False warnings
-
I just did a High Sensitivity-scan, and got the following warnings.
I have tried reviewing the files but cant see anything suspicious about it?Are they all false warnings?
======================================================================= Quttera Web Malware Scanner plugin for WordPress Website Malware Scan Report Scanned Website: https://autohouse.se Scan type: Internal Report generation time: 2020-11-30 11:53 Scan launch time: 2020-11-30 11:43 Scanned files: 7530 Clean: 7518 Potentially Suspicious: 6 Suspicious: 0 Malicious: 6 ? 2020 Quttera Ltd. All rights reserved. For any questions about this report: [email protected] ======================================================================= FILE: wp-config.php FILE_MD5: 2ac96ee0d4e3bbc41e8cfd0bbcda40b6 SEVERITY: enPotentiallySuspiciousThreatType ENGINE: fscanner THREAT_SIG: c5a76ef1cc34e95ebd0f0807f9830a86 THREAT_NAME: Heur.PHP.Injection.gen THREAT: @include_once('/var/lib/sec/wp-settings.php');... DETAILS: Detected potentially suspicious PHP instruction FILE: wp-content/themes/Divi/epanel/custom_functions.php FILE_MD5: 9e9fb49ba721f0f2fa8e6514bb32874d SEVERITY: enMaliciousThreatType ENGINE: fscanner THREAT_SIG: 62312b13d39a912e67a88ed59407cb38 THREAT_NAME: Heur.PHP.iframe.gen.38 THREAT: preg_replace( '@\[et_pb_post_nav[^\]]*?\].*?\[\/e... DETAILS: Detected malicious iframe injection FILE: wp-content/themes/Divi/epanel/core_functions.php FILE_MD5: eb9669d7d055c5c52d54fb55478e8975 SEVERITY: enMaliciousThreatType ENGINE: fscanner THREAT_SIG: ef106fef01938dd1310a10059618bea0 THREAT_NAME: Heur.PHP.Redirection.gen THREAT: <?php // Prevent file from being loaded directly if ( ! ... DETAILS: Detected malicious redirection header FILE: wp-content/plugins/divi-machine/includes/ajaxcalls/post-ajax.php FILE_MD5: b8d4f5d2d2ca643b6754acbb1f95d5dd SEVERITY: enMaliciousThreatType ENGINE: fscanner THREAT_SIG: cfa635b2aec3de61e9dd47b6b1f3dd99 THREAT_NAME: Heur.PHP.iframe.gen.38 THREAT: preg_replace( '/e... DETAILS: Detected malicious iframe injection FILE: wp-content/plugins/worker/src/Monolog/ErrorHandler.php FILE_MD5: e5dfac51472948efbfe69c25f1013605 SEVERITY: enPotentiallySuspiciousThreatType ENGINE: fscanner THREAT_SIG: 65b0f2becffb61cb9f5fba232f7b9987 THREAT_NAME: Heur.HTML.Defacement.gen.F4248 THREAT: Fatal Error... DETAILS: Website Potentially Defaced FILE: wp-content/plugins/divi-machine/includes/modules/ACFItem/ACFItem.php FILE_MD5: 416b00de2b2e86981abe41d55022fd64 SEVERITY: enMaliciousThreatType ENGINE: fscanner THREAT_SIG: cfa635b2aec3de61e9dd47b6b1f3dd99 THREAT_NAME: Heur.PHP.iframe.gen.38 THREAT: preg_replace( '/e... DETAILS: Detected malicious iframe injection FILE: wp-content/plugins/divi-machine/includes/modules/ArchiveLoop/ArchiveLoop.php FILE_MD5: 1741ba0028b668bf67d393d872c41c06 SEVERITY: enMaliciousThreatType ENGINE: fscanner THREAT_SIG: cfa635b2aec3de61e9dd47b6b1f3dd99 THREAT_NAME: Heur.PHP.iframe.gen.38 THREAT: preg_replace( '/e... DETAILS: Detected malicious iframe injection FILE: wp-content/plugins/worker/src/PHPSecLib/Crypt/RSA.php FILE_MD5: 5d6f739b62a38e525d61a32e42ed6cd4 SEVERITY: enPotentiallySuspiciousThreatType ENGINE: fscanner THREAT_SIG: aa287849d27e17069b104ffd6559823d THREAT_NAME: Heur.PHP.Encoded.gen.271C THREAT: \x2a\x86\x48\x86\xf7\x0d\x01\x05\x03... DETAILS: Potentially suspicious obfuscated PHP threat FILE: wp-content/plugins/worker/src/MWP/EventListener/PublicRequest/CommandListener.php FILE_MD5: a6a9cbaa5dfaf02c654ec60440cb8fb6 SEVERITY: enMaliciousThreatType ENGINE: fscanner THREAT_SIG: 3da4bfb7e1f1ac00e96463e1ec820dc0 THREAT_NAME: Heur.PHP.Fopen.gen THREAT: <?php /* * This file is part of the ManageWP Worker plug... DETAILS: Detected malicious PHP file operation FILE: wp-content/plugins/wp-mail-smtp/vendor_prefixed/monolog/monolog/src/Monolog/ErrorHandler.php FILE_MD5: f639bc7d3466ead93ed0f51ebb7bfbc9 SEVERITY: enPotentiallySuspiciousThreatType ENGINE: fscanner THREAT_SIG: 65b0f2becffb61cb9f5fba232f7b9987 THREAT_NAME: Heur.HTML.Defacement.gen.F4248 THREAT: Fatal Error... DETAILS: Website Potentially Defaced FILE: wp-content/themes/Divi/includes/builder/frontend-builder/assets/vendors/plugins/spellchecker/plugin.min.js FILE_MD5: 8dab73e3b0d0f39e4d980e6612de874b SEVERITY: enPotentiallySuspiciousThreatType ENGINE: fscanner THREAT_SIG: 9c1c8c88d1af2bfbbfc19d4391687b18 THREAT_NAME: Heur.PHP.Encoded.gen.271C THREAT: \xa7\xa9\xab\xae\xb1\xb6\xb7\xb8\xbb\xbc\xbd\xbe\xbf\xd7\xf7... DETAILS: Potentially suspicious obfuscated PHP threat FILE: wp-content/themes/Divi/includes/builder/frontend-builder/assets/vendors/plugins/spellchecker/plugin.min.js FILE_MD5: 8dab73e3b0d0f39e4d980e6612de874b SEVERITY: enSuspiciousThreatType ENGINE: fscanner THREAT_SIG: 9c1c8c88d1af2bfbbfc19d4391687b18 THREAT_NAME: Heur.PHP.Encoded.gen THREAT: \xa7\xa9\xab\xae\xb1\xb6\xb7\xb8\xbb\xbc\xbd\xbe\xbf\xd7\xf7... DETAILS: Generic suspicious HEX encoder FILE: wp-content/themes/Divi/includes/builder/frontend-builder/assets/vendors/plugins/wordcount/plugin.min.js FILE_MD5: 2d965f9bc174bec190d0dbd902c4a6c1 SEVERITY: enPotentiallySuspiciousThreatType ENGINE: fscanner THREAT_SIG: 3c0af43f54ccdeca17f785103e6aad50 THREAT_NAME: Heur.PHP.Encoded.gen.271C THREAT: \xa1\xab\xb7\xbb\xbf... DETAILS: Potentially suspicious obfuscated PHP threat
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘False warnings’ is closed to new replies.
