False positive?

andor2 · March 22, 2016, 12:31pm

Hi,

I’m running a Joomla site and use the JCE editor for backend editing.

There has been a history for older versions of the JCE component to be attacked by exploit attempts but newer versions should not have that weakness.

Still, Avast blocked that component as a Trojan (Other:Malware-gen [Trj]) today:

…/components/com_jce/editor/tiny_mce/tiny_mce_popup.js?a990757478edca862d0bc4f467dffdb9

and the developer says that Avast is the only one reporting this as an issue.

How should I deal with Avast blocking this url/script?

Thanks,

BeSecure · March 22, 2016, 12:34pm

Post VirusTotal link of that file and let see and then post the result here and if it is FP then report it to Avast!

bob3160 · March 22, 2016, 12:54pm

Pondus · March 22, 2016, 1:23pm

How should I deal with Avast blocking this[b] url[/b]/script?

Post the URL here

system · March 22, 2016, 2:08pm

This is the Virus Total scan on the day the package was released

and the scan from today

system · March 22, 2016, 2:33pm

and the file in question are identical in content (apart from the comments at the top), but the former does not trigger false positive.

polonus · March 22, 2016, 2:45pm

polonus

Sirmer · March 22, 2016, 2:53pm

thanks for information, this was a false positive and it will be fixed in next stream update.

andor2 · March 23, 2016, 11:00am

Thanks all for your input!

Apart from learning about the false positive, I also got some valuable information - at least for a newbie like me

Announcements