fourteen mht files were created long ago with Microsoft IE suddenly test positive for JS: Popupper-Y [Trj]. These files have not been accessed since their created except for scanning with Avast and other programs with no indication of infection.
Bumping this thread as I have a similar issue. An mht file created long ago with Microsoft IE suddenly tests positive for JS: Popupper-Y [Trj]. But according to VirusTotal, only Avast detects it as a (false?) positive. I zipped it with password and sent it to virus@avast.com
Hi i analysed several files containing this infection and they all work as adware/spyware. Its just standalone file packed into many bundled software packages.
I am glad to tell you that I got a response to my file submission, from Honza Zíka of the Avast viruslab.
In short, he said he will not disable the detection. What he dislikes about the script is that it opens a 1x1 px window on exit, which is hidden off the screen. He also pasted the code that does it.
Bumping.
It appears Box Sync (mac) is giving me false-positives for this trojan? feature?
As I understand it, some software pops up a single pixel occasionally for tracking (?) of your activity, and Avast flags it as a Trojan. Or maybe it is a Trojan.
Regardless, I find it really annoying that when Box is syncing, I get an endless flow of red warning popups from Avast, telling me about them, with no advise on how to make it stop. Is there a solution, or is it something I just have to endure with impotent rage?