Potential malware signatures detected

M

MrH

New Member
#1
#1
Hi,

We have recently installed the litespeed plugin.

We have never had any virus warnings on the site before.

Today the webhost scanner has reported the following, is this a false positive?

(url edited to hide domain)
Filename
home/sites/3317a/c/c0f2df2b38/ZZZZZZZZZ.com/public_html/wp-content/litespeed/js/a76056e4cafbaffa2b015f36c82e53d2.js

Exploit Found - script.126.am

Thanks,
 
serpent_driver

serpent_driver

Well-Known Member
#2
#2
Download the affected source and check it with local virus scanner, so you can note that this is a false positive warning. LiteSpeed doesn't change or ad any code to existing sources to any sources. If any functions detects malicious code this malicious code already must exist in existing sources.
 
M

MrH

New Member
#3
#3
Hi,

Did that and Nortons did not detect any issues - Would that indicate the file is ok?

Also could I just also delete this file or is it required?

Thanks again
 
serpent_driver

serpent_driver

Well-Known Member
#4
#4
MrH said:
Also could I just also delete this file or is it required?
Click to expand...
Just ignore this warning since it is false postive, but check all other JS scripts if they are modifed by any malicious actions on your server. WordPress and WordPress plugins are a favorite target for malicious attacks.
 
You must log in or register to reply here.
Top