Each scan report shows a list of suspicious files with a risk score and findings.
What You Will See
1. File path
2. Category
3. Risk score
4. Findings or reasons the file was flagged
5. Actions such as view, quarantine, download, or whitelist
Common Findings
1. Suspicious PHP functions
2. Encoded or obfuscated code
3. Core checksum mismatch
4. Plugin checksum mismatch
5. Recently modified file
6. Suspicious filename pattern
7. Dangerous code injection markers
Best Practice
1. Do not delete a file only because it was flagged.
2. Review the file contents first.
3. Compare the file against a clean source when possible.
4. Use quarantine when you need to disable a risky file quickly.
5. View A Suspicious File
1. In the results table, click the `View` button on a flagged file.
2. Review the contents in the built-in viewer.
3. Look for unfamiliar code, encoded blocks, unexpected redirects, injected JavaScript, or shell-like behavior.
4. If the file is clearly malicious, quarantine it.
5. If the file is safe but custom, add it to the whitelist.
6. Quarantine A Suspicious File
1. In the `Scanner` tab, find the flagged file.
2. Click the quarantine button.
3. Confirm the action.
4. The plugin moves the file into the quarantine folder and renames it so it cannot execute normally.
5. Open the `Quarantine` tab to review quarantined files.
In The Quarantine Tab You Can
1. Restore a file
2. Download a quarantined file
3. View its contents
4. Permanently delete it
Important Note
Always confirm that a file is malicious before deleting it permanently.
7. Whitelist A Safe File
1. In the `Scanner` tab, click the `Whitelist` action for a known safe file.
2. The file will be skipped in future scans.
3. To manage whitelisted files, open the `Whitelist` tab.
4. You can remove entries from the whitelist at any time.
5. You can also manually add a relative file path from the `Whitelist` tab.