• Closed
  • Hartwig Hackmann
    Spectator
    10.03.2016 at 16:52 #25249

    the upload via FTP was canceled
    with the following message:

    Mar 10 14:14:31 dd35720 proftpd[4824]: 85.13.152.173 (84.63.165.251[84.63.165.251]) – mod_clamav/0.11: Virus ‘Html.Exploit.CVE_2016_0108’ found in ‘/www/htdocs/w0145e57/coburgerreihe/wp-content/themes/alora/style.css’

    Alora is orig zip from downloaded
    then unpacked.
    tried then upload it via ftp

    What can I do?

    Denzel Chia
    Moderator
    Posts: 2656
    11.03.2016 at 01:28 #25257

    Hi,

    Are you using the ClamX AntiVirus on Mac?
    I am using Bitdefender Virus Scanner, and I am not able to find any virus.

    This is my reply.
    https://theme4press.com/support/topic/clamx-antivirus-on-mac-found-this-infection-in-alora-zip-file/

    Thank you

    Denzel Chia
    Moderator
    Posts: 2656
    11.03.2016 at 01:36 #25259

    I have found this thread on WordPress forum.
    https://wordpress.org/support/topic/malware-warning-on-web-host?replies=18#post-8137844
    Another article.
    http://askubuntu.com/questions/743917/clamav-scan-found-the-virus-html-exploit-cve-2016-0108

    This is a false positive from ClamX AntiVirus, it’s assuming css file code as malware.

    Thank you.

    Denzel Chia
    Moderator
    Posts: 2656
    11.03.2016 at 01:42 #25260

    Found another related article. ClamX antivirus claiming there is malware in WP Fastest Cache’s css files
    https://wordpress.org/support/topic/malware-attack-6?replies=3#post-8136473

    Yes, this is a false positive, ClamX antivirus is assuming css code as malware.

    Thank you.

    Roman
    Spectator
    Posts: 3147
    11.03.2016 at 08:11 #25266

    I’ve run a scan with Panda Antivirus and see no issue, too