TotalVirus: infected plugin?

American$ was going to install some plugins.
Downloaded via WordPress site and uploaded to.
I tested a few of them and two came back showing infected. They may be false-positive. Figured this would be a good topic to bring into a discussion. Curious how this would have affected my overall sight. When you install a plug-in it is accessible, and can gain access, to everything contained within and under that URL, correct? Whether you use a subdomain and/or subfolders there is no real isolation, from being infected, One would have to isolate by creating a whole new URL attached with a new site on the server, correct?

Thanks to all

I personally have never heard about “Rising”, so you could say it may be a false positive

However, I see “Kaspersky” here, which is one of the most popular antiviruses(and one of them that i trust), you should proceed with extreme caution


Taking advice by an entity named Spooky?
Sorry, Spooky but Daddy don’t Allow!
And we don’t want to provoke Daddy, he crazy!

So you would proceed?
Do you use this product?
Do you have a site up and running?

Read carefully

If file is really infected, you would be protected by this

Take note litespeed plugin will not work well on free hosting


So allow me to reiterate, and make sure that American$ has this straight. Every file is in one of two places htdoc., and because of this, your website would be protected, due to the fact you stated, “If file is really infected, you would be protected by this”, correct?

Also, “Lightspeed does not work well on free hosting”, could you provide a quick reason why, please?

No idea what you are talking about

See this


We were told that lightspeed plugin doesn’t work well with free accounts.

Are there any others that are known to not work well with the free Legacy accounts?

Please read this thread. It will provide some clues


The Litespeed Cache thing may be a false positive, as it could just be a legitimate plugin. But the “” file is flagged by four different anti virus scanners. And I don’t know where that zip file is from.

The file “” sounds as legitimate as a file called “”. As in: it could very well be pro hacker.

Not necessarily. Our filters are more targeted towards filtering phishing sites and other malicious website activities rather than malicious downloadable files.


We can say 3 instead of 4
because the older version of ZoneAlarm (the one we see on virustotal) uses the Kaspersky AV engine, so it is the same product that is in the official Kaspersky AV and the names of the malware are the same.
While the newer version of ZA gave up on it like many other companies due to distrust in Kaspersky (doubts that the russian regime controls that too).


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.