False Positive? ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

  • Resolved susansiow

    (@susansiow)


    4 years, 5 months ago

    Hi BPS,

    Greetings.

    I’ve received a virus alert email from my web host and below is the main content:

    ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]’: /../wp-content/bps-backup/logs/security-log.zip

    Referring to this thread – https://forum.ait-pro.com/forums/topic/security-log-has-virus-in-it/ , my site’s ‘Do Not Log POST Request Body Data’ option is ticked, so I am wondering what is causing the zip a virus concern.

    Please advise, thank you!

    Regards,
    Susan

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author AITpro

    (@aitpro)

    The Security Log is a plain text file that logs blocked attacks against your website. So one or more of those logged attacks must have included something that ClamAV detected as suspicious or malicious. False positives are pretty common with all malware scanners unfortunately. That is a limitation of all malware scanners. You can disregard this false positive alert email.

    Thread Starter susansiow

    (@susansiow)

    Thank you, stay safe and happy Sunday!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘False Positive? ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]’ is closed to new replies.