Questions about scan results

  • Resolved boardboss

    (@boardboss)


    3 years, 1 month ago

    Greetings – Several months ago I installed a malware scanner on my site. If it makes any difference, that plugin is Defender Pro. After running the initial scan with DP, I noticed there were several suspicious files.

    Upon investigation, it was determined that a FAQ plugin I recently installed triggered most of the warnings. When I contacted the developer, I was told the pro version of the plugin used different versions of the files than the versions of the files for the free version stored at www.ads-software.com.

    Recently I installed your plugin on the same site and did a complete scan. If your plugin also checks for file differences, why wouldn’t any of these files also show up as warnings while scanning the site?

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Support amagsumov

    (@amagsumov)

    Hello,

    If the scan did not find anything suspicious in these files, it means that we have hashes of files of both pro and free versions.

    Thank you.

    Thread Starter boardboss

    (@boardboss)

    Hi again – Is there a way to tell for sure? The developer told me there was only one set of hashes, and that was for the free version of their plugin. When the registration key is entered in the WordPress admin area, the local files are modified from a private repository. Thank you!

    Plugin Support amagsumov

    (@amagsumov)

    Hello.

    Scanner shows in the results only those files, changes in which look suspicious. But if a file has been modified, but the changes do not look suspicious, the file is not shown in the results.
    Thank you.

    Thread Starter boardboss

    (@boardboss)

    Greetings – Just to be clear, are you saying that your scanner does not flag files “just” because the contents of a website file do not exactly match the contents of a repository file? While it makes sense that any changed files should be flagged, it makes more sense if the scanner actually has the intelligence to examine any changes for threats. Still, it would be nice if the scanner logged any changed files for increased peace of mind.

    Plugin Support amagsumov

    (@amagsumov)

    Hello.

    We refused to display such files in the results, because it leads to a lot of false positives.

    Thank you.

    Thread Starter boardboss

    (@boardboss)

    Greetings – Was that an answer to my question? Are you saying that your scanner does not flag files “just” because the contents of a file on the website do not match the contents of a file in the repository?

    Plugin Support amagsumov

    (@amagsumov)

    Yes, if there are some changes in file but they aren’t recognized as suspicious, file won’t be marked.

    Thank you.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Questions about scan results’ is closed to new replies.