[Plugin: AntiVirus] is this a false positive? (6 posts)

  1. yaysloths
    Posted 6 years ago #

    Got an email today with a fantastically phrased alert:

    The daily antivirus scan of your blog suggests alarm.

    Went to the site (which belongs to a friend of mine, actually) and re-ran the scan manually; the alarm-suggesting code seems to be this:

    add_action('admin_menu', 'rt_theme_option_menu');
    require_once(TEMPLATEPATH . '/rttheme_options/custom_form.php');
    require_once(TEMPLATEPATH . '/rttheme_options/controlpanel.php');
    require_once(TEMPLATEPATH . '/rttheme_options/controlpanel2.php');
    require_once(TEMPLATEPATH . '/rttheme_options/controlpanel3.php');
    require_once(TEMPLATEPATH . '/rttheme_options/controlpanel4.php');
    require_once(TEMPLATEPATH . '/rttheme_options/controlpanel5.php');
    require_once(TEMPLATEPATH . '/rttheme_options/controlpanel6.php');

    That doesn't look that scary to me, but if it's all fine and can be whitelisted, I don't understand why it would be suggesting alarm NOW and not when I installed the theme about four months ago...

    Can anyone tell me if that seems like something worth being alarmed about? Any insight would be greatly appreciated. Thanks!

  2. AntaresMHD
    Posted 6 years ago #

    I'm having a similar problem, which started happening yesterday. I got a mail from one of the sites I'm managing, saying that there was a suspicion of a virus. I check the site (which is WordPress MU 2.9.2, just for the record), and run the scan manually. What happened next was the weirdest thing, while it's scanning, the scan stops at the following file (Producer Theme)


    Which is strange, considering the file is clean, as I've noticed. I also noticed it's showing a problem with includes, because it displayed this as an alarm:

    <?php include (TEMPLATEPATH . '/searchform.php'); ?>

    BTW, during the scan, and right after it scans this file in particular, my browser freezes and starts taking a lot of RAM space (600~900MB in just a matter of seconds), I have to kill the process before the computer dies on me. I use Firefox, but I tried the same test on Chrome and Safari, both had the same behavior (and both processes hd to be killed too). It's still doing that, and I'm unsure of what could be the cause of it.

  3. anantshri
    Posted 6 years ago #

    well i am also on the same track.

    i am getting alrets everyday but still not able to find out wat's the issue.

  4. AntaresMHD
    Posted 6 years ago #

    Would this have anything to do with the last update? Because the last version was released 5 days ago.

    # Version: 0.7
    # Other Versions ยป
    # Last Updated: 2010-4-16

  5. WP Voyager
    Posted 6 years ago #

    Make sure the AntiVirus plugin scanned the files being included. If the files listed are clean, then there is no reason to be alarmed. From what I understand about this plugin, it considers include statements to be potentially malicious (which they can be!). As long as you know that the file being included is safe, you can reasonably conclude that it is a false positive.

    Hope this helps you!

  6. Ted Nicols
    Posted 5 years ago #

    I'm looking for good antivirus download free. Had similar problem. It always takes a lot of RAM when using Mozilla during the scan, works a little better with other browsers.

Topic Closed

This topic has been closed to new replies.

About this Topic