Support

Admin Tools

#37346 Virus-Warning in Admintools for wrong domain

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
3.9.2.4
PHP version
7.4.
Admin Tools version
6.1.6

Latest post by nicholas on Tuesday, 28 June 2022 03:31 CDT

FlorianWachter

Hi  -  may be you remember a discussion regarding that malware thing i go from some website when admintools was used. However. 

I decided to RENEW all that pages. 

I now used kickstart to setup the page again - updated my extensions. 
the temp URL is http://lux-lichtgestaltung2.de.w01d1178.kasserver.com/administrator/index.php?option=com_admintools

when i clicked on admin tools controlcenter, i got that message: 

I used quttera to scan the temp website only seconds before and got NO malware. 

Is that an akeeba admintools "bug" ? 


 

https://postimg.cc/sQ6r6hMx

System Task
system
The ticket information has been edited by Florian Wachter (FlorianWachter).

nicholas
Akeeba Staff
Manager

It should be very clear that the problem is with your ANTIVIRUS (Avast).

A quick Google search shows that they know about this for well over three years: https://support.avg.com/answers?id=9060N0000005MtYQAU

Another quick Google search shows that Avast is stupid enough to throw false positives for jQuery and Bootstrap, some of the most used JavaScript on the Internet: https://forum.avast.com/index.php?topic=319846.0

A few results later and we find this https://wordpress.org/support/topic/we-have-blocked-the-threat-jsagent-eiy-plugins-cookie-notice-js-front-min-js-fr/

It is very clear that Avast is such a gigantic pile of poop that it erroneously reports any minified JavaScript file as "malware". Of course this is not the case. Everyone delivers their JavaScript minified for obvious reasons. It's just that Avast can't be arsed to fix their broken detection code work for the past three years 🤦🏽‍♂️

As for the "wrong" domain name, it would appear that they are simply truncating the domain name. I mean, a small poop on top of a big pile of poop doesn't make much of a difference.

Florian, please, buy a real antivirus. It's very clear that Avast is a massive failure. They have always been bad to the point of being worse than useless. Pay for something like ESET NOD32 to have some peace of mind. Or just use Windows Defender. After the Windows 10 late 2019 update the Windows Defender is actually a very good antivirus and firewall, right up there with the best of them, and costs nothing. It's not even the same product it was before that update; they rewrote it from scratch.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

FlorianWachter

Hello Nicholas - I love your answer so much! really. Can´t stop laughing. 
OKAY - i will kick that Avast Shit and get sth. else. You made my day :)

nicholas
Akeeba Staff
Manager

As you might be able to tell, I have a love/hate relationship with AVAST / AVG.

About a decade ago they had this brilliant (really, not) idea to have their blatant waste of CPU cycles “antivirus” product act as a transparent proxy for all traffic to the browser with the goal of supposedly blocking malicious JavaScript. Remember, this is the same company. Guess what they ended up doing? If you guessed “they broke all backend JavaScript in Joomla and WordPress sites in ways that made it impossible to even troubleshoot reliably” you win! Which JavaScript file did they end up blocking to break people's sites? If you guessed jQuery you win again!

As for the way to work around it... Yes, why, it was indeed to load the JavaScript using inline scripts which modified the DOM exactly like what an actually hacked site would do. 🤦🏽‍♂️

I swear, most low cost antivirus is more harmful than it is helpful. People don't get it and I understand why; they haven't seen the sausage being made, but I have (and for the record, I have also seen literal sausages being made at an industrial scale... let's just say enjoying a sausage now requires a certain amount of doublethink on my part).

Have a great day!

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

FlorianWachter

Appreciate it - lol- 

The Problem is, when clients use it and get warnings. That makes it uncool.

nicholas
Akeeba Staff
Manager

Yup. I totally agree. It's then up to us innocent parties to prove that we are not elephants. Sigh...

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!