Support » Plugin: EWWW Image Optimizer » Virus found in cwebp-linux and file renamed by provider

  • Resolved _Flo_

    (@_flo_)



    Hi,
    i got this message from the provider:

    Virus “Unix.Malware.Agent-1760567” found in file “…/wp-content/plugins/ewww-image-optimizer/binaries/cwebp-linux”

    The file was then automatically renamed.

    Of course i think there is no virus and it is a false positive.

    But is this file important to the functionality of the plugin? I mean, guessed by the name is it only necessary for webp? …which i don´t use, so it´s fine for me at the moment without that file?

    Thx.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author nosilver4u

    (@nosilver4u)

    Yeah, those binaries are direct from Google, but only needed for webp functionality. I’m a bit tired of dealing with clamav, so if someone else wants to bug them about this one, feel free.

    Plugin Author nosilver4u

    (@nosilver4u)

    Slight correction, the source code is direct from Google, but that particular binary I compiled myself, so I know it is unmodified.

    @nosilver4u

    The many fun issues of ClamAV lol.

    One site I manage has been taken down by hosting company because of this. So it has been confirmed to be false positive?

    Plugin Author nosilver4u

    (@nosilver4u)

    Confirmed by me, the author, but not by clamav yet. They take a few days, at least, to fix the definitions.

    I had the same issue, but somehow blocking the update has also made me unable to save any post with images in it. Even with Ewww disabled.

    Is there some mod made to WP’s core files that could have caused this? Problem only started after the pulled update and disabling all plugins does not resolve the issue.

    Plugin Author nosilver4u

    (@nosilver4u)

    EWWW does not modify WP core files, ever. If you still have problems after disabling EWWW, it is either a caching problem, or your problem is unrelated to EWWW.

    Plugin Author nosilver4u

    (@nosilver4u)

    Clamav has released updated definitions, if anyone is still seeing this message, it is because your server hasn’t updated yet.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Virus found in cwebp-linux and file renamed by provider’ is closed to new replies.