WordPress.org

Support

Support » Installation » Virus in 2.5 ZIP file?

Virus in 2.5 ZIP file?

  • I downloaded WordPress 2.5 and successfully installed it on my web host. Now I want to install it again in a different directory. I’m trying to upload the ZIP I downloaded from wordpress.org, but I keep getting this error:

    Virus Detected; File not Uploaded! (Trojan.Downloader.JS.Agent-1 FOUND)

    Has the download link been corrupted?

Viewing 11 replies - 1 through 11 (of 11 total)
  • Moderator kmessinger

    @kmessinger

    WordPress.org/latest.zip is not corrupt.

    I can confirm Lincoln Mullen’s findings. The zip appers to be corrupt, so it is either something wrong with the definition files or the wordpress zip is indeed corrupt. I guess I wil stick to 2.3 until this get’s sorted out.

    I just downloaded, open just fine without virus.

    I suppose it’s just a file that some scanners might find ‘suspected’. I had no problems myself.

    It seems that the DE package ( wordpress-deutschland.org ) is still corrupt. I just upgraded one of my blogs and got the FTP error.

    More details here (German)

    [UPDATE] WordPress 2.5 (DE): jquery.js und interface.js werden als Virus erkannt – Bisher nur in EN Version behoben (2008-04-07)

    Both files (interface.js and jquery.js) of the german version are absolutely identical with the official ones.

    jah. Just got the same response from wordpress-deutschland.org

    Still weird that my FTP server shows that warning when I upload the German latest.zip . It seems that there is no security risk even when this error message occurs.

    A clamav scan of my box identified the following:
    _____

    //opt/wordpress/wp-includes/js/jquery/interface.js: Trojan.Downloader.JS.Agent-1 FOUND
    //opt/wordpress/wp-includes/js/jquery/interface.js: moved to ‘/var/spool/clamav/quarantine//interface.js’
    //opt/wordpress/wp-includes/js/jquery/jquery.js: Trojan.Downloader.JS.Agent-1 FOUND
    //opt/wordpress/wp-includes/js/jquery/jquery.js: moved to ‘/var/spool/clamav/quarantine//jquery.js’

    ———– SCAN SUMMARY ———–
    Known viruses: 413852
    Engine version: 0.92.1
    Scanned directories: 35907
    Scanned files: 111581
    Infected files: 2
    Data scanned: 257533.30 MB
    Time: 97043.450 sec (1617 m 23 s)
    _____

    yes. At the site I posted above you can see that only clamav identifies the file as a virus. Somehow weird

    I’m not sure what they did, but my host had to update cPanel. Something about clamav. Anyway, it works for me now that they’ve done the update.

    Apparently that’s a false positive, nothing more.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Virus in 2.5 ZIP file?’ is closed to new replies.