Tips and Tricks HQ Support

Support site for Tips and Tricks HQ premium products

eStore – Exploit Scanner found threats

by

Tips and Tricks HQ Support Portal Forums WP eStore Forum WP eStore Troubleshooting eStore – Exploit Scanner found threats

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • July 17, 2012 at 3:31 pm #6908
    pixelmommy
    Member

    Hi! I just tried to post this in the general forum and it appears in the list, but when you click it the page is completely blank.

    So I’m reposting:

    Due to site visitors reporting a trojan alert from their AV programs AND AVG blacklisting my site for the Blackhole Exploit, I downloaded and ran the WP Exploit Scanner.

    It found threats all over the wp-cart-for-digital-download install, related to base-64-decode. The scanner feels this is malicious.

    Please help!

    July 17, 2012 at 3:42 pm #47412
    wzp
    Moderator

    Maybe this will help.

    http://wordpress.org/support/topic/blackhole-exploit-kit-how-to-remove-it

    Remember, the exploit scanner plugin simply looks for certain strings and tells you that it is a threat. It doesn’t have the knowledge to understand if it is truly a threat or not so it gives a lot of false alarms.

    July 17, 2012 at 3:59 pm #47413
    pixelmommy
    Member

    Both myself and my web host have ran extensive tests and nothing comes up. It is only the Exploit Scanner and AVG that show anything. As far st the Exploit Scanner, does this cart plugin use the base-64-decode legitimately? Could it be a false positive?

    I have taken all the steps in the topic you listed and again, come up with nothing on my end except for the results in the Exploit Scanner plugin.

    July 17, 2012 at 5:59 pm #47414
    wzp
    Moderator

    Base 64 encoding is legitimately used by eStore.

    The concern here, is that you stated your site has been blacklisted, which is a complaint that none of our other users have voiced. You therefore need to carefully inspect your own particular site, to ensure that it is not doing anything it isn’t supposed to be doing; and then take up the matter with the service that has blacklisted your site.

    July 17, 2012 at 6:48 pm #47415
    pixelmommy
    Member

    Understood. As I stated, my site has been deemed clean by my webhost. I put in a request to AVG to whitelist the site and will await their response. I just wanted to verified that base 64 encoding was legitimately used by eStore, so I could rule out the results from the Exploit Scanner as a false positive or not. If you had said base 64 was not used, then that would have been cause for alarm, to see all those files with the encoding :)

    Thank you for the clarification.

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.