Hi I recently bought Ispprotect and now i get a warning message about 1 suspect files for one of my Wordpress sites. The plugin that maybe is infected is The SEO Framework. I have Wordfence premium on this website and it gave no results about infected files. I also made a extra scan with clamav and it found no infected files. So my question is if this is a false message. What can i do to make sure that this is not a trojan? The error message is the following: Code: /wp-content/plugins/autodescription/lib/js/media.js winnow.trojan.ts.xss.2
I think that file is a text file, so you can read it and see if suspicious code is there. You can also compare the file to the original, unpack the distribution package to somewhere else and extract that file. ISPProtect like other malware scanners sometimes flag innocent files.
Then you can probably ignore, at least if you don't suspect that the file that#s provided by the plugin author may contain the problem as well.