Compromised file

Tell your webhost they have a false positive, I keep md5sums of all the files, and it has not changed or been tampered with.

I had the same warning on a site where this plugin was installed. It was flagged by clamAV. I’ve run this antivirus many times before but only yesterday was this file flagged.

just an update virustotal.com also flagged this plugin

@daverempel , @nosilver4u

just an update virustotal.com also flagged this plugin

Funny you should mention that. I just did a check on the zip and everything seems fine. ??

that is really odd. I redownloaded the zip and single file in question just an hour ago and both were flagged for me at virustotal. On the positive side only 2 of the 50+ flagged the file.

@nosilver4u
On the other hand it does show something.

it’s still a false positive, it’s the same exact binary that’s been distributed for 17 months. I’ve run it on Windows myself, and it does nothing malicious.

Hey,

I’ve got the same error from my hoster by updating this plugin with ftp:

Virus ‘Win.Trojan.Agent-953871’ found in ‘/wp-content/plugins/ewww-image-optimizer/optipng.exe’

What to do?

@insomnis, ignore it, there is nothing you CAN do, since it isn’t malware

https://www.ads-software.com/support/topic/false-positive-on-virus-scan?replies=9