Trojan found in export zip file!

Community resources Bugs
22

@chuckles got it, thanks! I scanned it with my version of Windows Defender and it reported clean. :confused: Hereā€™s a screenshot of my virus definition version:

1785Ɨ862 210 KB

Can you report if you have the same? Also are you using the same Windows Defender in the screenshot?

Finally, can you clear your cache and try exporting again? We released a build which might have corrected the issue.

Thanks so much!

23

Interesting. Iā€™m in the UK. My definition version was 1.235.1416.0 updated at 09:09 today.

Just updated it manually, now version is 1.235.1453.0

Rescanned file and it passed.

Tried to download a new one from the site in Webflow andā€¦

Defender trashed it again saying it found a trojan!!

Cleaned cache. Again, trojan found.

Going to restart, clean cache (again) and try. Will also try in IE, FF and Edge. Reporting back in 5.

1 Like
24

@chuckles I just updated as well and Windows Defender caught it this time. Unfortunately we canā€™t export from Edge/FF unless thereā€™s something I donā€™t know. :smile: Replicating this will help me a lot ā€“ investigating now. :grimacing:

25

Ok, now I remember why Iā€™m using Chrome on Webflow. The best intentions and plans often go awry in the face of reality (although these days that doesnā€™t seem so true).

Anyway, this is just plain strange.

Now the same file I scanned that passed is coming up as fail.

Downloading from WF has the same behaviour. Trojan found etc.

Screenshot from defender:

1417Ɨ717 164 KB

26

Hi I just joined this forum as I am having the same problem ā€¦

Problem Description: When I try to create to create an Export zip file by pressing ā€˜Prepare Full ZIPā€™ button,
I get a message from Windows Defender ā€¦ Failed Virus Detected and the download zip file is not created

I tried exporting from other websites that I created with webflow and encountered the same problem.

Checking my Defender, it reports that a Trojan virus was detected : Trojan:JS/ Jorv.A!cl

I have not had this issue prior to today.

Please advise as I am under a deadline to get these site files live for a client.

Thanks

27

Hereā€™s a quick fix for you.

If you have a previous download, use the webflow.js from that.

Disable defenderā€™s live scanning temporarily.

Download the zip, move to another folder out of your download folder.

Scan the zip, allow defender to clean it (this just stops defender from being annoying and leaving a big red mark)

Re-enable defenderā€™s live protection.

Extract the files, put the webflow.js from the previous download into your javascript folder.

Thatā€™s it really. It wonā€™t be a 100% up to date JS file, but it works (I know, because thatā€™s what I did)

28

Oh, and you should really test it before deploying it (in case your webflow javascript file is missing something crucial).

29

OK. I will try that workaround.

So is the problem with webflow.js? ā€¦ somehow that contains the trojan virus that is being detected by MS Defender. In which case, I hope Webflow is working on fixing this as we speak.

I will try using an older version of webflow.js from a week OK when everything seemed to be working well.

Thanks for your help chuckles and I will update the forum on if this works.

30

If you read the thread in itā€™s entirety youā€™ll get full disclosure and insight but the short answers are:

  1. Yes, but itā€™s probably a false positive (not guaranteed, but thatā€™s what I think)

  2. They are

:slight_smile:

31

To all,

First off, thank you for your patience with this. Weā€™ve determined that this is a false positive and have submitted the issue to Microsoft Security.

There are two workarounds you can use:

  1. Temporarily turn off Windows Defender and download the exported zip. Inside the export you will find a ā€œjsā€ folder that contains webflow.js. Simply open webflow.js in Sublime Text or Notepad++ and add a space to the end of one of the lines. Save the file and add it back to the zip in its original location. This stops Windows Defender from flagging the false positive.
  2. Email support@webflow.com and they will perform the steps above for you.

Hopefully Windows Security will address this issue soon. Again, thanks from the Webflow Team.

Best,
Leonard

2 Likes
32

Thanks your suggestion worked.

Now that the Webflow team has confirmed that this is a false positive, I hope Microsoft Security gets on this quickly and provides a fix.

Thanks again for your help Chuckles and have a good weekend.

33

Well, there is the much simpler ā€œadd to Microsoft Security Essentialsā€™ exceptions listā€, as well :slight_smile:

34

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.