fckeditor_gecko.js being blocked

Posted: Wed Dec 10, 2008 9:02 am

Running RN 2.3 on a Vista 64 box with Norton Antivirus 16.1.03 (the 64 bit version) and Firefox 3.0.4 I am getting a intrusion detection notice on /includes/fckeditor/editor/js/fckeditor_gecko.js. Norton says it matches a known virus pattern.

While this may be a false positive I think it may also cause problems because the js can't be executed properly. The risk name is HTTP Acrobat PDF Suspicious File Download.

Posted: Wed Dec 10, 2008 9:20 am

I think the only way around that is to send Norton a copy of the file and ask them to fix their false positive.

registered · Site Admin Joined: Jun 04, 2004 Posts: 6437

There are many free alternatives to Norton...

...but, just to confirm, are you using www. in your url? I saw some stuff on the FCKeditor.net forums about that.

Posted: Wed Dec 10, 2008 1:42 pm

Actually there is a way to exclude the particular signature I listed earlier from being blocked through the AntiVirus settings. I just did that.

As to alternatives, I was using whatever it was that RoadRunner provides for free but that is not supported on a 64bit operating system that I have on my laptop. (CA security center). Norton has been pretty solid for me.

The attacker url is listed as webmhcc.org without the www. The attacking computer is listed as mantis.ravennuke.com (but I think it is just picking that name up from the IP address. I have also had fkelly.org listed as the attacker url. These are two "sites" on Raven's servers.