I downloaded some of the example programs from http://www.bigprof.com/appgini/free-ope ... plications and found a virus in each one. Is their any way for you to remove them.
invoicing.zip
2 viruses
VEX9D72.Webshell
htm.iframe.abh.gen
online-rental-property-manager-3.zip
1 virus
htm.iframe.abh.gen
online-training-center-manager-3.0.zip
2 viruses
VEX9D72.Webshell
htm.iframe.abh.gen
Resources-Utilization-Viewer--RUView--master.zip
2 viruses
VEX9D72.Webshell
htm.iframe.abh.gen
Symptoms-and-diseases-database.zip
2 viruses
VEX9D72.Webshell
htm.iframe.abh.gen
Virus Protection
Re: Virus Protection
I just checked this issue and I strongly believe this is a false positive. Before explaining why I believe so, let me first thank you for reporting this, and assure you that we take security very seriously.
Now to the explanation of why this is a false positive: I checked the download URLs for all the applications you reported using the online scanning tool https://virustotal.com ... This site scans a given download link using 56 scanning engines. The site did report the 2 infections you mentioned indeed. But the detections were made by only 2 engines among the 56 scanners. Here is the cached result for RUView for example: https://www.virustotal.com/en/file/3165 ... 445102397/
The 2 antivirus engines that reported the infections are named BKav and Qihoo-360. However, the most famous and powerful engines, including AVG, Avast, Avira, ClamAV, Kaspersky, McAfee, Microsoft, Symantec and others did not detect any infections.
My guess for why the false positives were triggered is that AppGini-generated applications include a file named ci-input.php. This file is responsible for sanitizing user input against SQL injection and XSS (cross-site scripting) attacks. To sanitize inputs, this file has to match inputs against many attack patterns to make sure they don't match any. I guess the 2 anti-viruses that detected infection did so because of the presence of these patterns. So, I'd say that the presence of the security checks that AppGini performs deceived both engines into triggering false positives.
Now to the explanation of why this is a false positive: I checked the download URLs for all the applications you reported using the online scanning tool https://virustotal.com ... This site scans a given download link using 56 scanning engines. The site did report the 2 infections you mentioned indeed. But the detections were made by only 2 engines among the 56 scanners. Here is the cached result for RUView for example: https://www.virustotal.com/en/file/3165 ... 445102397/
The 2 antivirus engines that reported the infections are named BKav and Qihoo-360. However, the most famous and powerful engines, including AVG, Avast, Avira, ClamAV, Kaspersky, McAfee, Microsoft, Symantec and others did not detect any infections.
My guess for why the false positives were triggered is that AppGini-generated applications include a file named ci-input.php. This file is responsible for sanitizing user input against SQL injection and XSS (cross-site scripting) attacks. To sanitize inputs, this file has to match inputs against many attack patterns to make sure they don't match any. I guess the 2 anti-viruses that detected infection did so because of the presence of these patterns. So, I'd say that the presence of the security checks that AppGini performs deceived both engines into triggering false positives.
AppGini plugins to add more power to your apps:
- DataTalk is an innovative AppGini plugin based on ChatGPT that allows you to interact with your AppGini database using natural language questions, without writing any SQL. Check the demo video
- Check our other plugins and get a generous discount of up to 30% when buying 2 or more plugins.
- Need personalized consulting on your specific app and customizations? Book an online call with me here.