[nosfat]

WTF? Avast just flashed red “Infection blocked” when I entered my site, built with your Read WP Theme. Current version 4.4.1.

Infection: Other: Malware-gen [Tri]
URL: http://erikdelareguera.com/wp-content/themes/read/js/modernizr.js
File: [gzip]
Process: /Applications/Firefox.app/Contents/MacOS/firefox

What is this? What can I do to get rid of it?

[nosfat]

The correct name of the “File” is: {gzip}

With curly brackets, that is. Please look into this as soon as possible.

[nosfat]

Update: As I scanned my computer Avast also alerted me to “modernizr.js” in the zipped (downloaded) version of the READ theme. Not good.

As I stated my version of the theme is 4.4.1 and I have WordPress v 4.4 installed. Can this be fixed simply by updating both the theme and the wordpress installation? And in which order, in that case?

[serkan]

Hi nosfat,
We never found a malware in the theme files. Could you please deactivate all your plugin and install a fresh copy of the theme and check it again please?

[nosfat]

Hi, I noticed on the Theme comments page that another user also has this problem. It’s propably due to new malware definitions from Avast, that now identifies “modernizr.js” as malware, don’t you think? Is the file eliminated or changed in the last version of the theme? Can I simply update?

[nosfat]

BTW: I’ve scanned the WordPress site with the plugin Wordfence, and it doesn’t find any problems. Avast keeps flashing red though.

[serkan]

Hi nosfat,
I will install avast and run your test. I will let you know if I came up with a solution.
Thanks

[nosfat]

Ok, great, I’ll just wait here then.

[ahmetsali]

Hi, does it occur on our demo site too?

http://themes.pixelwars.org/read-wp/

[nosfat]

No, there is no warning from Avast when I enter the demo site. Should I try to install the theme update?

[ahmetsali]

– first, deactivate all of your plugins,
– then update your theme to the latest,
– check again your site without activating your plugins.

[nosfat]

Ok, I’ve done that now. And it did’nt work – still the same alert from Avast. What else can be done?

[nosfat]

Still waiting.

[serkan]

Hi nosfat,
We just install and run avast in our demo and couldn’t detect any issue.
Maybe you can ask it in avast support forum.
Thanks

[nosfat]

Ok, thanks, I’ll try that. So strange this.

[nosfat]

One more thing: When I scan the just downloaded theme zip file (v 4.2.2) with Avast it still screams malware. File indicated: ..read/js/modernizr.js

So the problem really seems to be on your side.

[ahmetsali]

Hi, ok then, with the next update we will update modernizr.js with the latest version, then you check again if the problem persists.

[nosfat]

Ok, thanks. The response from the people at Avast is:

JQuery needs to be retired: http://retire.insecurity.today/#!/scan/391f7ff3977be59fc9e08f26d8a2cc47cbebc8135b4e9ad004deaa4ea6e57973

Any comment?

[serkan]

We will update the file with the next update.
Thanks for the feedback.

[nosfat]

Hello again,
After some waiting I got a response from the Avast support. It turns out it was a false positive – and it has been removed now! Se their answer below:

—

It was a false positive. It should be fixed in the new virus definitions update.
To update virus definition: open Avast and go to > Settings (gear icon) > Update > Virus Definitions – click “Update”

note: if it is still detected, please allow few hours (up to 24 hrs) and check again

[ahmetsali]

glad to hear that, thanks for the update.