Message about trojan from ispprotect

Discussion in 'ISPConfig 3 Priority Support' started by andreasli, Feb 3, 2021.

  1. andreasli

    andreasli Member

    Hi
    I recently bought Ispprotect and now i get a warning message about 1 suspect files for one of my Wordpress sites. The plugin that maybe is infected is The SEO Framework.

    I have Wordfence premium on this website and it gave no results about infected files. I also made a extra scan with clamav and it found no infected files.

    So my question is if this is a false message. What can i do to make sure that this is not a trojan?

    The error message is the following:
    Code:
    /wp-content/plugins/autodescription/lib/js/media.js    winnow.trojan.ts.xss.2
     
    andreasli, Feb 3, 2021
    #1
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    I think that file is a text file, so you can read it and see if suspicious code is there.
    You can also compare the file to the original, unpack the distribution package to somewhere else and extract that file.
    ISPProtect like other malware scanners sometimes flag innocent files.
     
    Taleman, Feb 3, 2021
    #2
  3. andreasli

    andreasli Member

    Thank you @Taleman

    I compared this two files with each other and i couldn't find any difference.
     
    andreasli, Feb 3, 2021
    #3
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Then you can probably ignore, at least if you don't suspect that the file that#s provided by the plugin author may contain the problem as well.
     
    till, Feb 3, 2021
    #4

Share This Page