Hi
Siteground's malware scanner detected 'suspicious code' in a GeoIP file composer.phar . They have gone on to say it is BASE64 code (means nothing to me, I think).
The coding contains many characters that are question marks in a black diamond, at the top and at the bottom of the page. Research suggests it is to do with encoding, and if I change from MacOSX 'default" to (forget offhand but think changing the browser setting to Western Mac OS Roman or possibly UTF-8) the question marks contain other 'normal' characters, but still seemingly random.
The file date is the same as the original install.
If this sounds like the incomplete installation situation that is described in Admin Tools documentaion for AKGeoIP, the self-check feature, then I will just re-install on top and see what happens.
If not, then can you please suggest what to do?
The file path is plugins/system/akgeoip/lib/composer.phar
The strange code starts
_ HALT _ COMPILER ( ) ; ?>
?oX
composer . pharsrc / bootstrap . php?K??S???2??src / Composer....... [followed by 30 or so lines of similar]
and ends
d | ??? | ?
??? B ? GBMB
please note that question marks are white in a black diamond and I have added some extra character spaces just in case (just to be safe).
Thanks for any suggestions on what to do.
Robin
Siteground's malware scanner detected 'suspicious code' in a GeoIP file composer.phar . They have gone on to say it is BASE64 code (means nothing to me, I think).
The coding contains many characters that are question marks in a black diamond, at the top and at the bottom of the page. Research suggests it is to do with encoding, and if I change from MacOSX 'default" to (forget offhand but think changing the browser setting to Western Mac OS Roman or possibly UTF-8) the question marks contain other 'normal' characters, but still seemingly random.
The file date is the same as the original install.
If this sounds like the incomplete installation situation that is described in Admin Tools documentaion for AKGeoIP, the self-check feature, then I will just re-install on top and see what happens.
If not, then can you please suggest what to do?
The file path is plugins/system/akgeoip/lib/composer.phar
The strange code starts
_ HALT _ COMPILER ( ) ; ?>
?oX
composer . pharsrc / bootstrap . php?K??S???2??src / Composer....... [followed by 30 or so lines of similar]
and ends
d | ??? | ?
??? B ? GBMB
please note that question marks are white in a black diamond and I have added some extra character spaces just in case (just to be safe).
Thanks for any suggestions on what to do.
Robin
