Feng Forum
Support => Older versions => : fcoauga October 26, 2009, 07:14:18 PM
-
The free antivirus AVGuard detects suspicious file for 'add-document.php'. See attached.
Well, I know that is no a suspicious file, but is a little problem for distribution...
-
ignore
-
Can you try if changing line 39 from:
<?php echo $ckEditorContent ?>
to:
<?php echo clean($ckEditorContent) ?>
fixes the issue?
-
ignore
of course...seven times when wrote the message and about fourty at this time... :)
-
Can you try if changing line 39 from:
<?php echo $ckEditorContent ?>
to:
<?php echo clean($ckEditorContent) ?>
fixes the issue?
No.
I had sent the file to Avira, perhaps them tell something us
-
Hello,
I have Avira Antivir 9.0.0.17 with virus engine 8.02.01.44 of 21/10/2009.
On file opengoo\application\views\files\add_document.php'
Avira has found a malware 'HTML/Crypted.Gen' [virus].
Please, Can you try and confirm file security ?
Thank's, regards
Claudio
-
On VirusTotal.com
File add_document.php ricevuto il 2009.10.29 14:36:32 (UTC)
Antivirus Versione last Update Found
AntiVir 7.9.1.50 2009.10.29 HTML/Crypted.Gen
McAfee-GW-Edition 6.8.5 2009.10.29 Heuristic.Script.Crypted
-
It is a false positive, check this source for the virus description:
http://www.trustedsource.org/malware-virus-description/1-18723/Heuristic-Script-Crypted
The file add_document.php is only calling the new editor (CKEditor) via javascript, there must be some line of code which the antivirus detects as containing a "typically malicious characteristic".
As noted before, it would probably be a good idea to identify and "fix" the line so that this message stops appearing.
Cheers
-
Julio @ virustotal is usually quite helpful, but note that it is sometimes a pain or can take months to get some code removed as a false positive from virus signatures (this from experience), hence my previous "ignore" comment.
-
Hello,
I just downloaded the OpenGoo 1.6 Archive from your link at the Announcement Forum. As I checked it with my AntiVir I got the following message:
-
hmmn.. what does it say? ???
I'd run it through a translator if I could copy and paste the text...
-
I get the same message with avira antivirus concerning a html script virus ...
opengoo\application\views\files\add_document.php is corrupted
The description is :
Virus: HTML/Crypted.Gen
Date discovered: 18/07/2007
Type: Trojan
In the wild: Yes
Reported Infections: Low
Distribution Potential: Low
Damage Potential: Low
Static file: No
Engine version: 7.04.00.44
-
I still get this messages like CédricH posted? Any solutions? Help!!!
-
I posted the solution - ignore it.
Edit: In the interest of self-help, that sounds arrogant of me, and I apologize. What I should have said was this is likely a false positive. The devs will most certainly be checking into this, and if it were serious it would have been replaced. It is basically a catch-all virus notice, more like a warning, that there is some javascript that appears to be from an untrustworthy source.