[wp-hackers] PHPmailer + Avira = Virus?

Adam Backstrom adam at sixohthree.com
Wed Apr 14 18:09:42 UTC 2010

Avira has been overly sensitive in my experience. I can name three past
false positives, including a heuristics check that flagged the simple string
"worm generator" inside a script tag. (In the case in question, "worm
generator" wasn't even the exact phrase. There were characters in between
the words.)

On Wed, Apr 14, 2010 at 12:32, Jacob Santos <wordpress at santosj.name> wrote:

> This is located in class-phpmailer.php and will be recognized by Avira as
> part of its detection patterns[1]. This appears to be a false positive and
> might be safely ignored. If anyone knows what Avira is thinking or why Avira
> would want to flag the file, then please let me know.
> If information has already been sent to the "security" mailing list, then
> can this information please be sent as to whether it is an actual false
> positive or if it is something that will be fixed within the next few days.
> No information is given on Avira web site, and the file appears to be normal
> with no code that appears to be bad.
> [1]
> http://www.avira.com/en/threats/section/vdfhistory/ivdf_no/ PHP/mailsend.100
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

Adam Backstrom
adam at sixohthree.com

More information about the wp-hackers mailing list