9 posts
  • Has been part of the Envato Community for over 4 years
  • Has been a beta tester for an Envato feature
  • Located in Canada
  • Has collected 100+ items on Envato Market
Integral says

Hi Everyone,

I ran a Virus scan on my Mac & it came up with a Theme that I bought here, but never ended up using (Client changed their mind). ClamXav scanned the zip file that I downloaded & said it was infected with Trojan.js-75

I googled “Trojan.js-75” but couldn’t find out if it is malicious code, or just a false positive form the Virus scan.

I contacted support to tell them, and they just said to take it up with the author.

Seems to me that given they run the market place they should take more of an interest in the items being sold through their website.

1028 posts
  • Has referred 500+ members
  • Has sold $500,000+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+6 more
ThemeBlvd says

Is there even the slightest little tiny possibility that you have many themes currently on your computer, and maybe not 100% of them were downloaded legally? Assuming that’s not the case, you did purchase it, right? So have you tried to re-download the file from ThemeForest and confirm the actual package downloaded from ThemeForest contains this trojan? Or are you just going off the old files that were sitting on your computer only?

1799 posts
  • Has referred 1+ members
  • Has sold $5,000+ on Envato Market
  • Has been a beta tester for an Envato feature
  • Has collected 10+ items on Envato Market
+4 more
BroOf says

There are viruses which infect other files. The reviewer always check for viruses before they approve the item I think.

9 posts
  • Has been part of the Envato Community for over 4 years
  • Has been a beta tester for an Envato feature
  • Located in Canada
  • Has collected 100+ items on Envato Market
Integral says

ThemeBlvd, you could not have known this, but I do not pirate, not even a little. The files were downloaded from here. Also to double check I did redownload the file on my macbook air (second computer) and re-scanned. It is possible that both computers are affected I guess, but I have them both scanned with current virus definitions and other than the zip file which I have not opened, both have come up clean.

It’s not the Trojan that really bothers me. I have not installed it on a server, so no harm done. It is the fact that I contact support, they passed the buck to the author. I just heard back from the author & he said Envato would have caught anything, so don’t worry.

Kinda makes me wary of future purchase from here.

366 posts WordPress Guy
  • Has referred 1+ members
  • Has sold $100+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Member of the Envato Team
+5 more
Japh Envato team says

Hi Integral, this is a bit of a concern if it turns out the file we’re hosting is infected. Can you please contact me through the form on my profile with a link to the item in question so I can investigate further?

Thanks! :)

1736 posts
  • Has referred 1+ members
  • Has sold $5,000+ on Envato Market
  • Has collected 1+ items on Envato Market
  • Sells items exclusively on Envato Market
+2 more
VisualSharing says

I ran a Virus scan on my Mac

I did not know this is reasonable or possible at all. :|

366 posts WordPress Guy
  • Has referred 1+ members
  • Has sold $100+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Member of the Envato Team
+5 more
Japh Envato team says


I ran a Virus scan on my Mac
I did not know this is reasonable or possible at all. :|

All computers should have virus protection! I use Sophos on my MacBook Pro :)

9 posts
  • Has been part of the Envato Community for over 4 years
  • Has been a beta tester for an Envato feature
  • Located in Canada
  • Has collected 100+ items on Envato Market
Integral says

I have heard back from Support:

Thank you for your message to Envato support. I downloaded and tested the ‘xxxxx’ template with ‘ClamXav’ and it’s reporting the file ‘jquery-ui-personalized-1.5.2.packed.js’. This appears to be a false positive from ClamXav as that particular script is relatively common (it’s used to create a tabbed interface) and does not appear to have any offending code within it. You can see this particular script in action on Nettuts+...

Something that simple would have been a welcome message from the get go, rather than “contact someone else”.

I have blocked out the name of the template, as I mentioned early on, I was not positive about it, and do not wish the author any negative exposure.

Thanks Japh & Jami

366 posts WordPress Guy
  • Has referred 1+ members
  • Has sold $100+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Member of the Envato Team
+5 more
Japh Envato team says

Thank you for reporting your progress here, Integral.

I also scanned the item with Sophos on my Mac, and it came up completely clean. So I would agree with Jami that ClamXav is reporting a false positive.

Also, sorry to hear you were given a poor initial response too. That’s not how we usually handle things :)

1736 posts
  • Has referred 1+ members
  • Has sold $5,000+ on Envato Market
  • Has collected 1+ items on Envato Market
  • Sells items exclusively on Envato Market
+2 more
VisualSharing says



I ran a Virus scan on my Mac
I did not know this is reasonable or possible at all. :|
All computers should have virus protection! I use Sophos on my MacBook Pro :)

Thanks, I’ll have it in mind. :)

by
by
by
by
by
by