Trojan file zip Prestashop 1.7.7.4

[MrLamart1]

Ho scaricato Prestashop dal sito https://www.prestashop.com/it

Subito bloccato da windows defender, allego immagine del trojan.

Ho già scaricato altri zip di prestashop, ma avuto questo problema, ma questo è un vero problema!!!!

English: 

I downloaded Prestashop from the https://www.prestashop.com/it

Immediately blocked by windows defender, I allegory image of the Trojan.

I've already downloaded other prestashop zippers, but had this problem, but that's a real problem!!!!

[max8]

Hi i have the same problem,

the last version 1.7.7.4 have a virus trojan . Can you solve the problem?

[MrLamart1]

Download Prestashop 1.7.7.1, install and then upgrade from the Prestashop module

[max8]

Hi MrLamart1,

I downloaded PrestaShop first time yestarday and my computer has been infected with this trojan: Trojan:Win32/Emali.A!cl. Now I have mistrust. Is it possible that yesterday the official Prestashop page suffered a phishing attack? Otherwise, why was the file I downloaded infected?

The most important question, can I download prestashop now without malware?

Thanks for your answers

[MrLamart1]

as I wrote above, you should download prestashop 1.7.7.1 and then do the update.
But first clean your PC, the malware is always there and changes its name.

[MrLamart1]

https://www.prestashop.com/it/versioni

I recommend version 1.7.7.1, then through
1-Click-Upgrade upgrade to new version.
Sooner or later someone will notice the virus.

[w3bsolutions]

I just downloaded and scanned the current 1.7.7.4 zip and my antivirus didn't report any virus. Seems solved. 

Edited May 26, 2021 by w3bsolutions (see edit history)

[razaro]

Hi all

I checked also and did not had any warnings, checked on virus total site too. Also here is replay from member of the team:

Quote

We immediately performed a scan and found no issues

https://www.virustotal.com/ scan: no issues
https://opentip.kaspersky.com/ scan: no issues

It looks like it's not an uncommon issue, other open source projects had a false positive from Windows Defender too
https://community.sonarsource.com/t/windows-defender-reports-trojan-win32-emali-a-cl-during-sonarlint-installation/17291/5
https://github.com/megai2/d912pxy/issues/284

It seems we are just unlucky  something in PS 1.7.7.4 is being flagged as a malicious file.

There is a tool to report false positive reports to Microsoft, we might try to fix it too.

They might release official statement about this later, but know it is safe. 

And you might try link on github https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.7.4

But that zip is most likely same as one used on download link.

[MrLamart1]

5 minuti fa, razaro ha detto:

Ciao a tutti

Ho controllato anche e non ho avuto avvisi, controllato anche sul sito totale del virus. Ecco anche il replay da parte del membro del team:

Potrebbero rilasciare una dichiarazione ufficiale su questo in seguito, ma sanno che è sicuro.

E potresti provare il link su github https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.7.4

Ma quella zip è molto probabilmente la stessa di quella utilizzata sul link per il download.

Ci ho appena provato, il virus ha cambiato nome ed è sempre lì.

[razaro]

Try to scan file you got with other anti-virus software or online links mentioned.

But like I said it is most likely false positive and PrestaShop might make official statement later.

Also file for sure did not change but "virus" changing name is just a sign that Windows Defender is not sure what it is.

[MrLamart1]

I don't trust false positives, especially on viruses given the global covid situation.

[max8]

ok, thanks for your answers.

Now, I will try to download version 1.7.7.1. I will install and upgrade it 🤞

Regards

[tuk66]

What trojan?! The PrestaShop archive DOESN'T contain any exe, vbs or other executable program.

[Goof Ball]

This morning Microsoft Defender reported that Prestashop_1.7.7.5.zip has the Trojan:Win32/Emali.A!cl virus.  Have any of the developers contacted Microsoft to try to understand what the threat is?   I have a feeling that there is a reason it has been identified.  I also have a feeling that Microsoft can help with a fix.  Sometimes software can be exploited even if the software itself is NOT a virus.

 

[emild]

Yep,

Microsoft Defender says the package contains a virus

Probably a false positive but someone should look at it anyway and report false positive.