Hey there,

I think these are "false positive" reports. Both these files are responsible to push updates to Twitter and LinkedIn respectively. Perhaps the code that was written caused these scanners to think that these are blackhat SEO practices (Not really sure about that). Could you check with the scanner further and see if it contains any further clarification for these reports?

https://kb.sucuri.net/malware/signatures/php.spam-seo.gen.007

Hey there,

Sorry for the delay of this reply, got a little occupied with tons of development works earlier on. Hm, to be honest with you, this page doesn't actually clarify why or how it is being detected but I really don't think this is something that you should be worried about because the file is pretty much clean and I am presuming that this is just a false positive report.

Perhaps if you can get in touch with the guys from sucuri and just re-confirm that this is just a false positive report?

I just had the same issue with a Sucuri scan and they said the files were infected. Please advise.

Hi Adam,

I've replied to your inquiry here, http://stackideas.com/forums/getting-a-malware-positive-on-easyblog . Let's proceed from there shall we?

Sucuri has confirmed that the files were NOT infected. I whitelisted the file paths in our Sucuri panel.

Thanks for sharing this Adam! By the way, can you ask them why is these files marked as false positive? What are the patterns involved in their scanning so that we can try to prevent this in the future.