the code changed and they are spreading malware? or just a false positive?


#2

BTW the file inside the zip is:

themeforest-20762306-indoor-plants-gardening-houseplants-theme-wordpress-theme.zip->indoor-plants/plugins/vc-extensions-bundle/vc-extensions-bundle.zip->vc-extensions-bundle/parallax/js/modernizr.js

I ran that zip over virustotal, and has 0 results:
https://www.virustotal.com/#/file/1f661d855b5b2c9b5b1bedbbab749ddfa35fb8319fb02607b27caec52625e653/detection


#3

Windows Defender is notorious for false positives. Furthermore, it is literally impossible for a JavaScript file (designed to be ran in the browser) to be a “trojan downloader”.

If VirusTotal said it’s not infected, then you can safely ignore it. I’d recommend sending the file as a sample to Microsoft, if you can, so they can fix it.


#4

Oh thats a good idea, send it to MS.

thanks!


#5

Hi,

Thanks for asking your question at Envato forum.

My opinion is turn off Windows defender until installation.
hope everything will be fine.
Thanks


#6

Yes, I added the file to exception list. and uploaded to the server and its everything fine.

Wasn’t a problem with the installation but more a concern but then I realized that is a false positive