False positive: Spam:HTML/media.download.7505 ?

  • Resolved astahov006

    (@astahov006)


    6 months, 3 weeks ago

    Hello!

    Malware scan shows many issues like that as critical. I’m guessing this is a false positive, isn’t it?

    Filename:?/var/www/p511603/data/www/infosecportal.ru/wp-content/cache/all/soft/zonealarm-free-antivirus/index.html

    File Type:?Not a core, theme, or plugin file from www.ads-software.com.

    Details:?This file was discovered, installed or modified by a hacker to perform malicious activities. If you are aware of this file, you can ignore it to avoid future consequences. Matching text in this file:<!DOCTYPE html>\x0a<html lang=”ru-RU”>\x0a<head>\x0a<meta charset=”UTF-8″>\x0a<meta name=”viewport” content=”width=device-width, initial-scale=1″>\x0a<link rel=”profile” href=”https://gmpg.org/xfn/11″&gt;\x0a<!– Manifest…

    The issue type is:?Spam:HTML/media.download.7505
    Description:?Suspicious keyword and character combinations commonly found in spam content

    Regards, Alex

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfmargaret

    (@wfmargaret)

    Hi @astahov006,

    Sometimes false-positives can occur, especially with images, minified files, or caches, where code can resemble PHP or some other code that triggers a signature. You can combat this if you are sure the content is harmless by either choosing “Ignore” after a scan, or telling Wordfence not to scan the specific cache location. You can do the latter by visiting Wordfence > All Options > Scan Options > Advanced Scan Options > Exclude files from scan that match these wildcard patterns (one per line) and adding wp-content/cache/all/soft/zonealarm-free-antivirus/* on a new line.

    If you aren’t certain if a file being flagged is safe, or want to see if our team can make allowances for it during the scan, please send a copy of the file(s) to samples @ wordfence . com with the pasted scan result information. Remember to remove any passwords, keys, or salts from any files you do send to us if applicable.

    Thanks,
    Margaret

Viewing 1 replies (of 1 total)
  • The topic ‘False positive: Spam:HTML/media.download.7505 ?’ is closed to new replies.