Malware in theme? Indoor Plants | Houseplants store & Gardening WordPress Theme

I recently downloaded an updated version of my theme, to upload to the server and when I opened the zip file Windows 10 Antivirus blocked it, and when I read the history it marked as a trojan downloader

Screenshot%20-%202018-12-06%2013%2014%2049

May be their servers were hacked and the code changed and they are spreading malware? or just a false positive?

BTW the file inside the zip is:

themeforest-20762306-indoor-plants-gardening-houseplants-theme-wordpress-theme.zip->indoor-plants/plugins/vc-extensions-bundle/vc-extensions-bundle.zip->vc-extensions-bundle/parallax/js/modernizr.js

I ran that zip over virustotal, and has 0 results:
https://www.virustotal.com/#/file/1f661d855b5b2c9b5b1bedbbab749ddfa35fb8319fb02607b27caec52625e653/detection

Windows Defender is notorious for false positives. Furthermore, it is literally impossible for a JavaScript file (designed to be ran in the browser) to be a “trojan downloader”.

If VirusTotal said it’s not infected, then you can safely ignore it. I’d recommend sending the file as a sample to Microsoft, if you can, so they can fix it.

2 Likes

Oh thats a good idea, send it to MS.

thanks!

Hi,

Thanks for asking your question at Envato forum.

My opinion is turn off Windows defender until installation.
hope everything will be fine.
Thanks

Yes, I added the file to exception list. and uploaded to the server and its everything fine.

Wasn’t a problem with the installation but more a concern but then I realized that is a false positive