Title: Possible malware in controller.php
Last modified: April 26, 2023

---

# Possible malware in controller.php

 *  Resolved [stephaniebruening](https://wordpress.org/support/users/stephaniebruening/)
 * (@stephaniebruening)
 * [3 years, 1 month ago](https://wordpress.org/support/topic/possible-malware-in-controller-php/)
 * Hello,
 * is it possible that there is malware in the duplicator (free version) controller.
   php file?
 * When I create a backup using duplicator and try to save it to my PC my Avast 
   Virus scanner aborts the download and tells me about a malware detection (trojan)
   in the controller.php file.
 * Is this a security issue the duplicator team knows about and is there a possibility
   to find out if the site or the backup is infected? Are there any solutions or
   measures to take now? Thanks so much for your help.
 * Regards Stephanie

Viewing 5 replies - 1 through 5 (of 5 total)

 *  Plugin Support [mohammedeisa](https://wordpress.org/support/users/mohammedeisa/)
 * (@mohammedeisa)
 * [3 years, 1 month ago](https://wordpress.org/support/topic/possible-malware-in-controller-php/#post-16692231)
 * Hi [@stephaniebruening](https://wordpress.org/support/users/stephaniebruening/),
 * Thanks for reaching out to Duplicator support!
 * This is not a security issue with Duplicator and this is a false alert from the
   antivirus.
 * If you prefer to help us investigate this, please provide us the antivirus log
   file so that we can check it.
 * You may upload the antivirus log file to an uploading platform and share the 
   file link in your next reply.
 * Thanks!
 *  Thread Starter [stephaniebruening](https://wordpress.org/support/users/stephaniebruening/)
 * (@stephaniebruening)
 * [3 years, 1 month ago](https://wordpress.org/support/topic/possible-malware-in-controller-php/#post-16692733)
 * Hi [@mohammedeisa](https://wordpress.org/support/users/mohammedeisa/),
 * thanks for your reply.
 * I can share the info from the logfile from Avast. I copied the path and provided
   info because the file contains other personal data that I probably shouldn’t 
   share in a forum?
 * … archive.zip|>vorschau\wp-content\plugins\duplicator\views\packages\details\
   controller.php [L] Other:Malware-gen [Trj](https://wordpress.org/support/topic/possible-malware-in-controller-php/0?output_format=md)
 * That is the only thing that is reported in the log file. If I can provide any
   further data to the duplicator team only, please let me know. I would like the
   help solve the problem.
 * Thanks so much, regards Stephanie
 *  Plugin Support [mohammedeisa](https://wordpress.org/support/users/mohammedeisa/)
 * (@mohammedeisa)
 * [3 years ago](https://wordpress.org/support/topic/possible-malware-in-controller-php/#post-16715350)
 * Hi [@stephaniebruening](https://wordpress.org/support/users/stephaniebruening/),
 * Yes, please don’t post any personal data in this forum.
 * You could contact Duplicator Support to investigate this issue:
   [https://duplicator.com/contact/?form=1](https://duplicator.com/contact/?form=1)
 * Thanks!
 *  Plugin Support [mohammedeisa](https://wordpress.org/support/users/mohammedeisa/)
 * (@mohammedeisa)
 * [3 years ago](https://wordpress.org/support/topic/possible-malware-in-controller-php/#post-16740091)
 * Hi [@stephaniebruening](https://wordpress.org/support/users/stephaniebruening/),
 * I’m closing this ticket for inactivity. Please don’t hesitate to contact us in
   a[ new ticket](https://wordpress.org/support/plugin/duplicator/) if you need 
   any help with Duplicator.
 * Thanks! 
 *  [preray](https://wordpress.org/support/users/preray/)
 * (@preray)
 * [3 years ago](https://wordpress.org/support/topic/possible-malware-in-controller-php/#post-16761137)
 * Today I got the same prompt from Avast, after installing a backup locally: “Malware-
   gen [Trj]” in controller.php. It has been moved into quarantine.
   Duplicator Version
   1.5.1
 * The migration process seems to be successful nontheless.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Possible malware in controller.php’ is closed to new replies.

 * ![](https://ps.w.org/duplicator/assets/icon-256x256.png?rev=2906985)
 * [Duplicator - Backups & Migration Plugin - Cloud Backups, Scheduled Backups, & More](https://wordpress.org/plugins/duplicator/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/duplicator/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/duplicator/)
 * [Active Topics](https://wordpress.org/support/plugin/duplicator/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/duplicator/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/duplicator/reviews/)

## Tags

 * [security issue](https://wordpress.org/support/topic-tag/security-issue/)
 * [trojan](https://wordpress.org/support/topic-tag/trojan/)

 * 5 replies
 * 3 participants
 * Last reply from: [preray](https://wordpress.org/support/users/preray/)
 * Last activity: [3 years ago](https://wordpress.org/support/topic/possible-malware-in-controller-php/#post-16761137)
 * Status: resolved